English
Related papers

Related papers: AXE: An Agentic eXploit Engine for Confirming Zero…

200 papers

Security practitioners face growing challenges in exploit assessment, as public vulnerability repositories are increasingly populated with inconsistent and low-quality exploit artifacts. Existing scoring systems, such as CVSS and EPSS,…

Cryptography and Security · Computer Science 2025-09-23 Xiangmin Shen , Wenyuan Cheng , Yan Chen , Zhenyuan Li , Yuqiao Gu , Lingzhi Wang , Wencheng Zhao , Dawei Sun , Jiashui Wang

Large-scale web applications are widely deployed with complex third-party components, inheriting security risks arising from component vulnerabilities. Security assessment is therefore required to determine whether such known…

Cryptography and Security · Computer Science 2026-04-02 Ruozhao Yang , Mingfei Cheng , Gelei Deng , Junjie Wang , Tianwei Zhang , Xiaofei Xie

Modern web applications are increasingly produced through AI-assisted development and rapid no-code deployment pipelines, widening the gap between accelerating software velocity and the limited adaptability of existing security tooling.…

Cryptography and Security · Computer Science 2026-03-03 Akshat Singh Jaswal , Ashish Baghel

Web applications are the target of many well known exploits and also a fertile ground for the discovery of security vulnerabilities. Yet, the success of an exploit depends both on the vulnerability in the application source code and the…

Cryptography and Security · Computer Science 2018-08-30 Stanislav Dashevskyi , Daniel Ricardo dos Santos , Fabio Massacci , Antonino Sabetta

Software vulnerability detection is critical in software en- gineering as security flaws arise from complex interactions across code structure, repository context, and runtime conditions. Existing meth- ods are limited by local code views,…

Software Engineering · Computer Science 2026-03-17 Renwei Meng , Haoyi Wu , Jingming Wang , Haoyan Bai

Evaluating and improving the security capabilities of code agents requires high-quality, executable vulnerability tasks. However, existing works rely on costly, unscalable manual reproduction and suffer from outdated data distributions. To…

Cryptography and Security · Computer Science 2026-05-19 Xianzhen Luo , Jingyuan Zhang , Shiqi Zhou , Rain Huang , Chuan Xiao , Qingfu Zhu , Zhiyuan Ma , Xing Yue , Yang Yue , Wencong Zeng , Wanxiang Che

As artificial intelligence (AI) systems are increasingly deployed across critical domains, their security vulnerabilities pose growing risks of high-profile exploits and consequential system failures. Yet systematic approaches to evaluating…

Cryptography and Security · Computer Science 2026-04-28 Mikko Lempinen , Joni Kemppainen , Niklas Raesalmi

Existing Android vulnerability detection tools overwhelm teams with thousands of low-signal warnings yet uncover few true positives. Analysts spend days triaging these results, creating a bottleneck in the security pipeline. Meanwhile,…

Cryptography and Security · Computer Science 2025-09-01 Ziyue Wang , Liyi Zhou

AI agents are increasingly embedded in real software systems, where they execute multi-step workflows through multi-turn dialogue, tool invocations, and intermediate decisions. These long execution histories, called agentic traces, make…

Software Engineering · Computer Science 2026-05-12 Reshabh K Sharma , Shraddha Barke , Benjamin Zorn

Open-source libraries are widely used in modern software development, introducing significant security vulnerabilities. While static analysis tools can identify potential vulnerabilities at scale, they often generate overwhelming reports…

Software Engineering · Computer Science 2026-04-08 Siyi Chen , Tianhan Luo , Shijian Wu , Xiangyu Liu , Yilin Zhou , Qi Li , Wenyuan Xu

Sensitive Information Exposure (SIEx) vulnerabilities (CWE-200) remain a persistent and under-addressed threat across software systems, often leading to serious security breaches. Existing detection tools rarely target the diverse…

Cryptography and Security · Computer Science 2025-08-28 Kyler Katz , Sara Moshtari , Ibrahim Mujhid , Mehdi Mirakhorli , Derek Garcia

The Agent Conversation Reasoning Engine (ACRE) is intended to aid agent developers to improve the management and reliability of agent communication. To evaluate its effectiveness, a problem scenario was created that could be used to compare…

Multiagent Systems · Computer Science 2014-10-13 David Lillis , Rem W. Collier , Howell R. Jordan

The offensive security landscape is highly fragmented: enterprise platforms avoid memory-corruption vulnerabilities due to Denial of Service (DoS) risks, Automatic Exploit Generation (AEG) systems suffer from semantic blindness, and Large…

Cryptography and Security · Computer Science 2026-04-27 Biagio Andreucci , Arcangelo Castiglione

Benchmarks are essential for quantitatively tracking progress in AI. As AI agents become increasingly capable, researchers and practitioners have introduced agentic benchmarks to evaluate agents on complex, real-world tasks. These…

Software vulnerabilities are a challenge in cybersecurity. Manual security patches are often difficult and slow to be deployed, while new vulnerabilities are created. Binary code vulnerability detection is less studied and more complex…

Cryptography and Security · Computer Science 2024-04-15 Litao Li , Steven H. H. Ding , Andrew Walenstein , Philippe Charland , Benjamin C. M. Fung

Large language model (LLM) agents are increasingly capable of autonomously conducting cyberattacks, posing significant threats to existing applications. This growing risk highlights the urgent need for a real-world benchmark to evaluate the…

AI agents are rapidly gaining capabilities that could significantly reshape cybersecurity, making rigorous evaluation urgent. A critical capability is exploitation: turning a vulnerability, which is not yet an attack, into a concrete…

Assessing the exploitability of software vulnerabilities at the time of disclosure is difficult and error-prone, as features extracted via technical analysis by existing metrics are poor predictors for exploit development. Moreover,…

Cryptography and Security · Computer Science 2022-02-04 Octavian Suciu , Connor Nelson , Zhuoer Lyu , Tiffany Bao , Tudor Dumitras

Agentic AI coding systems can inspect repositories, plan implementation steps, edit files, call tools, run tests, and submit pull requests. These capabilities make software and hardware development faster in some settings, but current…

Software Engineering · Computer Science 2026-05-21 Christopher Koch

As language models (LMs) are used to build autonomous agents in real environments, ensuring their adversarial robustness becomes a critical challenge. Unlike chatbots, agents are compound systems with multiple components taking actions,…

Machine Learning · Computer Science 2025-02-06 Chen Henry Wu , Rishi Shah , Jing Yu Koh , Ruslan Salakhutdinov , Daniel Fried , Aditi Raghunathan
‹ Prev 1 2 3 10 Next ›