English
Related papers

Related papers: KernJC: Automated Vulnerable Environment Generatio…

200 papers

Autonomous large language model (LLM) based systems have recently shown promising results across a range of cybersecurity tasks. However, there is no systematic study on their effectiveness in autonomously reproducing Linux kernel…

Cryptography and Security · Computer Science 2026-02-20 Juefei Pu , Xingyu Li , Zhengchuan Liang , Jonathan Cox , Yifan Wu , Kareem Shehada , Arrdya Srivastav , Zhiyun Qian

Security vulnerabilities in software packages are a significant concern for developers and users alike. Patching these vulnerabilities in a timely manner is crucial to restoring the integrity and security of software systems. However,…

Cryptography and Security · Computer Science 2025-09-30 Deniz Simsek , Aryaz Eghbali , Michael Pradel

While recent approaches leverage large language models (LLMs) and multi-agent pipelines to automatically generate proof-of-concept (PoC) exploits from vulnerability reports, existing systems often suffer from two fundamental limitations:…

Cryptography and Security · Computer Science 2026-04-10 Phan The Duy , Khoa Ngo-Khanh , Nguyen Huu Quyen , Van-Hau Pham

The Proof-of-Concept (PoC) for a vulnerability is crucial in validating its existence, mitigating false positives, and illustrating the severity of the security threat it poses. However, research on PoCs significantly lags behind studies…

Software Engineering · Computer Science 2025-10-22 Wenjing Dang , Kaixuan Li , Sen Chen , Zhenwei Zhuo , Lyuye Zhang , Zheli Liu

While there is a large body of work on analyzing concurrency related software bugs and developing techniques for detecting and patching them, little attention has been given to concurrency related security vulnerabilities. The two are…

Cryptography and Security · Computer Science 2022-12-13 Zunchen Huang , Shengjian Guo , Meng Wu , Chao Wang

Automated vulnerability reproduction from CVE descriptions requires generating executable Proof-of-Concept (PoC) exploits and validating them in target environments. This process is critical in software security research and practice, yet…

Software Engineering · Computer Science 2026-02-10 Bin Liu , Yanjie Zhao , Zhenpeng Chen , Guoai Xu , Haoyu Wang

Recently Large Language Models (LLMs) have been used in security-related tasks, including generating proof-of-concept (PoC) exploits. Several LLM-assisted approaches have been proposed; they typically generate PoCs from vulnerability…

Software Engineering · Computer Science 2026-05-14 Derin Gezgin , Amartya Das , Shinhae Kim , Zhengdong Huang , Nevena Stojkovic , Claire Wang

In vulnerability assessments, software component-based CVE attribution is a common method to identify possibly vulnerable systems at scale. However, such version-centric approaches yield high false-positive rates for binary distributed…

Cryptography and Security · Computer Science 2022-09-13 René Helmke , Johannes vom Dorp

In 2024, the Linux kernel became its own Common Vulnerabilities and Exposures (CVE) Numbering Authority (CNA), formalizing how kernel vulnerabilities are identified and tracked. We analyze the anatomy and dynamics of kernel CVEs using…

Software Engineering · Computer Science 2026-05-26 Piotr Przymus , Witold Weiner , Krzysztof Rykaczewski , Gunnar Kudrjavets

Recent advances in Large Language Models (LLMs) have brought remarkable progress in code understanding and reasoning, creating new opportunities and raising new concerns for software security. Among many downstream tasks, generating…

Software Engineering · Computer Science 2025-10-14 Mengyao Zhao , Kaixuan Li , Lyuye Zhang , Wenjing Dang , Chenggong Ding , Sen Chen , Zheli Liu

An operating system kernel uses cryptographically secure pseudorandom number generator for creating address space localization randomization offsets to protect memory addresses to processes from exploration, storing users' password securely…

Cryptography and Security · Computer Science 2023-06-22 Kunal Abhishek , George Dharma Prakash Raj E

Through one decade's development, the kernel-based regularization method (KRM) has become a complement to the classical maximum likelihood/prediction error method and an emerging new system identification paradigm. One recent example is its…

Systems and Control · Electrical Eng. & Systems 2024-10-29 Xiaozhu Fang , Tianshi Chen

Linux is increasingly deployed in Low Earth Orbit on commercial off the shelf systems on chip that were not designed for space radiation. Ionizing particles can trigger single event functional interrupts that crash the kernel without…

Operating Systems · Computer Science 2026-05-21 Saad Memon , Rafal Graczyk , Tomasz Rajkowski , Jan Swakon , Damian Wrobel , Sebastian Kusyk , Seth Roffe , Mike Papadakis

Microarchitectural attacks continue to evolve, uncovering new exploitation vectors in modern processors. From a defensive perspective, assessing a system's susceptibility to such attacks remains challenging. Developing functional attack…

Cryptography and Security · Computer Science 2026-05-18 Debopriya Roy Dipta , Thore Tiemann , Eduard Marin , Thomas Eisenbarth , Berk Gulmezoglu

A cyber range is a realistic simulation of an organization's network infrastructure, commonly used for cyber security training purposes. It provides a safe environment to assess competencies in both offensive and defensive techniques. An…

Cryptography and Security · Computer Science 2024-07-18 Francesco Caturano , Nicola d'Ambrosio , Gaetano Perrone , Luigi Previdente , Simon Pietro Romano

The security of billions of devices worldwide depends on the security and robustness of the mainline Linux kernel. However, the increasing number of kernel-specific vulnerabilities, especially memory safety vulnerabilities, shows that the…

Cryptography and Security · Computer Science 2018-10-03 Elena Reshetova , Hans Liljestrand , Andrew Paverd , N. Asokan

Software bugs in a production environment have an undesirable impact on quality of service, unplanned system downtime, and disruption in good customer experience, resulting in loss of revenue and reputation. Existing approaches to automated…

Software Engineering · Computer Science 2020-02-21 Anusha Bableshwar , Arun Ravindran , Manoj Iyer

Software vulnerabilities continue to grow in volume and remain difficult to detect in practice. Although learning-based vulnerability detection has progressed, existing benchmarks are largely function-centric and fail to capture realistic,…

Software Engineering · Computer Science 2026-03-19 Amine Lbath

Security vulnerabilities are among the most critical software defects in existence. As such, they require patches that are correct and quickly deployed. This motivates an automatic patch generation method that emphasizes both soundness and…

Cryptography and Security · Computer Science 2018-06-13 Zhen Huang , David Lie

The identification of vulnerabilities is an important element in the software development life cycle to ensure the security of software. While vulnerability identification based on the source code is a well studied field, the identification…

Cryptography and Security · Computer Science 2022-12-05 Andreas Schaad , Dominik Binder
‹ Prev 1 2 3 10 Next ›