English
Related papers

Related papers: FuzzEval: Assessing Fuzzers on Generating Context-…

200 papers

Sparse Tensor Compilers (STCs) have emerged as critical infrastructure for optimizing high-dimensional data analytics and machine learning workloads. The STCs must synthesize complex, irregular control flow for various compressed storage…

Programming Languages · Computer Science 2026-03-20 Kabilan Mahathevan , Yining Zhang , Muhammad Ali Gulzar , Kirshanthan Sundararajah

As cloud computing becomes prevalent in recent years, more and more enterprises and individuals outsource their data to cloud servers. To avoid privacy leaks, outsourced data usually is encrypted before being sent to cloud servers, which…

Cryptography and Security · Computer Science 2019-06-24 Jinkun Cao , Jinhao Zhu , Liwei Lin , Zhengui Xue , Ruhui Ma , Haibing Guan

Code reuse in software development frequently facilitates the spread of vulnerabilities, making the scope of affected software in CVE reports imprecise. Traditional methods primarily focus on identifying reused vulnerability code within…

Software Engineering · Computer Science 2024-11-28 Siyuan Li , Yuekang Li , Zuxin Chen , Chaopeng Dong , Yongpan Wang , Hong Li , Yongle Chen , Hongsong Zhu

As mobile networks transition to 5G infrastructure, ensuring robust security becomes more important due to the complex architecture and expanded attack surface. Traditional security testing approaches for 5G networks rely on black-box…

Cryptography and Security · Computer Science 2026-02-26 Yu Wang , Yang Xiang , Chandra Thapa , Hajime Suzuki

This paper presents a novel fuzzing framework, called MicroFuzz, specifically designed for Microservices. Mocking-Assisted Seed Execution, Distributed Tracing, Seed Refresh and Pipeline Parallelism approaches are adopted to address the…

Software Engineering · Computer Science 2024-02-06 Peng Di , Bingchang Liu , Yiyi Gao

High scalability and low running costs have made fuzz testing the de facto standard for discovering software bugs. Fuzzing techniques are constantly being improved in a race to build the ultimate bug-finding tool. However, while fuzzing…

Cryptography and Security · Computer Science 2020-10-26 Ahmad Hazimeh , Adrian Herrera , Mathias Payer

Fuzzing is a well-established technique in the software domain to uncover bugs and vulnerabilities. Yet, applications of fuzzing for security vulnerabilities in hardware systems are scarce, as principal reasons are requirements for design…

Cryptography and Security · Computer Science 2024-02-16 Maik Ender , Felix Hahn , Marc Fyrbiak , Amir Moradi , Christof Paar

In recent years, fuzz testing has benefited from increased computational power and important algorithmic advances, leading to systems that have discovered many critical bugs and vulnerabilities in production software. Despite these…

Cryptography and Security · Computer Science 2022-05-31 Anastasios Andronidis , Cristian Cadar

We present the Foundational Cryptography Framework (FCF) for developing and checking complete proofs of security for cryptographic schemes within a proof assistant. This is a general-purpose framework that is capable of modeling and…

Programming Languages · Computer Science 2014-10-15 Adam Petcher , Greg Morrisett

SpecFuzz is the first tool that enables dynamic testing for speculative execution vulnerabilities (e.g., Spectre). The key is a novel concept of speculation exposure: The program is instrumented to simulate speculative execution in software…

Cryptography and Security · Computer Science 2020-03-11 Oleksii Oleksenko , Bohdan Trach , Mark Silberstein , Christof Fetzer

Fingerprinting of services and operating systems is an essential part of penetration tests. In order to successfully penetrate the computing system's security measurements, preexisting fingerprinting methods are described and the paradigm…

Cryptography and Security · Computer Science 2014-03-04 Michael Hanspach

As the complexity of logic designs increase, new avenues for testing digital hardware becomes necessary. Fuzz Testing (fuzzing) has recently received attention as a potential candidate for input vector generation on hardware designs. Using…

Hardware Architecture · Computer Science 2023-12-12 Ruochen Dai , Michael Lee , Patrick Hoey , Weimin Fu , Tuba Yavuz , Xiaolong Guo , Shuo Wang , Dean Sullivan , Orlando Arias

The purpose of continuous fuzzing platforms is to enable fuzzing for software projects via \emph{fuzz harnesses} -- but as the projects continue to evolve, are these harnesses updated in lockstep, or do they run out of date? If these…

Software Engineering · Computer Science 2025-05-12 Philipp Görz , Joschua Schilling , Thorsten Holz , Marcel Böhme

In this paper, we introduce a comprehensive approach to bolstering the security, reliability, and comprehensibility of OpenAirInterface5G (OAI5G), an open-source software framework for the exploration, development, and testing of 5G…

Software Engineering · Computer Science 2023-09-25 Huan Wu , Brian Fang , Fei Xie

Industrial control systems (ICSs) are types of cyber-physical systems in which programs, written in languages such as ladder logic or structured text, control industrial processes through sensing and actuating. Given the use of ICSs in…

Software Engineering · Computer Science 2023-07-25 Christopher M. Poskitt , Yuqi Chen , Jun Sun , Yu Jiang

Deep learning (DL) systems can make our life much easier, and thus are gaining more and more attention from both academia and industry. Meanwhile, bugs in DL systems can be disastrous, and can even threaten human lives in safety-critical…

Software Engineering · Computer Science 2022-03-01 Anjiang Wei , Yinlin Deng , Chenyuan Yang , Lingming Zhang

GraphQL is an open-source data query and manipulation language for web applications, offering a flexible alternative to RESTful APIs. However, its dynamic execution model and lack of built-in security mechanisms expose it to vulnerabilities…

Cryptography and Security · Computer Science 2025-04-21 Omar Tsai , Jianing Li , Tsz Tung Cheung , Lejing Huang , Hao Zhu , Jianrui Xiao , Iman Sharafaldin , Mohammad A. Tayebi

Automated Cryptographic Validation Protocol (ACVP) is an existing protocol that is used to validate a software or hardware cryptographic module automatically. In this work, we present a system providing the method and tools to produce…

Cryptography and Security · Computer Science 2024-07-12 Iaroslav Gridin , Antonis Michalas

Software testing is becoming a critical part of the development cycle of embedded devices, enabling vulnerability detection. A well-studied approach of software testing is fuzz-testing (fuzzing), during which mutated input is sent to an…

Cryptography and Security · Computer Science 2019-08-15 Philip Sperl , Konstantin Böttinger

Securing operating system (OS) kernel is one central challenge in today's cyber security landscape. The cutting-edge testing technique of OS kernel is software fuzz testing. By mutating the program inputs with random variations for…

Cryptography and Security · Computer Science 2023-10-05 Wei Chen , Huaijin Wang , Weixi Gu , Shuai Wang