English
Related papers

Related papers: Detecting Fileless Cryptojacking in PowerShell Usi…

200 papers

Increasing numbers of software vulnerabilities are discovered every year whether they are reported publicly or discovered internally in proprietary code. These vulnerabilities can pose serious risk of exploit and result in system…

Local fine-tuning datasets routinely contain sensitive secrets such as API keys, personal identifiers, and financial records. Although ''local offline fine-tuning'' is often viewed as a privacy boundary, we reveal that compromised model…

Cryptography and Security · Computer Science 2026-05-01 Zi Li , Tian Zhou , Wenze Li , Jingyu Hua , Yunlong Mao , Sheng Zhong

The correct adoption of cryptography APIs is challenging for mainstream developers, often resulting in widespread API misuse. Meanwhile, cryptography misuse detectors have demonstrated inconsistent performance and remain largely…

Cryptography and Security · Computer Science 2024-09-11 Ehsan Firouzi , Mohammad Ghafari , Mike Ebrahimi

In this work we present the Secure Machine, SeM for short, a CPU architecture extension for secure computing. SeM uses a small amount of in-chip additional hardware that monitors key communication channels inside the CPU chip, and only acts…

Cryptography and Security · Computer Science 2018-03-13 Ofir Shwartz , Yitzhak Birk

Among many prevailing malware, crypto-ransomware poses a significant threat as it financially extorts affected users by creating denial of access via unauthorized encryption of their documents as well as holding their documents hostage and…

Cryptography and Security · Computer Science 2020-11-25 Nitin Pundir , Mark Tehranipoor , Fahim Rahman

Substring-searchable symmetric encryption (substring-SSE) has become increasingly critical for privacy-preserving applications in cloud systems. However, existing schemes remain vulnerable to information leakage during search operations,…

Cryptography and Security · Computer Science 2025-11-04 Xijie Ba , Qin Liu , Xiaohong Li , Jianting Ning

Researchers have investigated the potential of leveraging pre-trained language models, such as CodeBERT, to enhance source code-related tasks. Previous methodologies have relied on CodeBERT's '[CLS]' token as the embedding representation of…

Computation and Language · Computer Science 2024-09-04 Yong Ma , Senlin Luo , Yu-Ming Shang , Yifei Zhang , Zhengjun Li

Spectre attacks exploit microprocessor speculative execution to read and transmit forbidden data outside the attacker's trust domain and sandbox. Recent hardware schemes allow potentially-unsafe speculative accesses but prevent the secret's…

Hardware Architecture · Computer Science 2023-06-14 Conor Green , Cole Nelson , Mithuna Thottethodi , T. N. Vijaykumar

Neural code models have been increasingly incorporated into software development processes. However, their susceptibility to backdoor attacks presents a significant security risk. The state-of-the-art understanding focuses on…

Software Engineering · Computer Science 2025-12-23 Junyao Ye , Zhen Li , Xi Tang , Shouhuai Xu , Deqing Zou , Zhongsheng Yuan

Large Language Models (LLMs) are redefining offensive cybersecurity by allowing the generation of harmful machine code with minimal human intervention. While attackers take advantage of dark LLMs such as XXXGPT and WolfGPT to produce…

Cryptography and Security · Computer Science 2026-04-14 Ricardo Bessa , Rui Claro , João Trindade , João Lourenço

Pre-trained programming language (PL) models (such as CodeT5, CodeBERT, GraphCodeBERT, etc.,) have the potential to automate software engineering tasks involving code understanding and code generation. However, these models operate in the…

Computation and Language · Computer Science 2023-04-20 Akshita Jha , Chandan K. Reddy

The security of scripting languages such as PowerShell is critical given their powerful automation and administration capabilities, often exercised with elevated privileges. Today, securing these languages still demands substantial human…

Cryptography and Security · Computer Science 2026-01-13 Keyang Zhang , Zeyu Chen , Xuan Feng , Dongliang Fang , Yaowen Zheng , Zhi Li , Limin Sun

Host-based cryptomining malware, commonly known as cryptojackers, have gained notoriety for their stealth and the significant financial losses they cause in Linux-based cloud environments. Existing solutions often struggle with scalability…

Cryptography and Security · Computer Science 2025-10-22 Gyeonghoon Park , Jaehan Kim , Jinu Choi , Jinwoo Kim

The widespread deployment of control-flow integrity has propelled non-control data attacks into the mainstream. In the domain of OS kernel exploits, by corrupting critical non-control data, local attackers can directly gain root access or…

Cryptography and Security · Computer Science 2024-09-10 Jinmeng Zhou , Jiayi Hu , Ziyue Pan , Jiaxun Zhu , Wenbo Shen , Guoren Li , Zhiyun Qian

Large Language Models (LLMs) can generate plausible code, but in settings that require exact stdin/stdout behavior they frequently produce programs that compile yet fail tests, and in some cases they introduce security-sensitive patterns.…

Cryptography and Security · Computer Science 2026-01-06 Suryansh Singh Sijwali , Suman Saha

In recent years, the growing complexity and scale of source code have rendered manual software vulnerability detection increasingly impractical. To address this challenge, automated approaches leveraging machine learning and code embeddings…

Software Engineering · Computer Science 2025-09-17 Talaya Farasat , Joachim Posegga

Dynamic malware analysis executes the program in an isolated environment and monitors its run-time behaviour (e.g. system API calls) for malware detection. This technique has been proven to be effective against various code obfuscation…

Cryptography and Security · Computer Science 2020-01-27 Zhaoqi Zhang , Panpan Qi , Wei Wang

Source code can be parsed into the abstract syntax tree (AST) based on defined syntax rules. However, in pre-training, little work has considered the incorporation of tree structure into the learning process. In this paper, we present…

Machine Learning · Computer Science 2021-07-16 Xue Jiang , Zhuoran Zheng , Chen Lyu , Liang Li , Lei Lyu

The current cybersecurity landscape is increasingly complex, with traditional Static Application Security Testing (SAST) tools struggling to capture complex and emerging vulnerabilities due to their reliance on rule-based matching.…

Cryptography and Security · Computer Science 2024-11-25 Mete Keltek , Rong Hu , Mohammadreza Fani Sani , Ziyue Li

Smart contracts have transformed decentralized finance by enabling programmable, trustless transactions. However, their widespread adoption and growing financial significance have attracted persistent and sophisticated threats, such as…

Cryptography and Security · Computer Science 2025-08-13 Pasquale De Rosa , Pascal Felber , Valerio Schiavoni