English
Related papers

Related papers: EDEFuzz: A Web API Fuzzer for Excessive Data Expos…

200 papers

REST APIs are widely used in industry, in all different kinds of domains. An example is Volkswagen AG, a German automobile manufacturer. Established testing approaches for REST APIs are time consuming, and require expertise from…

Software Engineering · Computer Science 2026-04-03 Andrea Arcuri , Alexander Poth , Olsi Rrjolli , Philip Garrett , Juan P. Galeotti

The Resource Public Key Infrastructure (RPKI) has become essential to secure inter-domain routing. Despite its critical role, RPKI software remains largely untested beyond shallow parsing. Existing fuzzers, like AFL++ or libFuzzer, do not…

Cryptography and Security · Computer Science 2026-05-27 Haya Schulmann , Niklas Vogel

EOSIO is one typical public blockchain platform. It is scalable in terms of transaction speeds and has a growing ecosystem supporting smart contracts and decentralized applications. However, the vulnerabilities within the EOSIO smart…

Software Engineering · Computer Science 2020-08-07 Yuhe Huang , Bo Jiang , W. K. Chan

Privacy leakage in AI-based decision processes poses significant risks, particularly when sensitive information can be inferred. We propose a formal framework to audit privacy leakage using abductive explanations, which identifies minimal…

Artificial Intelligence · Computer Science 2025-11-14 Belona Sonna , Alban Grastien , Claire Benn

Recently, many Deep Learning fuzzers have been proposed for testing of DL libraries. However, they either perform unguided input generation (e.g., not considering the relationship between API arguments when generating inputs) or only…

Cryptography and Security · Computer Science 2023-12-27 Nima Shiri Harzevili , Mohammad Mahdi Mohajer , Moshi Wei , Hung Viet Pham , Song Wang

As cloud computing becomes prevalent in recent years, more and more enterprises and individuals outsource their data to cloud servers. To avoid privacy leaks, outsourced data usually is encrypted before being sent to cloud servers, which…

Cryptography and Security · Computer Science 2019-06-24 Jinkun Cao , Jinhao Zhu , Liwei Lin , Zhengui Xue , Ruhui Ma , Haibing Guan

The same defect can be rediscovered by multiple clients, causing unplanned outages and leading to reduced customer satisfaction. In the case of popular open source software, high volume of defects is reported on a regular basis. A large…

Software Engineering · Computer Science 2017-06-14 Mefta Sadat , Ayse Basar Bener , Andriy V. Miranskyy

In this paper we introduce AFFDEX 2.0 - a toolkit for analyzing facial expressions in the wild, that is, it is intended for users aiming to; a) estimate the 3D head pose, b) detect facial Action Units (AUs), c) recognize basic emotions and…

Computer Vision and Pattern Recognition · Computer Science 2022-11-03 Mina Bishay , Kenneth Preston , Matthew Strafuss , Graham Page , Jay Turcot , Mohammad Mavadati

Application authentication is typically performed using some form of secret credentials such as cryptographic keys, passwords, or API keys. Since clients are responsible for securely storing and managing the keys, this approach is…

Cryptography and Security · Computer Science 2022-11-24 Mihai Christodorescu , Maliheh Shirvanian , Shams Zawoad

Patch fuzzing is a technique aimed at identifying vulnerabilities that arise from newly patched code. While researchers have made efforts to apply patch fuzzing to testing JavaScript engines with considerable success, these efforts have…

Cryptography and Security · Computer Science 2025-05-02 Junjie Wang , Yuhan Ma , Xiaofei Xie , Xiaoning Du , Xiangwei Zhang

Event detection (ED) identifies and classifies event triggers from unstructured texts, serving as a fundamental task for information extraction. Despite the remarkable progress achieved in the past several years, most research efforts focus…

Computation and Language · Computer Science 2022-11-28 Xiangyu Xi , Jianwei Lv , Shuaipeng Liu , Wei Ye , Fan Yang , Guanglu Wan

Graph algorithms, such as shortest path finding, play a crucial role in enabling essential applications and services like infrastructure planning and navigation, making their correctness important. However, thoroughly testing graph…

Software Engineering · Computer Science 2025-02-24 Wenqi Yan , Manuel Rigger , Anthony Wirth , Van-Thuan Pham

The proliferation of fake news has emerged as a significant threat to the integrity of information dissemination, particularly on social media platforms. Misinformation can spread quickly due to the ease of creating and disseminating…

Computation and Language · Computer Science 2024-10-04 Mesay Gemeda Yigezu , Melkamu Abay Mersha , Girma Yohannis Bade , Jugal Kalita , Olga Kolesnikova , Alexander Gelbukh

Network applications are routinely under attack. We consider the problem of developing an effective and efficient fuzzer for the recently ratified QUIC network protocol to uncover security vulnerabilities. QUIC offers a unified transport…

Cryptography and Security · Computer Science 2025-03-26 Kian Kai Ang , Damith C. Ranasinghe

Software vulnerabilities represent one of the most pressing threats to computing systems. Identifying vulnerabilities in source code is crucial for protecting user privacy and reducing economic losses. Traditional static analysis tools rely…

Software Engineering · Computer Science 2024-10-25 Zhonghao Jiang , Weifeng Sun , Xiaoyan Gu , Jiaxin Wu , Tao Wen , Haibo Hu , Meng Yan

The implementation of complex software systems usually depends on low-level frameworks or third-party libraries. During their evolution, the APIs adding and removing behaviors may cause unexpected compatibility problems. So, precisely…

Software Engineering · Computer Science 2024-01-08 Jiwei Yan , Jinhao Huang , Hengqin Yang , Jun Yan

Modern Web APIs allow developers to provide extensively customized experiences for website visitors, but the richness of the device information they provide also make them vulnerable to being abused to construct browser fingerprints,…

Cryptography and Security · Computer Science 2024-03-26 Enrico Bacis , Igor Bilogrevic , Robert Busa-Fekete , Asanka Herath , Antonio Sartori , Umar Syed

A large number of URLs are made public by various platforms for security analysis, archiving, and paste sharing -- such as VirusTotal, URLScan.io, Hybrid Analysis, the Wayback Machine, and RedHunt. These services may unintentionally expose…

Cryptography and Security · Computer Science 2026-02-26 Tarek Ramadan , AbdelRahman Abdou , Mohammad Mannan , Amr Youssef

Code reuse in software development frequently facilitates the spread of vulnerabilities, making the scope of affected software in CVE reports imprecise. Traditional methods primarily focus on identifying reused vulnerability code within…

Software Engineering · Computer Science 2024-11-28 Siyuan Li , Yuekang Li , Zuxin Chen , Chaopeng Dong , Yongpan Wang , Hong Li , Yongle Chen , Hongsong Zhu

Ensuring the security and reliability of machine learning frameworks is crucial for building trustworthy AI-based systems. Fuzzing, a popular technique in secure software development lifecycle (SSDLC), can be used to develop secure and…

Cryptography and Security · Computer Science 2024-12-24 Ilya Yegorov , Eli Kobrin , Darya Parygina , Alexey Vishnyakov , Andrey Fedotov
‹ Prev 1 4 5 6 7 8 10 Next ›