English
Related papers

Related papers: Creating a vulnerable node based on the vulnerabil…

200 papers

This paper identifies and analyzes a novel vulnerability class in Model Context Protocol (MCP) based agent systems. The attack chain describes and demonstrates how benign, individually authorized tasks can be orchestrated to produce harmful…

Cryptography and Security · Computer Science 2025-08-28 David Noever

Although it has been demonstrated that Natural Language Processing (NLP) algorithms are vulnerable to deliberate attacks, the question of whether such weaknesses can lead to software security threats is under-explored. To bridge this gap,…

Computation and Language · Computer Science 2024-05-14 Xutan Peng , Yipeng Zhang , Jingfeng Yang , Mark Stevenson

Software vulnerabilities, caused by unintentional flaws in source codes, are the main root cause of cyberattacks. Source code static analysis has been used extensively to detect the unintentional defects, i.e. vulnerabilities, introduced…

Cryptography and Security · Computer Science 2022-11-17 Arash Mahyari

We address the problem of adversarial examples in machine learning where an adversary tries to misguide a classifier by making functionality-preserving modifications to original samples. We assume a black-box scenario where the adversary…

Machine Learning · Computer Science 2019-12-13 Behzad Asadi , Vijay Varadharajan

Malware analysis techniques are divided into static and dynamic analysis. Both techniques can be bypassed by circumvention techniques such as obfuscation. In a series of works, the authors have promoted the use of symbolic executions…

Cryptography and Security · Computer Science 2022-04-13 Charles-Henry Bertrand Van Ouytsel , Axel Legay

To build a secure communications software, Vulnerability Prediction Models (VPMs) are used to predict vulnerable software modules in the software system before software security testing. At present many software security metrics have been…

Software Engineering · Computer Science 2019-02-14 Shengjun Wei , Hao Zhong , Chun Shan , Lin Ye , Xiaojiang Du , Mohsen Guizani

Malware detectors based on machine learning (ML) have been shown to be susceptible to adversarial malware examples. However, current methods to generate adversarial malware examples still have their limits. They either rely on detailed…

Cryptography and Security · Computer Science 2023-08-22 Daniel Gibert , Jordi Planes , Quan Le , Giulio Zizzo

In this paper, we analyze the Common Platform Enumeration (CPE) dictionary and the Common Vulnerabilities and Exposures (CVE) feeds. These repositories are widely used in Vulnerability Management Systems (VMSs) to check for known…

Cryptography and Security · Computer Science 2017-05-16 Luis Alberto Benthin Sanguino , Rafael Uetz

We introduce the MoveEVM Weakness Classification (MWC) system -- a dedicated vulnerability taxonomy for smart contracts built with Move and executed in EVM-compatible environments. While Move was originally designed to prevent common…

Cryptography and Security · Computer Science 2025-05-27 Selçuk Topal

This paper investigates the use of a pre-trained language model and siamese network to discern sibling relationships between text-based cybersecurity vulnerability data. The ultimate purpose of the approach presented in this paper is…

Cryptography and Security · Computer Science 2024-10-10 Kacper Sowka , Vasile Palade , Xiaorui Jiang , Hesam Jadidbonab

The year 2022 saw a significant increase in Microsoft vulnerabilities, reaching an all-time high in the past decade. With new vulnerabilities constantly emerging, there is an urgent need for proactive approaches to harden systems and…

Cryptography and Security · Computer Science 2023-12-27 Ashvini A Kulshrestha , Guanqun Song , Ting Zhu

In this work, we consider secure communications in wireless multi-user (MU) multiple-input single-output (MISO) systems with channel coding in the presence of a multi-antenna eavesdropper (Eve). In this setting, we exploit machine learning…

Signal Processing · Electrical Eng. & Systems 2020-11-10 Abderrahmane Mayouche , Wallace A. Martins , Christos G. Tsinos , Symeon Chatzinotas , Björn Ottersten

Exploits constitute malware in the form of application inputs. They take advantage of security vulnerabilities inside programs in order to yield execution control to attackers. The root cause of successful exploitation lies in emergent…

Cryptography and Security · Computer Science 2021-09-28 Robert Abela , Mark Vella

Thousands of security vulnerabilities are discovered in production software each year, either reported publicly to the Common Vulnerabilities and Exposures database or discovered internally in proprietary code. Vulnerabilities often…

Deep neural networks (DNNs) are increasingly being applied in malware detection and their robustness has been widely debated. Traditionally an adversarial example generation scheme relies on either detailed model information (gradient-based…

Cryptography and Security · Computer Science 2022-09-07 Sun RuiJin , Guo ShiZe , Guo JinHong , Xing ChangYou , Yang LuMing , Guo Xi , Pan ZhiSong

The proliferation of Large Language Models (LLMs) has introduced critical security challenges, where adversarial actors can manipulate input prompts to cause significant harm and circumvent safety alignments. These prompt-based attacks…

Open-source projects are essential to software development, but publicly disclosing vulnerabilities without fixes increases the risk of exploitation. The Open Source Security Foundation (OpenSSF) addresses this issue by promoting robust…

Writing exploits for security assessment is a challenging task. The writer needs to master programming and obfuscation techniques to develop a successful exploit. To make the task easier, we propose an approach (EVIL) to automatically…

Software Engineering · Computer Science 2022-03-09 Pietro Liguori , Erfan Al-Hossami , Vittorio Orbinato , Roberto Natella , Samira Shaikh , Domenico Cotroneo , Bojan Cukic

Microarchitectural security verification of software has seen the emergence of two broad classes of approaches. The first is based on semantic security properties (e.g., non-interference) which are verified for a given program and a…

Cryptography and Security · Computer Science 2024-06-11 Adwait Godbole , Yatin A. Manerkar , Sanjit A. Seshia

Cloud computing is a convenient model for processing data remotely. However, users must trust their cloud provider with the confidentiality and integrity of the stored and processed data. To increase the protection of virtual machines, AMD…

Cryptography and Security · Computer Science 2020-10-15 Martin Radev , Mathias Morbitzer