English
Related papers

Related papers: Got Root? A Linux Priv-Esc Benchmark

200 papers

Penetration-testing is crucial for identifying system vulnerabilities, with privilege-escalation being a critical subtask to gain elevated access to protected resources. Language Models (LLMs) presents new avenues for automating these…

Cryptography and Security · Computer Science 2026-02-12 Andreas Happe , Aaron Kaplan , Juergen Cito

This study explores the application of generative AI (GenAI) within manual exploitation and privilege escalation tasks in Linux-based penetration testing environments, two areas critical to comprehensive cybersecurity assessments. Building…

Cryptography and Security · Computer Science 2024-11-27 Haitham S. Al-Sinani , Chris J. Mitchell

LLM agents are increasingly relevant to research domains such as vulnerability discovery. Yet, the strongest systems remain closed and cloud-only, making them resource-intensive, difficult to reproduce, and unsuitable for work involving…

Cryptography and Security · Computer Science 2026-03-19 Philipp Normann , Andreas Happe , Jürgen Cito , Daniel Arp

Operating system kernels are the security keystone of most computer systems, as they provide the core protection mechanisms. Kernels are in particular responsible for their own security, i.e. they must prevent untrusted user tasks from…

Cryptography and Security · Computer Science 2020-03-20 Olivier Nicole , Matthieu Lemerre , Sébastien Bardin , Xavier Rival

Ethical hacking today relies on highly skilled practitioners executing complex sequences of commands, which is inherently time-consuming, difficult to scale, and prone to human error. To help mitigate these limitations, we previously…

Cryptography and Security · Computer Science 2025-07-10 Haitham S. Al-Sinani , Chris J. Mitchell

Ransomware core capability, unauthorized encryption, demands controls that identify and block malicious cryptographic activity without disrupting legitimate use. We present a probabilistic, risk-based access control architecture that…

Cryptography and Security · Computer Science 2026-03-24 Kenan Begovic , Abdulaziz Al-Ali , Qutaibah Malluhi

Equipping LLM agents with real-world tools can substantially improve productivity. However, granting agents autonomy over tool use also transfers the associated privileges to both the agent and the underlying LLM. Improper privilege usage…

Cryptography and Security · Computer Science 2026-04-21 Quan Zhang , Lianhang Fu , Lvsi Lian , Gwihwan Go , Yujue Wang , Chijin Zhou , Yu Jiang , Geguang Pu

While there is a large body of work on analyzing concurrency related software bugs and developing techniques for detecting and patching them, little attention has been given to concurrency related security vulnerabilities. The two are…

Cryptography and Security · Computer Science 2022-12-13 Zunchen Huang , Shengjian Guo , Meng Wu , Chao Wang

Security-Enhanced Linux (SELinux) is a Linux kernel module that allows for a role-based access control (RBAC) mechanism. It provides a fine-grained security framework enabling system administrators to define security policies at the system…

Cryptography and Security · Computer Science 2023-12-11 Divyam Pahuja , Alvin Tang , Klim Tsoutsman

Recent research has demonstrated the potential of Large Language Models (LLMs) for autonomous penetration testing, particularly when using cloud-based restricted-weight models. However, reliance on such models introduces security, privacy,…

Cryptography and Security · Computer Science 2026-05-01 Benjamin Probst , Andreas Happe , Jürgen Cito

Attestation means providing evidence that a remote target system is worthy of trust for some sensitive interaction. Although attestation is already used in network access control, security management, and trusted execution environments, it…

Cryptography and Security · Computer Science 2026-03-09 Will Thomas , Logan Schmalz , Adam Petz , Perry Alexander , Joshua D. Guttman , Paul D. Rowe , James Carter

Software vulnerabilities in access control models can represent a serious threat in a system. In fact, OWASP lists broken access control as number 5 in severity among the top 10 vulnerabilities. In this paper, we study the permission model…

Software Engineering · Computer Science 2022-05-24 Atheer Abu Zaid , Manar H. Alalfi , Ali Miri

Malicious attacks on open-source software packages are a growing concern. The discovery of the XZ Utils backdoor intensified these concerns because of the potential widespread impact. This study, therefore, explores the challenges of…

Cryptography and Security · Computer Science 2025-07-22 Duc-Ly Vu , Trevor Dunlap , Karla Obermeier-Velazquez , Thanh-Cong Nguyen , Paul Gibert , John Speed Meyers , Santiago Torres-Arias

The Linux kernel is one of the most important Free/Libre Open Source Software (FLOSS) projects. It is installed on billions of devices all over the world, which process various sensitive, confidential or simply private data. It is crucial…

Software Engineering · Computer Science 2020-01-07 Denis Efremov , Ilya Shchepetkov

As cyber threats continue to evolve and diversify, it has become increasingly challenging to identify the root causes of security breaches that occur between periodic security assessments. This paper explores the fundamental importance of…

Cryptography and Security · Computer Science 2024-12-24 Prakhar Paliwal , Arjun Sable , Manjesh K. Hanawal

Along with the rapid development of cloud computing technology, containerization technology has drawn much attention from both industry and academia. In this paper, we perform a comparative measurement analysis of Docker-sec, which is a…

Cryptography and Security · Computer Science 2020-09-25 Hui Zhu , Christian Gehrmann

The number of Android smartphone and tablet users has experienced a rapid growth in the past few years and it raises users' awareness on the privacy and security of their mobile devices. The features of openness and extensibility make…

Cryptography and Security · Computer Science 2022-11-02 Mark Huasong Meng , Guangdong Bai , Joseph K. Liu , Xiapu Luo , Yu Wang

Despite its technical superiority and flexibility, Linux remains a niche OS in the consumer markets. Because fragmentation stems from diverse distributions, it lacks the standardized experience, which discourages mainstream adoption. This…

Operating Systems · Computer Science 2025-04-01 Rohit J Nandha , Ronak D Patel

Real-time operating systems employ spatial and temporal isolation to guarantee predictability and schedulability of real-time systems on multi-core processors. Any unbounded and uncontrolled cross-core performance interference poses a…

Operating Systems · Computer Science 2024-12-25 Zhaomeng Deng , Ziqi Zhang , Ding Li , Yao Guo , Yunfeng Ye , Yuxin Ren , Ning Jia , Xinwei Hu

Large Language Model (LLM)-based agent systems are increasingly deployed for complex real-world tasks but remain vulnerable to natural language-based attacks that exploit over-privileged tool use. This paper aims to understand and mitigate…

Cryptography and Security · Computer Science 2026-01-21 Zimo Ji , Daoyuan Wu , Wenyuan Jiang , Pingchuan Ma , Zongjie Li , Yudong Gao , Shuai Wang , Yingjiu Li
‹ Prev 1 2 3 10 Next ›