English
Related papers

Related papers: LibAM: An Area Matching Framework for Detecting Th…

200 papers

Microarchitectural side channels expose unprotected software to information leakage attacks where a software adversary is able to track runtime behavior of a benign process and steal secrets such as cryptographic keys. As suggested by…

Cryptography and Security · Computer Science 2023-04-25 Jan Wichelmann , Ahmad Moghimi , Thomas Eisenbarth , Berk Sunar

Generative Artificial Intelligence models, such as Large Language Models (LLMs) and Large Vision Models (VLMs), exhibit state-of-the-art performance but remain vulnerable to hardware-based threats, specifically bit-flip attacks (BFAs).…

Cryptography and Security · Computer Science 2025-12-11 Khurram Khalil , Khaza Anuarul Hoque

The proliferation of Internet of Things (IoT) devices has introduced significant security challenges, primarily due to the opacity of firmware components and the complexity of supply chain dependencies. IoT firmware frequently relies on…

Cryptography and Security · Computer Science 2026-01-06 Abdurrahman Tolay

Developers usually use TPLs to facilitate the development of the projects to avoid reinventing the wheels, however, the vulnerable TPLs indeed cause severe security threats. The majority of existing research only considered whether projects…

Software Engineering · Computer Science 2024-09-05 Fangyuan Zhang , Lingling Fan , Sen Chen , Miaoying Cai , Sihan Xu , Lida Zhao

Background: Leaking sensitive information - such as API keys, tokens, and credentials - in source code remains a persistent security threat. Traditional regex and entropy-based tools often generate high false positives due to limited…

Software Engineering · Computer Science 2025-07-29 Md Nafiu Rahman , Sadif Ahmed , Zahin Wahab , S M Sohan , Rifat Shahriyar

A fundamental problem in cybersecurity and computer science is determining whether a program is free of bugs and vulnerabilities. Fuzzing, a popular approach to discovering vulnerabilities in programs, has several advantages over…

Cryptography and Security · Computer Science 2026-01-27 Ian Hardgrove , John D. Hastings

Large language models (LLMs) are increasingly deployed in safety and security critical applications, raising concerns about their robustness to model parameter fault injection attacks. Recent studies have shown that bit-flip attacks (BFAs),…

Cryptography and Security · Computer Science 2026-02-23 Jingkai Guo , Chaitali Chakrabarti , Deliang Fan

Binary analysis plays a pivotal role in security domains such as malware detection and vulnerability discovery, yet it remains labor-intensive and heavily reliant on expert knowledge. General-purpose large language models (LLMs) perform…

Cryptography and Security · Computer Science 2025-05-23 Guoqiang Chen , Huiqi Sun , Daguang Liu , Zhiqi Wang , Qiang Wang , Bin Yin , Lu Liu , Lingyun Ying

As emerging attacks increasingly target Industrial Control Systems (ICS), the security of Programmable Logic Controllers (PLCs) has become a critical concern. Binary Code Analysis (BCA), which enables analysts to understand compiled…

Software Engineering · Computer Science 2026-05-21 Ang Jia , Yaxin Duan , He Jiang , Zhenzhou Tian , Zhilei Ren , Xiaochen Li

Enforcing open source licenses such as the GNU General Public License (GPL), analyzing a binary for possible vulnerabilities, and code maintenance are all situations where it is useful to be able to determine the source code provenance of a…

Cryptography and Security · Computer Science 2017-11-03 Dhaval Miyani , Zhen Huang , David Lie

Modern software systems are increasingly dependent on third-party libraries. It is widely recognized that using mature and well-tested third-party libraries can improve developers' productivity, reduce time-to-market, and produce more…

Software Engineering · Computer Science 2016-12-07 Mohamed Aymen Saied , Ali Ouni , Houari Sahraoui , Raula Gaikovina Kula , Katsuro Inoue , David Lo

Binary code analysis allows analyzing binary code without having access to the corresponding source code. A binary, after disassembly, is expressed in an assembly language. This inspires us to approach binary analysis by leveraging ideas…

Software Engineering · Computer Science 2018-12-18 Fei Zuo , Xiaopeng Li , Patrick Young , Lannan Luo , Qiang Zeng , Zhexin Zhang

Android applications (apps) integrate reusable and well-tested third-party libraries (TPLs) to enhance functionality and shorten development cycles. However, recent research reveals that TPLs have become the largest attack surface for…

Cryptography and Security · Computer Science 2025-06-19 Bolin Zhou , Jingzheng Wu , Xiang Ling , Tianyue Luo , Jingkun Zhang

Binary code analysis plays a pivotal role in various software security applications, such as software maintenance, malware detection, software vulnerability discovery, patch analysis, etc. However, unlike source code, understanding binary…

Software Engineering · Computer Science 2024-10-25 Xiuwei Shang , Shaoyin Cheng , Guoqiang Chen , Yanming Zhang , Li Hu , Xiao Yu , Gangyang Li , Weiming Zhang , Nenghai Yu

Visual Programming Languages (VPLs), coupled with the high-level abstractions that are commonplace in visual programming environments, enable users with less technical knowledge to become proficient programmers. However, the lower skill…

Software Engineering · Computer Science 2021-07-16 Miguel Terra-Neves , João Nadkarni , Miguel Ventura , Pedro Resende , Hugo Veiga , António Alegria

Reproducibility is the ability of recreating identical binaries under pre-defined build environments. Due to the need of quality assurance and the benefit of better detecting attacks against build environments, the practice of reproducible…

Software Engineering · Computer Science 2018-03-20 Zhilei Ren , He Jiang , Jifeng Xuan , Zijiang Yang

Nowadays, IoT devices integrate a wealth of third-party components (TPCs) in firmware to shorten the development cycle. TPCs usually have strict usage specifications, e.g., checking the return value of the function. Violating the usage…

Cryptography and Security · Computer Science 2023-06-21 Binbin Zhao , Shouling Ji , Xuhong Zhang , Yuan Tian , Qinying Wang , Yuwen Pu , Chenyang Lyu , Raheem Beyah

In recent years, Large Language Models (LLMs) have been widely studied in the code translation field on the method, class, and even repository levels. However, most of these benchmarks are limited in terms of Third-Party Library (TPL)…

Software Engineering · Computer Science 2026-01-21 Pengyu Xue , Kunwu Zheng , Zhen Yang , Yifei Pei , Linhao Wu , Jiahui Dong , Xiapu Luo , Yan Xiao , Fei Liu , Yuxuan Zhang , Xiran Lyu , Xianhang Li , Xuanyu Zhu , Chengyi Wang

Security of software supply chains is necessary to ensure that software updates do not contain maliciously injected code or introduce vulnerabilities that may compromise the integrity of critical infrastructure. Verifying the integrity of…

Implementations of cryptographic libraries have been scrutinized for secret-dependent execution behavior exploitable by microarchitectural side-channel attacks. To prevent unintended leakages, most libraries moved to constant-time…

Cryptography and Security · Computer Science 2023-04-25 Florian Sieck , Sebastian Berndt , Jan Wichelmann , Thomas Eisenbarth