English
Related papers

Related papers: Fixing Security Vulnerabilities with AI in OSS-Fuz…

200 papers

Deep Learning (DL) frameworks have served as fundamental components in DL systems over the last decade. However, bugs in DL frameworks could lead to catastrophic consequences in critical scenarios. A simple yet effective way to find bugs in…

Software Engineering · Computer Science 2026-01-21 Shaoyu Yang , Chunrong Fang , Haifeng Lin , Xiang Chen , Jia Liu , Zhenyu Chen

Software vulnerabilities are commonly exploited as attack vectors in cyberattacks. Hence, it is crucial to identify vulnerable software configurations early to apply preventive measures. Effective vulnerability detection relies on…

Cryptography and Security · Computer Science 2024-12-24 Devesh Sawant , Manjesh K. Hanawal , Atul Kabra

Vulnerabilities related to option combinations pose a significant challenge in software security testing due to their vast search space. Previous research primarily addressed this challenge through mutation or filtering techniques, which…

Cryptography and Security · Computer Science 2024-09-04 Dawei Wang , Geng Zhou , Li Chen , Dan Li , Yukai Miao

Deep learning (DL) systems can make our life much easier, and thus are gaining more and more attention from both academia and industry. Meanwhile, bugs in DL systems can be disastrous, and can even threaten human lives in safety-critical…

Software Engineering · Computer Science 2022-03-01 Anjiang Wei , Yinlin Deng , Chenyuan Yang , Lingming Zhang

As blockchain platforms grow exponentially, millions of lines of smart contract code are being deployed to manage extensive digital assets. However, vulnerabilities in this mission-critical code have led to significant exploitations and…

Cryptography and Security · Computer Science 2024-01-23 Chaofan Shou , Jing Liu , Doudou Lu , Koushik Sen

Large language models (LLMs) have shown impressive capability to understand and develop code. However, their capability to rigorously reason about and prove code correctness remains in question. This paper offers a comprehensive study of…

Operating Systems · Computer Science 2026-04-16 Chenyuan Yang , Natalie Neamtu , Chris Hawblitzel , Jacob R. Lorch , Shan Lu

The SZZ algorithm is the dominant technique for identifying bug-inducing commits and underpins many software engineering tasks, such as defect prediction and vulnerability analysis. Despite numerous variants, including recent LLM-based…

Software Engineering · Computer Science 2026-04-06 Yunbo Lyu , Jieke Shi , Hong Jin Kang , Ratnadira Widyasari , Junda He , Yuqing Niu , Chengran Yang , Junkai Chen , Zhou Yang , Julia Lawall , David Lo

As researchers, we already understand how to make testing more effective and efficient at finding bugs. However, as fuzzing (i.e., automated testing) becomes more widely adopted in practice, practitioners are asking: Which assurances does a…

Software Engineering · Computer Science 2018-12-18 Marcel Böhme

Command-line interface (CLI) fuzzing tests programs by mutating both command-line options and input file contents, thus enabling discovery of vulnerabilities that only manifest under specific option-input combinations. Prior works of CLI…

Cryptography and Security · Computer Science 2026-03-16 Momoko Shiraishi , Yinzhi Cao , Takahiro Shinagawa

The proliferation of open-source software (OSS) has made software supply chains prime targets for attacks like Package Confusion, where adversaries publish malicious packages with names deceptively similar to legitimate ones. To protect…

Software Engineering · Computer Science 2026-04-21 Yu Li , Wei Ma , Zhi Chen , Ye Liu , Lingxiao Jiang , Junyi Tao , Hao Liu , Yongqiang Lyu , Qiang Hu

The software development process is characterized by an iterative cycle of continuous functionality implementation and debugging, essential for the enhancement of software quality and adaptability to changing requirements. This process…

Software Engineering · Computer Science 2024-11-27 Yihao Qin , Shangwen Wang , Yan Lei , Zhuo Zhang , Bo Lin , Xin Peng , Liqian Chen , Xiaoguang Mao

Modern computing systems heavily rely on hardware as the root of trust. However, their increasing complexity has given rise to security-critical vulnerabilities that cross-layer at-tacks can exploit. Traditional hardware vulnerability…

Software Engineering · Computer Science 2024-04-11 Mohamadreza Rostami , Marco Chilese , Shaza Zeitouni , Rahul Kande , Jeyavijayan Rajendran , Ahmad-Reza Sadeghi

Software fuzzing has become a cornerstone in automated vulnerability discovery, yet existing mutation strategies often lack semantic awareness, leading to redundant test cases and slow exploration of deep program states. In this work, I…

Cryptography and Security · Computer Science 2025-11-07 Shiyin Lin

Patch fuzzing is a technique aimed at identifying vulnerabilities that arise from newly patched code. While researchers have made efforts to apply patch fuzzing to testing JavaScript engines with considerable success, these efforts have…

Cryptography and Security · Computer Science 2025-05-02 Junjie Wang , Yuhan Ma , Xiaofei Xie , Xiaoning Du , Xiangwei Zhang

Novel AI-based code-writing Large Language Models (LLMs) such as OpenAI's Codex have demonstrated capabilities in many coding-adjacent domains. In this work we consider how LLMs maybe leveraged to automatically repair security relevant bugs…

Cryptography and Security · Computer Science 2024-05-10 Baleegh Ahmad , Shailja Thakur , Benjamin Tan , Ramesh Karri , Hammond Pearce

Large Language Models (LLMs) are increasingly deployed across diverse domains, yet their vulnerability to jailbreak attacks, where adversarial inputs bypass safety mechanisms to elicit harmful outputs, poses significant security risks.…

Cryptography and Security · Computer Science 2026-04-15 Qingchao Shen , Zibo Xiao , Lili Huang , Enwei Hu , Yongqiang Tian , Junjie Chen

Multi-Agent LLM Systems (MAS) have been adopted to automate complex human workflows by breaking down tasks into subtasks. However, due to the non-deterministic behavior of LLM agents and the intricate interactions between agents, MAS…

Software Engineering · Computer Science 2026-04-08 Mingxuan Hui , Xinyue Li , Lu Wang , Chengcheng Wan , Yifan Wang , Yimian Wang , Feiyue Song , Beining Shi , Yixi Li , Yaxiao Li

Fuzzing has gained in popularity for software vulnerability detection by virtue of the tremendous effort to develop a diverse set of fuzzers. Thanks to various fuzzing techniques, most of the fuzzers have been able to demonstrate great…

Cryptography and Security · Computer Science 2023-02-28 Yu-Fu Fu , Jaehyuk Lee , Taesoo Kim

Vision Language Models (VLMs) are prone to errors, and identifying where these errors occur is critical for ensuring the reliability and safety of AI systems. In this paper, we propose an approach that automatically generates questions…

Machine Learning · Computer Science 2026-03-10 Jiajun Xu , Jiageng Mao , Ang Qi , Weiduo Yuan , Alexander Romanus , Helen Xia , Vitor Campagnolo Guizilini , Yue Wang

The widespread adoption of open-source software (OSS) has accelerated software innovation but also increased security risks due to the rapid propagation of vulnerabilities and silent patch releases. In recent years, large language models…

Cryptography and Security · Computer Science 2025-11-12 Junxiao Han , Zheng Yu , Lingfeng Bao , Jiakun Liu , Yao Wan , Jianwei Yin , Shuiguang Deng , Song Han