English
Related papers

Related papers: Adaptive Exploit Generation against Security Devic…

200 papers

Recently efficient model-checking tools have been developed to find flaws in security protocols specifications. These flaws can be interpreted as potential attacks scenarios but the feasability of these scenarios need to be confirmed at the…

Cryptography and Security · Computer Science 2013-08-01 Hatem Ghabri , Ghazi Maatoug , Michael Rusinowitch

The exploit or the Proof of Concept of the vulnerability plays an important role in developing superior vulnerability repair techniques, as it can be used as an oracle to verify the correctness of the patches generated by the tools.…

This paper tackles the problems of generating concrete test cases for testing whether an application is vulnerable to attacks, and of checking whether security solutions are correctly implemented. The approach proposed in the paper aims at…

Software Engineering · Computer Science 2020-07-08 Sébastien Salva , Loukmen Regainia

Security of cryptographic protocols can be analysed by creating a model in a formal language and verifying the model in a tool. All such tools focus on the last part of the analysis, verification, and the interpretation of the specification…

Cryptography and Security · Computer Science 2022-04-06 Roberto Metere , Luca Arnaboldi

Developers create modern software applications (Apps) on top of third-party libraries (Libs). When library vulnerabilities are reachable through application code, the applications can be vulnerable to software supply chain attacks. Prior…

Cryptography and Security · Computer Science 2026-05-06 Shravya Kanchi , Xiaoyan Zang , Ying Zhang , Danfeng Yao , Na Meng

Understanding the behaviour of a system's API can be hard. Giving users access to relevant examples of how an API behaves has been shown to make this easier for them. In addition, such examples can be used to verify expected behaviour or…

Software Engineering · Computer Science 2023-08-30 Stefan Karlsson , John Hughes , Robbert Jongeling , Adnan Causevic , Daniel Sundmark

Software developers study and reuse existing source code to understand how to properly use application programming interfaces (APIs). However, manually finding sufficient and adequate code examples for a given API is a difficult and a…

Software Engineering · Computer Science 2022-08-02 Mohammad Ghafari , Konstantin Rubinov , Mohammad Mehdi Pourhashem K

Security vulnerabilities in software packages are a significant concern for developers and users alike. Patching these vulnerabilities in a timely manner is crucial to restoring the integrity and security of software systems. However,…

Cryptography and Security · Computer Science 2025-09-30 Deniz Simsek , Aryaz Eghbali , Michael Pradel

Machine learning has proved invaluable for a range of different tasks, yet it also proved vulnerable to evasion attacks, i.e., maliciously crafted perturbations of input data designed to force mispredictions. In this paper we propose a…

Machine Learning · Computer Science 2020-07-07 Stefano Calzavara , Pietro Ferrara , Claudio Lucchese

This thesis presents an automated method for verifying security properties of protocol implementations written in the C language. We assume that each successful run of a protocol follows the same path through the C code, justified by the…

Cryptography and Security · Computer Science 2020-01-06 Mihhail Aizatulin

Recent advances in Large Language Models (LLMs) have brought remarkable progress in code understanding and reasoning, creating new opportunities and raising new concerns for software security. Among many downstream tasks, generating…

Software Engineering · Computer Science 2025-10-14 Mengyao Zhao , Kaixuan Li , Lyuye Zhang , Wenjing Dang , Chenggong Ding , Sen Chen , Zheli Liu

In this paper, we consider the problem of verifying anonymity and unlinkability in the symbolic model, where protocols are represented as processes in a variant of the applied pi calculus, notably used in the ProVerif tool. Existing tools…

Cryptography and Security · Computer Science 2019-04-09 Lucca Hirschi , David Baelde , Stéphanie Delaune

Application Programming Interface (API) Injection attacks refer to the unauthorized or malicious use of APIs, which are often exploited to gain access to sensitive data or manipulate online systems for illicit purposes. Identifying actors…

Cryptography and Security · Computer Science 2025-05-16 Udi Aharon , Ran Dubin , Amit Dvir , Chen Hajaj

Writing exploits for security assessment is a challenging task. The writer needs to master programming and obfuscation techniques to develop a successful exploit. To make the task easier, we propose an approach (EVIL) to automatically…

Software Engineering · Computer Science 2022-03-09 Pietro Liguori , Erfan Al-Hossami , Vittorio Orbinato , Roberto Natella , Samira Shaikh , Domenico Cotroneo , Bojan Cukic

We study the interaction of the programming construct "new", which generates statically scoped names, with communication via messages on channels. This interaction is crucial in security protocols, which are the main motivating examples for…

Cryptography and Security · Computer Science 2017-07-31 Martín Abadi , Bruno Blanchet , Cédric Fournet

Attack graphs are a tool for analyzing security vulnerabilities that capture different and prospective attacks on a system. As a threat modeling tool, it shows possible paths that an attacker can exploit to achieve a particular goal.…

As Large Language Models (LLMs) gain traction across critical domains, ensuring secure and trustworthy training processes has become a major concern. Backdoor attacks, where malicious actors inject hidden triggers into training data, are…

Cryptography and Security · Computer Science 2025-10-20 Issam Seddik , Sami Souihi , Mohamed Tamaazousti , Sara Tucci Piergiovanni

Blockchain systems are increasingly targeted by on-chain attacks that exploit contract vulnerabilities to extract value rapidly and stealthily, making systematic analysis and reproduction highly challenging. In practice, reproducing such…

Cryptography and Security · Computer Science 2026-01-26 Xing Su , Hao Wu , Hanzhong Liang , Yunlin Jiang , Yuxi Cheng , Yating Liu , Fengyuan Xu

Transparency protocols are protocols whose actions can be publicly monitored by observers (such observers may include regulators, rights advocacy groups, or the general public). The observed actions are typically usages of private keys such…

Cryptography and Security · Computer Science 2023-04-18 Vincent Cheval , José Moreira , Mark Ryan

Exploit proof-of-concepts (PoCs) for known vulnerabilities are widely shared in the security community. They help security analysts to learn from each other and they facilitate security assessments and red teaming tasks. In the recent…

Cryptography and Security · Computer Science 2023-06-08 Soufian El Yadmani , Robin The , Olga Gadyatskaya
‹ Prev 1 2 3 10 Next ›