English
Related papers

Related papers: Divide and Conquer based Symbolic Vulnerability De…

200 papers

Fuzzing is one of the prevailing methods for vulnerability detection. However, even state-of-the-art fuzzing methods become ineffective after some period of time, i.e., the coverage hardly improves as existing methods are ineffective to…

Cryptography and Security · Computer Science 2021-12-15 Shunkai Zhu , Jingyi Wang , Jun Sun , Jie Yang , Xingwei Lin , Liyi Zhang , Peng Cheng

Software fuzzing has become a cornerstone in automated vulnerability discovery, yet existing mutation strategies often lack semantic awareness, leading to redundant test cases and slow exploration of deep program states. In this work, I…

Cryptography and Security · Computer Science 2025-11-07 Shiyin Lin

Software supply chain vulnerabilities arise when attackers exploit weaknesses by injecting vulnerable code into widely used packages or libraries within software repositories. While most existing approaches focus on identifying vulnerable…

Cryptography and Security · Computer Science 2025-06-25 Sajal Halder , Muhammad Ejaz Ahmed , Seyit Camtepe

The threat of attack faced by cyber-physical systems (CPSs), especially when they play a critical role in automating public infrastructure, has motivated research into a wide variety of attack defence mechanisms. Assessing their…

Cryptography and Security · Computer Science 2020-01-16 Yuqi Chen , Christopher M. Poskitt , Jun Sun , Sridhar Adepu , Fan Zhang

Modern computing is shifting from homogeneous CPU-centric systems to heterogeneous systems with closely integrated CPUs and GPUs. While the CPU software stack has benefited from decades of memory safety hardening, the GPU software stack…

Cryptography and Security · Computer Science 2026-03-09 Mingkai Li , Joseph Devietti , Suman Jana , Tanvir Ahmed Khan

Fuzz testing has enjoyed great success at discovering security critical bugs in real software. Recently, researchers have devoted significant effort to devising new fuzzing techniques, strategies, and algorithms. Such new ideas are…

Cryptography and Security · Computer Science 2018-10-22 George Klees , Andrew Ruef , Benji Cooper , Shiyi Wei , Michael Hicks

Over past years, the manually methods to create detection rules were no longer practical in the anti-malware product since the number of malware threats has been growing. Thus, the turn to the machine learning approaches is a promising way…

Cryptography and Security · Computer Science 2022-05-02 Khanh Huu The Dam , Charles-Henry Bertrand Van Ouytsel , Axel Legay

Patch fuzzing is a technique aimed at identifying vulnerabilities that arise from newly patched code. While researchers have made efforts to apply patch fuzzing to testing JavaScript engines with considerable success, these efforts have…

Cryptography and Security · Computer Science 2025-05-02 Junjie Wang , Yuhan Ma , Xiaofei Xie , Xiaoning Du , Xiangwei Zhang

Open source software vulnerabilities pose significant security risks to downstream applications. While vulnerability databases provide valuable information for mitigation, many security patches are released silently in new commits of OSS…

Software Engineering · Computer Science 2025-03-27 Yiran Cheng , Ting Zhang , Lwin Khin Shar , Zhe Lang , David Lo , Shichao Lv , Dongliang Fang , Zhiqiang Shi , Limin Sun

As technology continues to advance and we usher in the era of Industry 5.0, there has been a profound paradigm shift in operating systems, file systems, web, and network applications. The conventional utilization of multiprocessing and…

Cryptography and Security · Computer Science 2023-12-25 Aishwarya Upadhyay , Vijay Laxmi , Smita Naval

Software vulnerabilities are a challenge in cybersecurity. Manual security patches are often difficult and slow to be deployed, while new vulnerabilities are created. Binary code vulnerability detection is less studied and more complex…

Cryptography and Security · Computer Science 2024-04-15 Litao Li , Steven H. H. Ding , Andrew Walenstein , Philippe Charland , Benjamin C. M. Fung

One of the most significant challenges in the field of software code auditing is the presence of vulnerabilities in software source code. Every year, more and more software flaws are discovered, either internally in proprietary code or…

Cryptography and Security · Computer Science 2023-06-16 Mst Shapna Akter , Hossain Shahriar , Juan Rodriguez Cardenas , Sheikh Iqbal Ahamed , Alfredo Cuzzocrea

Software vulnerability detection (SVD) is a critical challenge in modern systems. Large language models (LLMs) offer natural-language explanations alongside predictions, but most work focuses on binary evaluation, and explanations often…

Software Engineering · Computer Science 2026-02-12 Samal Mukhtar , Yinghua Yao , Zhu Sun , Mustafa Mustafa , Yew Soon Ong , Youcheng Sun

Modern processor advancements have introduced security risks, particularly in the form of microarchitectural timing attacks. High-profile attacks such as Meltdown and Spectre have revealed critical flaws, compromising the entire system's…

Cryptography and Security · Computer Science 2024-10-23 Congcong Chen , Jinhua Cui , Jiliang Zhang

Each year, software vulnerabilities are discovered, which pose significant risks of exploitation and system compromise. We present a convolutional neural network model that can successfully identify bugs in C code. We trained our model…

Cryptography and Security · Computer Science 2026-02-27 C. Seas , G. Fitzpatrick , J. A. Hamilton , M. C. Carlisle

Symbolic execution is a software verification technique symbolically running programs and thereby checking for bugs. Ranged symbolic execution performs symbolic execution on program parts, so called path ranges, in parallel. Due to the…

Software Engineering · Computer Science 2024-06-28 Jan Haltermanna , Marie-Christine Jakobs , Cedric Richter , Heike Wehrheim

Fuzzing and symbolic execution are popular techniques for finding vulnerabilities and generating test-cases for programs. Fuzzing, a blackbox method that mutates seed input values, is generally incapable of generating diverse inputs that…

Software Engineering · Computer Science 2017-12-13 Saahil Ognawala , Thomas Hutzelmann , Eirini Psallida , Alexander Pretschner

Fuzzing is widely used for detecting bugs and vulnerabilities, with various techniques proposed to enhance its effectiveness. To combine the advantages of multiple technologies, researchers proposed ensemble fuzzing, which integrates…

Software Engineering · Computer Science 2025-07-31 Yukai Zhao , Shaohua Wang , Jue Wang , Xing Hu , Xin Xia

GPUs have gained significant popularity over the past decade, extending beyond their original role in graphics rendering. This evolution has brought GPU security and reliability to the forefront of concerns. Prior research has shown that…

Cryptography and Security · Computer Science 2026-01-06 Saurabh Singh , Ruobing Han , Jaewon Lee , Seonjin Na , Yonghae Kim , Taesoo Kim , Hyesoon Kim

Fuzzing is a widely used technique for detecting software bugs and vulnerabilities. Most popular fuzzers generate new inputs using an evolutionary search to maximize code coverage. Essentially, these fuzzers start with a set of seed inputs,…

Software Engineering · Computer Science 2020-09-14 Dongdong She , Rahul Krishna , Lu Yan , Suman Jana , Baishakhi Ray