Relevant bibliographies by topics / Model fuzzing / Journal articles
To see the other types of publications on this topic, follow the link: Model fuzzing.

Journal articles on the topic 'Model fuzzing'

Author: Grafiati
Published: 28 June 2021
Last updated: 29 July 2025

Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles

Select a source type:

Consult the top 50 journal articles for your research on the topic 'Model fuzzing.'

Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.

You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.

Browse journal articles on a wide variety of disciplines and organise your bibliography correctly.

1

Pan, Yan, Wei Lin, Liang Jiao, and Yuefei Zhu. "Model-Based Grey-Box Fuzzing of Network Protocols." Security and Communication Networks 2022 (May 5, 2022): 1–13. http://dx.doi.org/10.1155/2022/6880677.

Full text
Abstract:
The widely used network protocols play a crucial role in various systems. However, the protocol vulnerabilities caused by the design of the network protocol or its implementation by programmers lead to multiple security incidents and substantial losses. Hence, it is important to study the protocol fuzzing in order to ensure its correctness. However, the challenges of protocol fuzzing are the mutation of protocol messages and the deep interactivity of the protocol implementation. This paper proposes a model-based grey-box fuzzing approach for protocol implementations, including the server-side
APA, Harvard, Vancouver, ISO, and other styles
2

Yang, Yixiao. "Improve Model Testing by Integrating Bounded Model Checking and Coverage Guided Fuzzing." Electronics 12, no. 7 (2023): 1573. http://dx.doi.org/10.3390/electronics12071573.

Full text
Abstract:
Eectromechanical systems built by Simulink or Ptolemy have been widely used in industry fields, such as autonomous systems and robotics. It is an urgent need to ensure the safety and security of those systems. Test case generation technologies are widely used to ensure the safety and security. State-of-the-art testing tools employ model-checking techniques or search-based methods to generate test cases. Traditional search-based techniques based on Simulink simulation are plagued by problems such as low speed and high overhead. Traditional model-checking techniques such as symbolic execution ha
APA, Harvard, Vancouver, ISO, and other styles
3

Zhang, Yifan, Kailong Zhu, Jie Peng, Yuliang Lu, Qian Chen, and Zixiong Li. "StatePre: A Large Language Model-Based State-Handling Method for Network Protocol Fuzzing." Electronics 14, no. 10 (2025): 1931. https://doi.org/10.3390/electronics14101931.

Full text
Abstract:
As essential components for communication, network protocol programs are highly security-critical, making it crucial to identify their vulnerabilities. Fuzzing is one of the most popular software vulnerability discovery techniques, being highly efficient and having low false-positive rates. However, current network protocol fuzzing is hindered by the coarse-grained and missing state annotations in programs. The current solutions primarily rely on the manual modification of programs, which is inefficient and prone to omissions. In this paper, we propose StatePre, a novel state-handling method f
APA, Harvard, Vancouver, ISO, and other styles
4

Lin, Mingmin, Yingpei Zeng, and Yang Li. "RegFuzz: A Linear Regression-Based Approach for Seed Scheduling in Directed Fuzzing." Electronics 12, no. 17 (2023): 3650. http://dx.doi.org/10.3390/electronics12173650.

Full text
Abstract:
Directed fuzzing aims to focus on fuzzing specific locations within a target program to enhance the efficiency of vulnerability discovery. However, directed fuzzing may yield fewer vulnerabilities and obtain lower code coverage when the specified locations have little to no vulnerabilities. Additionally, the existing directed fuzzing approaches often overlook the differences in variable values when calculating distances between seeds and specific locations. In order to address these issues, this paper introduces RegFuzz, a method that improves seed scheduling in directed fuzzing. RegFuzz utili
APA, Harvard, Vancouver, ISO, and other styles
5

Zhu, Xue Yong, and Zhi Yong Wu. "A New Fuzzing Technique Using Niche Genetic Algorithm." Advanced Materials Research 756-759 (September 2013): 4050–58. http://dx.doi.org/10.4028/www.scientific.net/amr.756-759.4050.

Full text
Abstract:
Current advanced Fuzzing technique can only implement vulnerability mining on a single vulnerable statement each time, and this paper proposes a new multi-dimension Fuzzing technique, which uses niche genetic algorithm to generate test cases and can concurrently approach double vulnerable targets with the minimum cost on the two vulnerable statements each time. For that purpose, a corresponding mathematical model and the minimum cost theorem are presented. The results of the experiment show that the efficiency of the new proposed Fuzzing technique is much better than current advanced Fuzzing t
APA, Harvard, Vancouver, ISO, and other styles
6

Cheng, Mingjie, Kailong Zhu, Yuanchao Chen, Yuliang Lu, Chiyu Chen, and Jiayi Yu. "Reinforcement Learning-Based Multi-Phase Seed Scheduling for Network Protocol Fuzzing." Electronics 13, no. 24 (2024): 4962. https://doi.org/10.3390/electronics13244962.

Full text
Abstract:
In network protocol fuzzing, effective seed scheduling plays a critical role in improving testing efficiency. Traditional state-driven seed scheduling methods in network protocol fuzzing are often limited by imbalanced seed selection, monolithic scheduling strategies, and ineffective power allocation. To overcome these limitations, we propose SCFuzz, specifically by employing a multi-armed bandit model to dynamically balance exploration and exploitation across multiple fuzzing phases. The fuzzing process is divided into initial, middle, and final phases with seed selection strategies adapted a
APA, Harvard, Vancouver, ISO, and other styles
7

Wang, Yunzhi, and Yufeng Li. "DCGFuzz: An Embedded Firmware Security Analysis Method with Dynamically Co-Directional Guidance Fuzzing." Electronics 13, no. 8 (2024): 1433. http://dx.doi.org/10.3390/electronics13081433.

Full text
Abstract:
Microcontroller Units (MCUs) play a vital role in embedded devices due to their energy efficiency and scalability. The firmware in MCUs contains vulnerabilities that can lead to digital and physical harm. However, testing MCU firmware faces challenges due to various tool limitations and unavailable firmware details. To address this problem, research is turning to fuzzing and rehosting. Due to the inherent imbalance in computational resources of the fuzzing algorithm and the lack of consideration for the computational resource requirements of rehosting methods, some hardware behavior-related pa
APA, Harvard, Vancouver, ISO, and other styles
8

Xie, Yuchong, Wenhui Zhang, and Dongdong She. "ZTaint-Havoc: From Havoc Mode to Zero-Execution Fuzzing-Driven Taint Inference." Proceedings of the ACM on Software Engineering 2, ISSTA (2025): 917–39. https://doi.org/10.1145/3728916.

Full text
Abstract:
Fuzzing is a popular software testing technique for discovering vulnerabilities. A central problem in fuzzing is identifying hot bytes that can influence program behavior. Taint analysis can track the data flow of hot bytes in a white-box fashion, but it often suffers from stability issues and cannot run on large real-world programs. Fuzzing-Driven Taint Inference (FTI) is a simple black-box technique to track hot bytes for fuzzing. It monitors the dynamic program behaviors of program execution instances and further infers hot bytes in a black-box fashion. However, this method requires additio
APA, Harvard, Vancouver, ISO, and other styles
9

Muduli, Sujit Kumar, and Subhajit Roy. "Satisfiability modulo fuzzing: a synergistic combination of SMT solving and fuzzing." Proceedings of the ACM on Programming Languages 6, OOPSLA2 (2022): 1236–63. http://dx.doi.org/10.1145/3563332.

Full text
Abstract:
Programming languages and software engineering tools routinely encounter components that are difficult to reason on via formal techniques or whose formal semantics are not even available—third-party libraries, inline assembly code, SIMD instructions, system calls, calls to machine learning models, etc. However, often access to these components is available as input-output oracles—interfaces are available to query these components on certain inputs to receive the respective outputs. We refer to such functions as closed-box functions . Regular SMT solvers are unable to handle such closed-box fun
APA, Harvard, Vancouver, ISO, and other styles
10

Böhme, Marcel, Valentin J. M. Manès, and Sang Kil Cha. "Boosting Fuzzer Efficiency: An Information Theoretic Perspective." Communications of the ACM 66, no. 11 (2023): 89–97. http://dx.doi.org/10.1145/3611019.

Full text
Abstract:
In this paper, we take the fundamental perspective of fuzzing as a learning process. Suppose before fuzzing, we know nothing about the behaviors of a program P : What does it do? Executing the first test input, we learn how P behaves for this input. Executing the next input, we either observe the same or discover a new behavior. As such, each execution reveals "some amount" of information about P 's behaviors. A classic measure of information is Shannon's entropy. Measuring entropy allows us to quantify how much is learned from each generated test input about the behaviors of the program. With
APA, Harvard, Vancouver, ISO, and other styles
11

Du, Chunlai, Zhijian Cui, Yanhui Guo, Guizhi Xu, and Zhongru Wang. "MemConFuzz: Memory Consumption Guided Fuzzing with Data Flow Analysis." Mathematics 11, no. 5 (2023): 1222. http://dx.doi.org/10.3390/math11051222.

Full text
Abstract:
Uncontrolled heap memory consumption, a kind of critical software vulnerability, is utilized by attackers to consume a large amount of heap memory and consequently trigger crashes. There have been few works on the vulnerability fuzzing of heap consumption. Most of them, such as MemLock and PerfFuzz, have failed to consider the influence of data flow. We proposed a heap memory consumption guided fuzzing model named MemConFuzz. It extracts the locations of heap operations and data-dependent functions through static data flow analysis. Based on the data dependency, we proposed a seed selection al
APA, Harvard, Vancouver, ISO, and other styles
12

Chen, Juxing, Yuanchao Chen, Zulie Pan, et al. "DynER: Optimized Test Case Generation for Representational State Transfer (REST)ful Application Programming Interface (API) Fuzzers Guided by Dynamic Error Responses." Electronics 13, no. 17 (2024): 3476. http://dx.doi.org/10.3390/electronics13173476.

Full text
Abstract:
Modern web services widely provide RESTful APIs for clients to access their functionality programmatically. Fuzzing is an emerging technique for ensuring the reliability of RESTful APIs. However, the existing RESTful API fuzzers repeatedly generate invalid requests due to unawareness of errors in the invalid tested requests and lack of effective strategy to generate legal value for the incorrect parameters. Such limitations severely hinder the fuzzing performance. In this paper, we propose DynER, a new test case generation method guided by dynamic error responses during fuzzing. DynER designs
APA, Harvard, Vancouver, ISO, and other styles
13

Li, Xiaoting, Xiao Liu, Lingwei Chen, Rupesh Prajapati, and Dinghao Wu. "ALPHAPROG: Reinforcement Generation of Valid Programs for Compiler Fuzzing." Proceedings of the AAAI Conference on Artificial Intelligence 36, no. 11 (2022): 12559–65. http://dx.doi.org/10.1609/aaai.v36i11.21527.

Full text
Abstract:
Fuzzing is a widely-used testing technique to assure software robustness. However, automatic generation of high-quality test suites is challenging, especially for software that takes in highly-structured inputs, such as the compilers. Compiler fuzzing remains difficult as generating tons of syntactically and semantically valid programs is not trivial. Most previous methods either depend on human-crafted grammars or heuristics to learn partial language patterns. They both suffer from the completeness issue that is a classic puzzle in software testing. To mitigate the problem, we propose a knowl
APA, Harvard, Vancouver, ISO, and other styles
14

Kim, Minho, Seongbin Park, Jino Yoon, Minsoo Kim, and Bong-Nam Noh. "File Analysis Data Auto-Creation Model For Peach Fuzzing." Journal of the Korea Institute of Information Security and Cryptology 24, no. 2 (2014): 327–33. http://dx.doi.org/10.13089/jkiisc.2014.24.2.327.

Full text
APA, Harvard, Vancouver, ISO, and other styles
15

Teplyuk, Pavel A., and Alexey G. Yakunin. "Methodology for fuzzing Linux kernel system calls using large language models." Proceedings of Tomsk State University of Control Systems and Radioelectronics 27, no. 3 (2024): 85–91. https://doi.org/10.21293/1818-0442-2024-27-3-85-91.

Full text
Abstract:
A pressing issue in organizing Linux kernel fuzzing testing is creating system call specifications – special declarative descriptions that are subsequently used by a fuzzer to generate system call sequences. This is mostly manual work that requires deep knowledge, takes a lot of time, and does not exclude the error factor. Research is currently underway to automate the process of creating such specifications. The paper considers approaches to generate system call specifications KSG, SyzDescribe, and KernelGPT that have proven themselves in detecting unique kernel crashes during fuzz testing. A
APA, Harvard, Vancouver, ISO, and other styles
16

Du, Chunlai, Yanhui Guo, Yifan Feng, and Shijie Zheng. "HotCFuzz: Enhancing Vulnerability Detection through Fuzzing and Hotspot Code Coverage Analysis." Electronics 13, no. 10 (2024): 1909. http://dx.doi.org/10.3390/electronics13101909.

Full text
Abstract:
Software vulnerabilities present a significant cybersecurity threat, particularly as software code grows in size and complexity. Traditional vulnerability-mining techniques face challenges in keeping pace with this complexity. Fuzzing, a key automated vulnerability-mining approach, typically focuses on code branch coverage, overlooking syntactic and semantic elements of the code. In this paper, we introduce HotCFuzz, a novel vulnerability-mining model centered on the coverage of hot code blocks. Leveraging vulnerability syntactic features to identify these hot code blocks, we devise a seed sel
APA, Harvard, Vancouver, ISO, and other styles
17

Xu, Haoran, Yongjun Wang, Zhiyuan Jiang, Shuhui Fan, Shaojing Fu, and Peidai Xie. "Fuzzing JavaScript engines with a syntax-aware neural program model." Computers & Security 144 (September 2024): 103947. http://dx.doi.org/10.1016/j.cose.2024.103947.

Full text
APA, Harvard, Vancouver, ISO, and other styles
18

Zhang, Zhiyu, Longxing Li, Ruigang Liang, and Kai Chen. "Unlocking Low Frequency Syscalls in Kernel Fuzzing with Dependency-Based RAG." Proceedings of the ACM on Software Engineering 2, ISSTA (2025): 848–70. https://doi.org/10.1145/3728913.

Full text
Abstract:
Most coverage-guided kernel fuzzers test operating system kernels based on syscall sequence synthesis. However, there are still syscalls rarely or not covered (called low frequency syscalls, LFS) in a period of fuzzing, meaning the relevant code branches remain unexplored. This is due to the complex dependencies of the LFS and mutation uncertainty, which makes it difficult for fuzzers to generate corresponding syscall sequences. Since many kernel fuzzers can dynamically learn syscall dependencies from the current corpus based on the choice table mechanism, providing comprehensive and high-qual
APA, Harvard, Vancouver, ISO, and other styles
19

Liu, Yuying, Pin Yang, Peng Jia, Ziheng He, and Hairu Luo. "MalFuzz: Coverage-guided fuzzing on deep learning-based malware classification model." PLOS ONE 17, no. 9 (2022): e0273804. http://dx.doi.org/10.1371/journal.pone.0273804.

Full text
Abstract:
With the continuous development of deep learning, more and more domains use deep learning technique to solve key problems. The security issues of deep learning models have also received more and more attention. Nowadays, malware has become a huge security threat in cyberspace. Traditional signature-based malware detection methods are not adaptable to the current large-scale malware detection. Thus many deep learning-based malware detection models are widely used in real malware detection scenarios. Therefore, we need to secure the deep learning-based malware detection models. However, model te
APA, Harvard, Vancouver, ISO, and other styles
20

Klimis, Vasileios, Jack Clark, Alan Baker, David Neto, John Wickerson, and Alastair F. Donaldson. "Taking Back Control in an Intermediate Representation for GPU Computing." Proceedings of the ACM on Programming Languages 7, POPL (2023): 1740–69. http://dx.doi.org/10.1145/3571253.

Full text
Abstract:
We describe our experiences successfully applying lightweight formal methods to substantially improve and reformulate an important part of Standard Portable Intermediate Representation SPIRV, an industry-standard language for GPU computing. The formal model that we present has allowed us to (1) identify several ambiguities and needless complexities in the way that structured control flow was defined in the SPIRV specification; (2) interact with the authors of the SPIRV specification to rectify these problems; (3) validate the developer tools and conformance test suites that support the SPIRV l
APA, Harvard, Vancouver, ISO, and other styles
21

Borcherding, Anne, Martin Morawetz, and Steffen Pfrang. "Smarter Evolution: Enhancing Evolutionary Black Box Fuzzing with Adaptive Models." Sensors 23, no. 18 (2023): 7864. http://dx.doi.org/10.3390/s23187864.

Full text
Abstract:
Smart production ecosystems are a valuable target for attackers. In particular, due to the high level of connectivity introduced by Industry 4.0, attackers can potentially attack individual components of production systems from the outside. One approach to strengthening the security of industrial control systems is to perform black box security tests such as network fuzzing. These are applicable, even if no information on the internals of the control system is available. However, most security testing strategies assume a gray box setting, in which some information on the internals are availabl
APA, Harvard, Vancouver, ISO, and other styles
22

Song, Guang Jun, Chun Lan Zhao, and Ming Li. "Study on Software Vulnerability Dynamic Discovering System." Applied Mechanics and Materials 151 (January 2012): 673–77. http://dx.doi.org/10.4028/www.scientific.net/amm.151.673.

Full text
Abstract:
Developed a new system model of software vulnerability discovering, which was based on fuzzing, feature matching of API sequences and data mining. Overcame the disadvantages of old techniques, this new method effectively improves the detection of potential unknown security vulnerabilities in software. Besides, this method is more automated and performs better in finding new security vulnerabilities.
APA, Harvard, Vancouver, ISO, and other styles
23

Guan, Quan Long, Guo Xiang Yao, Kai Bin Ni, and Mei Xiu Zhou. "Research on Fuzzing Test Data Engine for Web Vulnerability." Advanced Materials Research 211-212 (February 2011): 500–504. http://dx.doi.org/10.4028/www.scientific.net/amr.211-212.500.

Full text
Abstract:
With the rapid growth of e-commerce, various types of complex applications appear in web environments. web-based system testing is different from traditional software testing. The unpredictability of Internet and web systems makes it difficult to test web-based system. This paper presents an engine for Fuzzing test data towards web control vulnerabilities, and introduces "heuristic rules" and "tagged words" to generate the test data. This method can increase the intelligence of security testing and build the foundation of web vulnerability detection model.
APA, Harvard, Vancouver, ISO, and other styles
24

Zong, Xuejun, Wenjie Luo, Bowei Ning, Kan He, Lian Lian, and Yifei Sun. "DiffusionFuzz: Fuzzing Framework of Industrial Control Protocols Based on Denoising Diffusion Probabilistic Model." IEEE Access 12 (2024): 67795–808. http://dx.doi.org/10.1109/access.2024.3399820.

Full text
APA, Harvard, Vancouver, ISO, and other styles
25

Zeng, Yingpei, Mingmin Lin, Shanqing Guo, et al. "MultiFuzz: A Coverage-Based Multiparty-Protocol Fuzzer for IoT Publish/Subscribe Protocols." Sensors 20, no. 18 (2020): 5194. http://dx.doi.org/10.3390/s20185194.

Full text
Abstract:
The publish/subscribe model has gained prominence in the Internet of things (IoT) network, and both Message Queue Telemetry Transport (MQTT) and Constrained Application Protocol (CoAP) support it. However, existing coverage-based fuzzers may miss some paths when fuzzing such publish/subscribe protocols, because they implicitly assume that there are only two parties in a protocol, which is not true now since there are three parties, i.e., the publisher, the subscriber and the broker. In this paper, we propose MultiFuzz, a new coverage-based multiparty-protocol fuzzer. First, it embeds multiple-
APA, Harvard, Vancouver, ISO, and other styles
26

Gao, Sudi, Yueying Luo, and Tan Yang. "Research on River Water Environmental Capacity Based on Triangular Fuzzy Technology." E3S Web of Conferences 236 (2021): 03018. http://dx.doi.org/10.1051/e3sconf/202123603018.

Full text
Abstract:
Based on the randomness and ambiguity characteristics of the river water environment system, as well as the lack and inaccuracy of data information, the water environment system parameters are defined as triangular fuzzy numbers. On this basis, by fuzzing the parameters of the conventional deterministic model, a fuzzy model for calculating river water environmental capacity is established. According to this model, the river water environment capacity in the form of triangular fuzzy numbers can be calculated. According to the requirements of a given level of credibility, the water environment c
APA, Harvard, Vancouver, ISO, and other styles
27

Song, Xuyan, Ruxian Zhang, Qingqing Dong, and Baojiang Cui. "Grey-Box Fuzzing Based on Reinforcement Learning for XSS Vulnerabilities." Applied Sciences 13, no. 4 (2023): 2482. http://dx.doi.org/10.3390/app13042482.

Full text
Abstract:
Cross-site scripting (XSS) vulnerabilities are significant threats to web applications. The number of XSS vulnerabilities reported has increased annually for the past three years, posing a considerable challenge to web application maintainers. Black-box scanners are mainstream tools for security engineers to perform penetration testing and detect XSS vulnerabilities. Unfortunately, black-box scanners rely on crawlers to find input points of web applications and cannot guarantee all input points are tested. To this end, we propose a grey-box fuzzing method based on reinforcement learning, which
APA, Harvard, Vancouver, ISO, and other styles
28

Okokpujie, Kennedy, Grace Chinyere Kennedy, Vingi Patrick Nzanzu, Mbasa Joaquim Molo, Emmanuel Adetiba, and Joke Badejo. "ANOMALY-BASED INTRUSION DETECTION FOR A VEHICLE CAN BUS: A CASE FOR HYUNDAI AVANTE CN7." Journal of Southwest Jiaotong University 56, no. 5 (2021): 144–56. http://dx.doi.org/10.35741/issn.0258-2724.56.5.14.

Full text
Abstract:
Flooding, spoofing, replay, and fuzzing are common in various types of attacks faced by enterprises and various network systems. In-vehicle network systems are not immune to attacks and threats. Intrusion detection systems using different algorithms are proposed to enhance the security of the in-vehicle network. We use a dataset provided and collected in "Car Hacking: Attack and Defense Challenge" during 2020. This dataset has been realized by the organizers of the challenge for security researchers. With the aid of this dataset, the work aimed to develop attack and detection techniques of Con
APA, Harvard, Vancouver, ISO, and other styles
29

Brooker, Marc, and Ankush Desai. "Systems Correctness Practices at AWS." Queue 22, no. 6 (2024): 79–96. https://doi.org/10.1145/3712057.

Full text
Abstract:
Building reliable and secure software requires a range of approaches to reason about systems correctness. Alongside industry-standard testing methods (such as unit and integration testing), AWS has adopted model checking, fuzzing, property-based testing, fault-injection testing, deterministic simulation, event-based simulation, and runtime validation of execution traces. Formal methods have been an important part of the development process - perhaps most importantly, formal specifications as test oracles that provide the correct answers for many of AWS's testing practices. Correctness testing
APA, Harvard, Vancouver, ISO, and other styles
30

Dong, Guofang, Pu Sun, Wenbo Shi, and Chang Choi. "A novel valuation pruning optimization fuzzing test model based on mutation tree for industrial control systems." Applied Soft Computing 70 (September 2018): 896–902. http://dx.doi.org/10.1016/j.asoc.2018.02.036.

Full text
APA, Harvard, Vancouver, ISO, and other styles
31

Song, Yahui, Xiang Gao, Wenhua Li, Wei-Ngan Chin, and Abhik Roychoudhury. "ProveNFix: Temporal Property-Guided Program Repair." Proceedings of the ACM on Software Engineering 1, FSE (2024): 226–48. http://dx.doi.org/10.1145/3643737.

Full text
Abstract:
Model checking has been used traditionally for finding violations of temporal properties. Recently, testing or fuzzing approaches have also been applied to software systems to find temporal property violations. However, model checking suffers from state explosion, while fuzzing can only partially cover program paths. Moreover, once a violation is found, the fix for the temporal error is usually manual. In this work, we develop the first compositional static analyzer for temporal properties, and the analyzer supports a proof-based repair strategy to fix temporal bugs automatically. To enable a
APA, Harvard, Vancouver, ISO, and other styles
32

Dai, Xinghua, Shengrong Gong, Shan Zhong, and Zongming Bao. "Bilinear CNN Model for Fine-Grained Classification Based on Subcategory-Similarity Measurement." Applied Sciences 9, no. 2 (2019): 301. http://dx.doi.org/10.3390/app9020301.

Full text
Abstract:
One of the challenges in fine-grained classification is that subcategories with significant similarity are hard to be distinguished due to the equal treatment of all subcategories in existing algorithms. In order to solve this problem, a fine-grained image classification method by combining a bilinear convolutional neural network (B-CNN) and the measurement of subcategory similarities is proposed. Firstly, an improved weakly supervised localization method is designed to obtain the bounding box of the main object, which allows the model to eliminate the influence of background noise and obtain
APA, Harvard, Vancouver, ISO, and other styles
33

Wang, Xiandong, Jianmin He, and Shouwei Li. "Compound Option Pricing under Fuzzy Environment." Journal of Applied Mathematics 2014 (2014): 1–9. http://dx.doi.org/10.1155/2014/875319.

Full text
Abstract:
Considering the uncertainty of a financial market includes two aspects: risk and vagueness; in this paper, fuzzy sets theory is applied to model the imprecise input parameters (interest rate and volatility). We present the fuzzy price of compound option by fuzzing the interest and volatility in Geske’s compound option pricing formula. For eachα, theα-level set of fuzzy prices is obtained according to the fuzzy arithmetics and the definition of fuzzy-valued function. We apply a defuzzification method based on crisp possibilistic mean values of the fuzzy interest rate and fuzzy volatility to obt
APA, Harvard, Vancouver, ISO, and other styles
34

Nayak, Prerana, Vanditha M, and Sanjay Tippannavar. "Smart Intrusion Detection System for CAN Network Implemented using LSTM Strategy." International Journal of Innovative Research in Advanced Engineering 10, no. 03 (2023): 98–105. http://dx.doi.org/10.26562/ijirae.2023.v1003.08.

Full text
Abstract:
In today's cars, communication between electronic control units is managed via the Controller Area Network (CAN) bus system. Nevertheless, the CAN bus system lacks means for authentication and authorisation, making it susceptible to attacks like denial-of-service, fuzzing, and spoofing. To identify and counteract CAN bus network intrusions, this study suggests an intrusion detection system based on a Long Short-Term Memory (LSTM) model. Extraction of attack-free data and attack injection produced the dataset used for testing and training. Findings show that the suggested LSTM model has a great
APA, Harvard, Vancouver, ISO, and other styles
35

Kim, Taeguen, Jiyoon Kim, and Ilsun You. "An Anomaly Detection Method Based on Multiple LSTM-Autoencoder Models for In-Vehicle Network." Electronics 12, no. 17 (2023): 3543. http://dx.doi.org/10.3390/electronics12173543.

Full text
Abstract:
The CAN (Controller Area Network) protocol is widely adopted for in-vehicle networks due to its cost efficiency and reliable transmission. However, despite its popularity, the protocol lacks built-in security mechanisms, making it vulnerable to attacks such as flooding, fuzzing, and DoS. These attacks can exploit vulnerabilities and disrupt the expected behavior of the in-vehicle network. One of the main reasons for these security concerns is that the protocol relies on broadcast frames for communication between ECUs (Electronic Control Units) within the network. To tackle this issue, we prese
APA, Harvard, Vancouver, ISO, and other styles
36

Liu, Xiao, Xiaoting Li, Rupesh Prajapati, and Dinghao Wu. "DeepFuzz: Automatic Generation of Syntax Valid C Programs for Fuzz Testing." Proceedings of the AAAI Conference on Artificial Intelligence 33 (July 17, 2019): 1044–51. http://dx.doi.org/10.1609/aaai.v33i01.33011044.

Full text
Abstract:
Compilers are among the most fundamental programming tools for building software. However, production compilers remain buggy. Fuzz testing is often leveraged with newlygenerated, or mutated inputs in order to find new bugs or security vulnerabilities. In this paper, we propose a grammarbased fuzzing tool called DEEPFUZZ. Based on a generative Sequence-to-Sequence model, DEEPFUZZ automatically and continuously generates well-formed C programs. We use this set of new C programs to fuzz off-the-shelf C compilers, e.g., GCC and Clang/LLVM. We present a detailed case study to analyze the success ra
APA, Harvard, Vancouver, ISO, and other styles
37

Wang, Enze, Wei Xie, Shuhuan Li, et al. "Large Language Model-Powered Protected Interface Evasion: Automated Discovery of Broken Access Control Vulnerabilities in Internet of Things Devices." Sensors 25, no. 9 (2025): 2913. https://doi.org/10.3390/s25092913.

Full text
Abstract:
Broken access control vulnerabilities pose significant security risks to the protected web interfaces of IoT devices, enabling adversaries to gain unauthorized access to sensitive configurations and even use them as stepping stones for attacking the intranet. Despite its ranking as the first in the latest OWASP Top 10, there remains a lack of effective methodologies to detect these vulnerabilities systematically. We present ACBreaker, a novel methodology powered by a large language model (LLM), to effectively identify broken access control vulnerabilities in the protected web interfaces of IoT
APA, Harvard, Vancouver, ISO, and other styles
38

Ahmadi-Pour, Sallar, Mathis Logemann, Vladimir Herdt, and Rolf Drechsler. "Synergistic Verification of Hardware Peripherals through Virtual Prototype Aided Cross-Level Methodology Leveraging Coverage-Guided Fuzzing and Co-Simulation." Chips 2, no. 3 (2023): 195–208. http://dx.doi.org/10.3390/chips2030012.

Full text
Abstract:
In this paper, we propose a Virtual Prototype (VP) driven verification methodology for Hardware (HW) peripherals. In particular, we combine two approaches that complement each other and use the VP as a readily available reference model: We use (A) Coverage-Guided Fuzzing (CGF) which enables comprehensive verification at the unit-level of the Register-Transfer Level (RTL) HW peripheral with a Transaction Level Modeling (TLM) reference, and (B) an application-driven co-simulation-based approach that enables verification of the HW peripheral at the system-level. As a case-study, we utilize a RISC
APA, Harvard, Vancouver, ISO, and other styles
39

Su, Xing, Hanzhong Liang, Hao Wu, Ben Niu, Fengyuan Xu, and Sheng Zhong. "DiSCo: Towards Decompiling EVM Bytecode to Source Code using Large Language Models." Proceedings of the ACM on Software Engineering 2, FSE (2025): 2311–34. https://doi.org/10.1145/3729373.

Full text
Abstract:
Understanding the Ethereum smart contract bytecode is essential for ensuring cryptoeconomics security. However, existing decompilers primarily convert bytecode into pseudocode, which is not easily comprehensible for general users, potentially leading to misunderstanding of contract behavior and increased vulnerability to scams or exploits. In this paper, we propose DiSCo, the first LLMs-based EVM decompilation pipeline, which aims to enable LLMs to understand the opaque bytecode and lift it into smart contract code. DiSCo introduces three core technologies. First, a logic-invariant intermediat
APA, Harvard, Vancouver, ISO, and other styles
40

Basavaraj, Dheeraj, and Shahab Tayeb. "Towards a Lightweight Intrusion Detection Framework for In-Vehicle Networks." Journal of Sensor and Actuator Networks 11, no. 1 (2022): 6. http://dx.doi.org/10.3390/jsan11010006.

Full text
Abstract:
With the emergence of networked devices, from the Internet of Things (IoT) nodes and cellular phones to vehicles connected to the Internet, there has been an ever-growing expansion of attack surfaces in the Internet of Vehicles (IoV). In the past decade, there has been a rapid growth in the automotive industry as network-enabled and electronic devices are now integral parts of vehicular ecosystems. These include the development of automobile technologies, namely, Connected and Autonomous Vehicles (CAV) and electric vehicles. Attacks on IoV may lead to malfunctioning of Electronic Control Unit
APA, Harvard, Vancouver, ISO, and other styles
41

Sharkov, Ivan Vladimirovich. "Protocol automata recovery method using binary code." Proceedings of the Institute for System Programming of the RAS 34, no. 5 (2022): 43–62. http://dx.doi.org/10.15514/ispras-2022-34(5)-3.

Full text
Abstract:
Security analysis of network programs includes set of reverse engineering tasks of network protocols. Data formats restoring and implemented protocol automaton are the previous task issues. Unlike quite researched problem of formats restoring where there are lots of scientist’s papers, finding out the protocol's automaton program implementation looks like terra incognita and the cornerstone is a protocol state description currently undefined. There are two general ways to retrieve the implemented protocol automaton: an analysis of the network traces and looking into binary trace of the target
APA, Harvard, Vancouver, ISO, and other styles
42

Wang, Ziqi, Debao Bu, Weihan Tian, and Baojiang Cui. "Analyzing and Discovering Spatial Algorithm Complexity Vulnerabilities in Recursion." Applied Sciences 14, no. 5 (2024): 1855. http://dx.doi.org/10.3390/app14051855.

Full text
Abstract:
The algorithmic complexity vulnerability (ACV) that may lead to denial of service attacks greatly disrupts the security and availability of applications, and due to the widespread use of third-party libraries, its impact may be amplified through the software supply chain. The existing work in the field is dedicated to abstract loop or iterative patterns and fuzzing the entire application to discover algorithm complexity vulnerabilities, but they still face efficiency and effectiveness issues. Our research focuses on: (1) proposing a representation and extraction method for code features relate
APA, Harvard, Vancouver, ISO, and other styles
43

Hajar Halili, Siti, Norharyanti Mohsin, Zamzami Zainuddin, Juliana Othman, and Shukri Sulaiman. "Designing the open-badges guideline based on the fuzzy Delphi method." Edelweiss Applied Science and Technology 8, no. 4 (2024): 1841–55. http://dx.doi.org/10.55214/25768484.v8i4.1556.

Full text
Abstract:
This study aims to obtain expert consensus on the appropriate elements of open badge learning guidelines. The Fuzzy Delphi Method (FDM) was used to reach a consensus from 20 experts with different backgrounds. These guidelines were designed and developed based on the Fuzzy Delphi Method (FDM) as well as the integration of the ASSURE instructional design model by Heinich, Molenda, and Russell (1993). The guidelines were evaluated by selected experts using several criteria, and data were collected through questionnaires. Based on the results of the study, all items meet the requirements in the n
APA, Harvard, Vancouver, ISO, and other styles
44

Chen, Fan, Gengsheng He, Shun Dong, et al. "Space-Time Effect Prediction of Blasting Vibration Based on Intelligent Automatic Blasting Vibration Monitoring System." Applied Sciences 12, no. 1 (2021): 12. http://dx.doi.org/10.3390/app12010012.

Full text
Abstract:
The vibration produced by blasting excavation in urban underground engineering has a significant influence on the surrounding environment, and the strength of vibration intensity involves many influencing factors. In order to predict the space-time effects of blasting vibration more accurately, an automatic intelligent monitoring system is constructed based on the rough set fuzzy neural network blasting vibration characteristic parameter prediction model and the network blasting vibrator (TC-6850). By setting up the regional monitoring network of monitoring points, the obtained monitoring data
APA, Harvard, Vancouver, ISO, and other styles
45

Draissi, Oussama, Tobias Cloosters, David Klein, et al. "Wemby’s Web: Hunting for Memory Corruption in WebAssembly." Proceedings of the ACM on Software Engineering 2, ISSTA (2025): 1326–49. https://doi.org/10.1145/3728937.

Full text
Abstract:
WebAssembly enables fast execution of performance-critical in web applications utilizing native code. However, recent research has demonstrated the potential for memory corruption errors within WebAssembly modules to exploit web applications. In this work, we present the first systematic analysis of memory corruption in WebAssembly, unveiling the prevalence of a novel threat model where memory corruption enables code injection on a victim’s browser. Our large-scale analysis across 37797 domains reveals that an alarming 29411 (77.81%) of those fully trust data coming from potentially attacker-c
APA, Harvard, Vancouver, ISO, and other styles
46

Zhang, Yujian, and Daifu Liu. "Toward Vulnerability Detection for Ethereum Smart Contracts Using Graph-Matching Network." Future Internet 14, no. 11 (2022): 326. http://dx.doi.org/10.3390/fi14110326.

Full text
Abstract:
With the blooming of blockchain-based smart contracts in decentralized applications, the security problem of smart contracts has become a critical issue, as vulnerable contracts have resulted in severe financial losses. Existing research works have explored vulnerability detection methods based on fuzzing, symbolic execution, formal verification, and static analysis. In this paper, we propose two static analysis approaches called ASGVulDetector and BASGVulDetector for detecting vulnerabilities in Ethereum smart contacts from source-code and bytecode perspectives, respectively. First, we design
APA, Harvard, Vancouver, ISO, and other styles
47

Pandhare, Harshad Vijay. "From Test Case Design to Test Data Generation: How AI is Redefining QA Processes." International Journal of Engineering and Computer Science 13, no. 12 (2024): 26737–57. https://doi.org/10.18535/ijecs.v13i12.4956.

Full text
Abstract:
The accelerating pace of software development, fueled by agile methodologies and continuous integration practices, has exposed the limitations of traditional Quality Assurance (QA) techniques. Manual test case design and static test data provisioning are no longer sufficient to meet the demands of modern software systems that require high reliability, rapid releases, and robust performance under varied conditions. This paper explores how Artificial Intelligence (AI) is fundamentally transforming QA workflows—particularly in the realms of test case design and test data generation. It examines t
APA, Harvard, Vancouver, ISO, and other styles
48

Tereshchenko, Oleksandr I. "Integration of NLP and machine learning methods for smart contract security: a comparison with traditional approaches." Informatics. Culture. Technology 1, no. 1 (2024): 207–11. http://dx.doi.org/10.15276/ict.01.2024.31.

Full text
Abstract:
In modern blockchain systems, smart contracts are one of the most critical components for ensuring the automated execution of agreements without the need for intermediaries. However, smart contracts written in languages like Solidity may contain vulnerabilities that can be exploited by malicious actors to steal funds or manipulate assets. Given the increasing number of attacks on smart contracts, the development of effective methods for detecting such vulnerabilities is crucial. Traditional approaches to detecting vulnerabilities in smart contracts include symbolic execution, fuzzing, formal v
APA, Harvard, Vancouver, ISO, and other styles
49

Guan, Hao, Guangdong Bai, and Yepang Liu. "CrossProbe: LLM-Empowered Cross-Project Bug Detection for Deep Learning Frameworks." Proceedings of the ACM on Software Engineering 2, ISSTA (2025): 2430–52. https://doi.org/10.1145/3728984.

Full text
Abstract:
Deep Learning (DL) models may introduce reliability challenges in the underlying DL frameworks. These frameworks may be prone to bugs that can lead to crash or wrong results, particularly when involving complex model architectures and substantial computational demands. Such framework bugs can disrupt DL applications, impacting customer experience and potentially causing financial losses. Traditional approaches to testing DL frameworks face limitations in adapting to the vast search space of model structures, diverse APIs, and the complexity of hybrid programming and hardware environments. Rece
APA, Harvard, Vancouver, ISO, and other styles
50

Cheng, Mingjie, Kailong Zhu, Yuanchao Chen, Guozheng Yang, Yuliang Lu, and Canju Lu. "MSFuzz: Augmenting Protocol Fuzzing with Message Syntax Comprehension via Large Language Models." Electronics 13, no. 13 (2024): 2632. http://dx.doi.org/10.3390/electronics13132632.

Full text
Abstract:
Network protocol implementations, as integral components of information communication, are critically important for security. Due to its efficiency and automation, fuzzing has become a popular method for protocol security detection. However, the existing protocol-fuzzing techniques face the critical problem of generating high-quality inputs. To address the problem, in this paper, we propose MSFuzz, which is a protocol-fuzzing method with message syntax comprehension. The core observation of MSFuzz is that the source code of protocol implementations contains detailed and comprehensive knowledge
APA, Harvard, Vancouver, ISO, and other styles
We offer discounts on all premium plans for authors whose works are included in thematic literature selections. Contact us to get a unique promo code!

To the bibliography