English
Related papers

Related papers: Improving Java Deserialization Gadget Chain Mining…

200 papers

Deepfake detectors are typically trained on large sets of pristine and generated images, resulting in limited generalization capacity; they excel at identifying deepfakes created through methods encountered during training but struggle with…

Computer Vision and Pattern Recognition · Computer Science 2024-03-21 Davide Alessandro Coccomini , Roberto Caldelli , Claudio Gennaro , Giuseppe Fiameni , Giuseppe Amato , Fabrizio Falchi

Directed greybox fuzzing (DGF) focuses on efficiently reaching specific program locations or triggering particular behaviors, making it essential for tasks like vulnerability detection and crash reproduction. However, existing methods often…

Cryptography and Security · Computer Science 2025-05-07 Hanxiang Xu , Yanjie Zhao , Haoyu Wang

Numerous methods for crafting adversarial examples were proposed recently with high success rate. Since most existing machine learning based classifiers normalize images into some continuous, real vector, domain firstly, attacks often craft…

Machine Learning · Computer Science 2020-04-28 Lei Bu , Yuchao Duan , Fu Song , Zhe Zhao

Java projects frequently rely on package managers such as Maven to manage complex webs of external dependencies. While these tools streamline development, they also introduce subtle risks to the software supply chain. In this paper, we…

Cryptography and Security · Computer Science 2025-10-31 Frank Reyes , Federico Bono , Aman Sharma , Benoit Baudry , Martin Monperrus

Modern software development reuses code by importing libraries as dependencies. Software projects typically include an average of 36 dependencies, with 80% being transitive, meaning they are dependencies of dependencies. Recent research…

Software Engineering · Computer Science 2025-10-24 Jonas Klauke , Tom Ohlmer , Stefan Schott , Serena Elisa Ponta , Wolfram Fischer , Eric Bodden

Fuzzing is a widely used software security testing technique that is designed to identify vulnerabilities in systems by providing invalid or unexpected input. Continuous fuzzing systems like OSS-FUZZ have been successful in finding security…

Cryptography and Security · Computer Science 2023-07-04 Chaitanya Rahalkar

The device fingerprinting technique extracts fingerprints based on the hardware characteristics of the device to identify the device. The primary goal of device fingerprinting is to accurately and uniquely identify a device, which requires…

Cryptography and Security · Computer Science 2023-10-12 Dawei Li , Di Liu , Yangkun Ren , Ziyi Wang , Yu Sun , Zhenyu Guan , Qianhong Wu , Jianwei Liu

In recent years, there has been significant growth in the commercial applications of generative models, licensed and distributed by model developers to users, who in turn use them to offer services. In this scenario, there is a need to…

Computer Vision and Pattern Recognition · Computer Science 2023-11-10 Jianwei Fei , Zhihua Xia , Benedetta Tondi , Mauro Barni

The increasing complexity of modern processor and IP designs presents significant challenges in identifying and mitigating hardware flaws early in the IC design cycle. Traditional hardware fuzzing techniques, inspired by software testing,…

Cryptography and Security · Computer Science 2025-01-03 Raghul Saravanan , Sreenitha Kasarapu , Sai Manoj Pudukotai Dinakarrao

Today, most automated test generators, such as search-based software testing (SBST) techniques focus on achieving high code coverage. However, high code coverage is not sufficient to maximise the number of bugs found, especially when given…

Software Engineering · Computer Science 2021-09-28 Anjana Perera , Aldeida Aleti , Marcel Böhme , Burak Turhan

Tool-augmented LLM agents increasingly rely on multi-step, multi-tool workflows to complete real tasks. This design expands the attack surface, because data produced by one tool can be persisted and later reused as input to another tool,…

Software Engineering · Computer Science 2026-03-16 Jiangrong Wu , Zitong Yao , Yuhong Nan , Zibin Zheng

Softwarization and virtualization in 5G and beyond require rigorous testing against vulnerabilities and unintended emergent behaviors for critical infrastructure and network security assurance. Formal methods operates efficiently in…

Cryptography and Security · Computer Science 2023-07-13 Jingda Yang , Ying Wang

IoT device identification is the process of recognizing and verifying connected IoT devices to the network. This is an essential process for ensuring that only authorized devices can access the network, and it is necessary for network…

Machine Learning · Computer Science 2023-07-19 Anahita Namvar , Chandra Thapa , Salil S. Kanhere

JavaScript obfuscators are widely deployed to protect intellectual property and resist reverse engineering, yet their correctness has been largely overlooked compared to performance and resilience. Existing evaluations typically measure…

Software Engineering · Computer Science 2026-03-03 Shan Jiang , Chenguang Zhu , Sarfraz Khurshid

Machine learning models are notoriously difficult to interpret and debug. This is particularly true of neural networks. In this work, we introduce automated software testing techniques for neural networks that are well-suited to discovering…

Machine Learning · Statistics 2018-07-31 Augustus Odena , Ian Goodfellow

Deep learning models have gained popularity for conducting various tasks involving source code. However, their black-box nature raises concerns about potential risks. One such risk is a poisoning attack, where an attacker intentionally…

Cryptography and Security · Computer Science 2025-03-18 Ehab Ghannoum , Mohammad Ghafari

The explosive growth of mini-game platforms has led to widespread code plagiarism, where malicious users access popular games' source code and republish them with modifications. While existing static analysis tools can detect simple…

Cryptography and Security · Computer Science 2025-08-05 Zhihao Li , Chaozheng Wang , Zongjie Li , Xinyong Peng , Qun Xia , Haochuan Lu , Ting Xiong , Shuzheng Gao , Cuiyun Gao , Shuai Wang , Yuetang Deng , Huafeng Ma

Fuzzing is a technique of finding bugs by executing a software recurrently with a large number of abnormal inputs. Most of the existing fuzzers consider all parts of a software equally, and pay too much attention on how to improve the code…

Cryptography and Security · Computer Science 2019-01-07 Yuwei Li , Shouling Ji , Chenyang Lv , Yuan Chen , Jianhai Chen , Qinchen Gu , Chunming Wu

The wide acceptance of Internet of Things (IoT) for both household and industrial applications is accompanied by several security concerns. A major security concern is their probable abuse by adversaries towards their malicious intent.…

Cryptography and Security · Computer Science 2020-05-18 Ahmed Abusnaina , Mohammed Abuhamad , Hisham Alasmary , Afsah Anwar , Rhongho Jang , Saeed Salem , DaeHun Nyang , David Mohaisen

Fuzzing has become a commonly used approach to identifying bugs in complex, real-world programs. However, interpreters are notoriously difficult to fuzz effectively, as they expect highly structured inputs, which are rarely produced by most…

Cryptography and Security · Computer Science 2023-04-06 Christopher Salls , Chani Jindal , Jake Corina , Christopher Kruegel , Giovanni Vigna