English
Related papers

Related papers: Detecting Fileless Cryptojacking in PowerShell Usi…

200 papers

The serverless platform aims to facilitate cloud applications' straightforward deployment, scaling, and management. Unfortunately, the distributed nature of serverless computing makes it difficult to port traditional security tools…

Distributed, Parallel, and Cluster Computing · Computer Science 2025-03-11 Chuang Li , Lanfang Huang , Dian He , Yanhua Wen , Gang Liu , Lixin Duan

Code retrieval, which retrieves code snippets based on users' natural language descriptions, is widely used by developers and plays a pivotal role in real-world software development. The advent of deep learning has shifted the retrieval…

Software Engineering · Computer Science 2024-12-17 Wenchao Gu , Ensheng Shi , Yanlin Wang , Lun Du , Shi Han , Hongyu Zhang , Dongmei Zhang , Michael R. Lyu

Memory disclosure attacks play an important role in the exploitation of memory corruption vulnerabilities. By analyzing recent research, we observe that bypasses of defensive solutions that enforce control-flow integrity or attempt to…

Cryptography and Security · Computer Science 2020-07-08 Robert Gawlik , Philipp Koppe , Benjamin Kollenda , Andre Pawlowski , Behrad Garmany , Thorsten Holz

Dynamic analysis methods effectively identify shelled, wrapped, or obfuscated malware, thereby preventing them from invading computers. As a significant representation of dynamic malware behavior, the API (Application Programming Interface)…

Cryptography and Security · Computer Science 2023-12-14 Pei Yan , Shunquan Tan , Miaohui Wang , Jiwu Huang

The increasing complexity of modern software systems exacerbates the prevalence of security vulnerabilities, posing risks of severe breaches and substantial economic loss. Consequently, robust code vulnerability detection is essential for…

Cryptography and Security · Computer Science 2025-10-09 Zhiyuan Wei , Xiaoxuan Yang , Jing Sun , Zijian Zhang

Automated detection of software vulnerabilities is critical for enhancing security, yet existing methods often struggle with the complexity and diversity of modern codebases. In this paper, we introduce EnStack, a novel ensemble stacking…

Software Engineering · Computer Science 2024-11-26 Shahriyar Zaman Ridoy , Md. Shazzad Hossain Shaon , Alfredo Cuzzocrea , Mst Shapna Akter

A new cybersecurity attack,where an adversary illicitly runs crypto-mining software over the devices of unaware users, is emerging in both the literature and in the wild . This attack, known as cryptojacking, has proved to be very effective…

Cryptography and Security · Computer Science 2022-08-09 Maurantonio Caprolu , Simone Raponi , Gabriele Oligeri , Roberto Di Pietro

With the introduction of memory-bound cryptocurrencies, such as Monero, the implementation of mining code in browser-based JavaScript has become a worthwhile alternative to dedicated mining rigs. Based on this technology, a new form of…

Cryptography and Security · Computer Science 2018-08-30 Marius Musch , Christian Wressnegger , Martin Johns , Konrad Rieck

We present AuthREST, an open-source security testing tool targeting broken authentication, one of the most prevalent API security risks in the wild. AuthREST automatically tests web APIs for credential stuffing, password brute forcing, and…

Cryptography and Security · Computer Science 2025-09-15 Davide Corradini , Mariano Ceccato , Mohammad Ghafari

Ransomware has emerged as a persistent cybersecurity threat,leveraging robust encryption schemes that often remain unbroken even after public disclosure of source code. Motivated by the technical resilience of such mechanisms, this paper…

Cryptography and Security · Computer Science 2025-04-17 Jiahui Shang , Luning Zhang , Zhongxiang Zheng

Software vulnerabilities pose significant security threats, requiring effective mitigation. While Automated Program Repair (APR) has advanced in fixing general bugs, vulnerability patching, a security-critical aspect of APR remains…

Software Engineering · Computer Science 2025-06-06 Zanis Ali Khan , Aayush Garg , Qiang Tang

Pre-trained language models of code are now widely used in various software engineering tasks such as code generation, code completion, vulnerability detection, etc. This, in turn, poses security and reliability risks to these models. One…

Software Engineering · Computer Science 2024-11-01 Thanh-Dat Nguyen , Yang Zhou , Xuan Bach D. Le , Patanamon Thongtanunam , David Lo

Cryptojacking is the permissionless use of a target device to covertly mine cryptocurrencies. With cryptojacking, attackers use malicious JavaScript codes to force web browsers into solving proof-of-work puzzles, thus making money by…

Cryptography and Security · Computer Science 2023-04-27 Muhammad Saad , David Mohaisen

Trojanized software packages used in software supply chain attacks constitute an emerging threat. Unfortunately, there is still a lack of scalable approaches that allow automated and timely detection of malicious software packages and thus…

Cryptography and Security · Computer Science 2021-03-22 Marc Ohm , Lukas Kempf , Felix Boes , Michael Meier

Widespread use of memory unsafe programming languages (e.g., C and C++) leaves many systems vulnerable to memory corruption attacks. A variety of defenses have been proposed to mitigate attacks that exploit memory errors to hijack the…

Cryptography and Security · Computer Science 2018-03-13 Thomas Nyman , Ghada Dessouky , Shaza Zeitouni , Aaro Lehikoinen , Andrew Paverd , N. Asokan , Ahmad-Reza Sadeghi

Deep learning (DL) models for natural language-to-code generation have become integral to modern software development pipelines. However, their heavy reliance on large amounts of data, often collected from unsanitized online sources,…

Cryptography and Security · Computer Science 2025-09-01 Cristina Improta

Malware authors commonly use obfuscation to hide API identities in binary files, making analysis difficult and time-consuming for a human expert to understand the behavior and intent of the program. Automatic API prediction tools are…

Cold boot attacks inspect the corrupted random access memory soon after the power has been shut down. While most of the bits have been corrupted, many bits, at random locations, have not. Since the keys in many encryption schemes are being…

Cryptography and Security · Computer Science 2021-06-10 Itamar Zimerman , Eliya Nachmani , Lior Wolf

Automated malware analysis increasingly relies on machine learning, yet most existing methods remain task-specific and depend on handcrafted features or narrowly scoped models. Recent developments in binary-level foundation models suggest a…

Cryptography and Security · Computer Science 2026-05-19 Saastha Vasan , Yuzhou Nie , Kaie Chen , Yigitcan Kaya , Hojjat Aghakhani , Roman Vasilenko , Wenbo Guo , Christopher Kruegel , Giovanni Vigna

Phishing remains the most pervasive threat to the Web, enabling large-scale credential theft and financial fraud through deceptive webpages. While recent reference-based and generative-AI-driven phishing detectors achieve strong accuracy,…

Cryptography and Security · Computer Science 2026-03-03 Tailai Song , Pedro Casas , Michela Meo