Zobrazeno 1 - 10
of 57
pro vyhledávání: '"Böhme, Marcel"'
Autor:
Risse, Niklas, Böhme, Marcel
According to our survey of the machine learning for vulnerability detection (ML4VD) literature published in the top Software Engineering conferences, every paper in the past 5 years defines ML4VD as a binary classification problem: Given a function,
Externí odkaz:
http://arxiv.org/abs/2408.12986
How to find memory safety bugs efficiently when navigating a symbolic execution tree that suffers from path explosion? Existing solutions either adopt path search heuristics to maximize coverage rate or chopped symbolic execution to skip uninterestin
Externí odkaz:
http://arxiv.org/abs/2408.08772
Autor:
Lee, Seongmin, Böhme, Marcel
It might seem counter-intuitive at first: We find that, in expectation, the proportion of data points in an unknown population-that belong to classes that do not appear in the training data-is almost entirely determined by the number $f_k$ of classes
Externí odkaz:
http://arxiv.org/abs/2402.05835
Autor:
Böhme, Marcel
Research in cybersecurity may seem reactive, specific, ephemeral, and indeed ineffective. Despite decades of innovation in defense, even the most critical software systems turn out to be vulnerable to attacks. Time and again. Offense and defense fore
Externí odkaz:
http://arxiv.org/abs/2402.01944
Autor:
Barthe, Gilles, Böhme, Marcel, Cauligi, Sunjay, Chuengsatiansup, Chitchanok, Genkin, Daniel, Guarnieri, Marco, Romero, David Mateos, Schwabe, Peter, Wu, David, Yarom, Yuval
How will future microarchitectures impact the security of existing cryptographic implementations? As we cannot keep reducing the size of transistors, chip vendors have started developing new microarchitectural optimizations to speed up computation. A
Externí odkaz:
http://arxiv.org/abs/2402.00641
Autor:
Risse, Niklas, Böhme, Marcel
Recent results of machine learning for automatic vulnerability detection (ML4VD) have been very promising. Given only the source code of a function $f$, ML4VD techniques can decide if $f$ contains a security flaw with up to 70% accuracy. However, as
Externí odkaz:
http://arxiv.org/abs/2306.17193
This report outlines the objectives, methodology, challenges, and results of the first Fuzzing Competition held at SBFT 2023. The competition utilized FuzzBench to assess the code-coverage performance and bug-finding efficacy of eight participating f
Externí odkaz:
http://arxiv.org/abs/2304.10070
Autor:
Mirzamomen, Zahra, Böhme, Marcel
Some bugs cannot be exposed by program inputs, but only by certain program environments. During execution, most programs access various resources, like databases, files, or devices, that are external to the program and thus part of the program's envi
Externí odkaz:
http://arxiv.org/abs/2304.10044
While the aim of fuzzer evaluation is to establish fuzzer performance in general, an evaluation is always conducted on a specific benchmark. In this paper, we investigate the degree to which the benchmarking result depends on the properties of the be
Externí odkaz:
http://arxiv.org/abs/2212.09519
Autor:
Böhme, Marcel1 marcel.boehme@acm.org, Manès, Valentin J. M.2 valentinmanes@outlook.fr, Sang Kil Cha2 sangkilc@kaist.ac.kr
Publikováno v:
Communications of the ACM. Nov2023, Vol. 66 Issue 11, p89-97. 9p.