English
Related papers

Related papers: PoCo: Agentic Proof-of-Concept Exploit Generation …

200 papers

Smart contracts are commonly audited through static analysis to explore vulnerabilities. However, static approaches typically produce heterogeneous findings rather than reproducible, executable proof-of-concept (PoC) test cases, leading to…

Software Engineering · Computer Science 2026-04-02 Longfei Chen , Ruibin Yan , Taiyu Wong , Yiyang Chen , Jialai Wang , Chao Zhang

Smart contracts are a critical component of blockchain systems. Due to the large amount of digital assets carried by smart contracts, their security is of critical importance. Although numerous tools have been developed for detecting smart…

Software Engineering · Computer Science 2026-04-21 Jingwen Zhang , Yuhong Nan , Kaiwen Ning , Mingxi Ye , Wei Li , Yuming Xiao , Yuming Feng , Weizhe Zhang , Zibin Zheng

Smart contract vulnerabilities in Decentralized Finance caused over billions of dollars losses every year, yet the security community faces a critical bottleneck: identifying a vulnerability is not the same as proving it is exploitable.…

Cryptography and Security · Computer Science 2026-05-05 Ruichao Liang , Jing Chen , Xianglong Li , Huangpeng Gu , Yebo Feng , Yue Xue , Cong Wu , Yang Liu

Smart contracts are important for digital finance, yet they are hard to patch once deployed. Prior work has mainly explored LLMs for smart contract vulnerability detection, leaving end-to-end automated exploit generation (AEG) much less…

Cryptography and Security · Computer Science 2026-04-22 ZeKe Xiao , Qin Wang , Yuekang Li , Shiping Chen

While recent approaches leverage large language models (LLMs) and multi-agent pipelines to automatically generate proof-of-concept (PoC) exploits from vulnerability reports, existing systems often suffer from two fundamental limitations:…

Cryptography and Security · Computer Science 2026-04-10 Phan The Duy , Khoa Ngo-Khanh , Nguyen Huu Quyen , Van-Hau Pham

Security vulnerabilities in software packages are a significant concern for developers and users alike. Patching these vulnerabilities in a timely manner is crucial to restoring the integrity and security of software systems. However,…

Cryptography and Security · Computer Science 2025-09-30 Deniz Simsek , Aryaz Eghbali , Michael Pradel

Smart contracts, as a key component of blockchain technology, play a crucial role in ensuring the automation of transactions and adherence to protocol rules. However, smart contracts are susceptible to security vulnerabilities, which, if…

Cryptography and Security · Computer Science 2024-02-20 Yuying Du , Xueyan Tang

Smart contract vulnerabilities have led to billions in losses, yet finding actionable exploits remains challenging. Traditional fuzzers rely on rigid heuristics and struggle with complex attacks, while human auditors are thorough but slow…

Cryptography and Security · Computer Science 2026-01-13 Arthur Gervais , Liyi Zhou

Automated vulnerability reproduction from CVE descriptions requires generating executable Proof-of-Concept (PoC) exploits and validating them in target environments. This process is critical in software security research and practice, yet…

Software Engineering · Computer Science 2026-02-10 Bin Liu , Yanjie Zhao , Zhenpeng Chen , Guoai Xu , Haoyu Wang

Software developers frequently receive vulnerability reports that require them to reproduce the vulnerability in a reliable manner by generating a proof-of-concept (PoC) input that triggers it. Given the source code for a software project…

Software Engineering · Computer Science 2026-04-10 Achintya Desai , Md Shafiuzzaman , Wenbo Guo , Tevfik Bultan

While recent LLM-based agents can identify many candidate bugs in source code, their reports remain static hypotheses that require manual validation, limiting the practicality of automated bug detection. We frame this challenge as a test…

Software Engineering · Computer Science 2026-04-15 Zijie Zhao , Chenyuan Yang , Weidong Wang , Yihan Yang , Ziqi Zhang , Lingming Zhang

Recent advances in Large Language Models (LLMs) have brought remarkable progress in code understanding and reasoning, creating new opportunities and raising new concerns for software security. Among many downstream tasks, generating…

Software Engineering · Computer Science 2025-10-14 Mengyao Zhao , Kaixuan Li , Lyuye Zhang , Wenjing Dang , Chenggong Ding , Sen Chen , Zheli Liu

Recently Large Language Models (LLMs) have been used in security-related tasks, including generating proof-of-concept (PoC) exploits. Several LLM-assisted approaches have been proposed; they typically generate PoCs from vulnerability…

Software Engineering · Computer Science 2026-05-14 Derin Gezgin , Amartya Das , Shinhae Kim , Zhengdong Huang , Nevena Stojkovic , Claire Wang

Security Operations Centers (SOCs) increasingly encounter difficulties in correlating heterogeneous alerts, interpreting multi-stage attack progressions, and selecting safe and effective response actions. This study introduces AgentSOC, a…

Cryptography and Security · Computer Science 2026-04-23 Joyjit Roy , Samaresh Kumar Singh

The Proof-of-Concept (PoC) for a vulnerability is crucial in validating its existence, mitigating false positives, and illustrating the severity of the security threat it poses. However, research on PoCs significantly lags behind studies…

Software Engineering · Computer Science 2025-10-22 Wenjing Dang , Kaixuan Li , Sen Chen , Zhenwei Zhuo , Lyuye Zhang , Zheli Liu

Despite the critical threat posed by software security vulnerabilities, reports are often incomplete, lacking the proof-of-vulnerability (PoV) tests needed to validate fixes and prevent regressions. These tests are crucial not only for…

Software Engineering · Computer Science 2025-07-22 Vikram Nitin , Baishakhi Ray , Roshanak Zilouchian Moghaddam

Smart contracts are programs running on top of blockchain platforms. They interact with each other through well-defined interfaces to perform financial transactions in a distributed system with no trusted third parties. But these interfaces…

Cryptography and Security · Computer Science 2019-02-19 Yu Feng , Emina Torlak , Rastislav Bodik

The proposed smart contract can prevent seven cyber attacks, such as Denial of Service (DoS), Man in the Middle Attack (MITM), Distributed Denial of Service (DDoS), 51\%, Injection attacks, Routing Attack, and Eclipse attack. The Delegated…

Cryptography and Security · Computer Science 2022-07-20 Amrutanshu Panigrahi , Ajit Kumar Nayak , Rourab Paul

We provide three detailed case studies of vulnerabilities in smart contracts, and show how property-based testing would have found them: 1. the Dexter1 token exchange; 2. the iToken; 3. the ICO of Brave's BAT token. The last example is, in…

Logic in Computer Science · Computer Science 2022-10-07 Mikkel Milo , Eske Hoy Nielsen , Danil Annenkov , Bas Spitters

Programming errors in Ethereum smart contracts can result in catastrophic financial losses from stolen cryptocurrency. While vulnerability detectors can prevent vulnerable contracts from being deployed, this does not mean that such…

Cryptography and Security · Computer Science 2021-09-03 Simon Joseph Aquilina , Fran Casino , Mark Vella , Joshua Ellul , Constantinos Patsakis
‹ Prev 1 2 3 10 Next ›