A Qualitative Usability Evaluation of the Clang Static Analyzer and {libFuzzer} with {CS} Students and {CTF} Players
S Plöger, M Meier, M Smith - … on Usable Privacy and Security (SOUPS …, 2021 - usenix.org
Testing software for bugs and vulnerabilities is an essential aspect of secure software
development. Two paradigms are particularly prevalent in this domain: static and dynamic …
development. Two paradigms are particularly prevalent in this domain: static and dynamic …
Operand-Variation-Oriented Differential Analysis for Fuzzing Binding Calls in PDF Readers
Binding calls of embedded scripting engines introduce a serious attack surface in PDF
readers. To effectively test binding calls, the knowledge of parameter types is necessary …
readers. To effectively test binding calls, the knowledge of parameter types is necessary …
SoK: On the analysis of web browser security
J Lim, Y Jin, M Alharthi, X Zhang, J Jung… - arXiv preprint arXiv …, 2021 - arxiv.org
Web browsers are integral parts of everyone's daily life. They are commonly used for
security-critical and privacy sensitive tasks, like banking transactions and checking medical …
security-critical and privacy sensitive tasks, like banking transactions and checking medical …
Evaluating seed selection for fuzzing JavaScript engines
JavaScript (JS), as a platform-independent programming language, remains to be the most
popular language over the years. However, popular JavaScript engines that have been …
popular language over the years. However, popular JavaScript engines that have been …
[PDF][PDF] COOPER: Testing the Binding Code of Scripting Languages with Cooperative Mutation.
Scripting languages like JavaScript are being integrated into commercial software to support
easy file modification. For example, Adobe Acrobat accepts JavaScript to dynamically …
easy file modification. For example, Adobe Acrobat accepts JavaScript to dynamically …
What is in the Chrome Web Store? Investigating Security-Noteworthy Browser Extensions
S Hsu, M Tran, A Fass - arXiv preprint arXiv:2406.12710, 2024 - arxiv.org
This paper is the first attempt at providing a holistic view of the Chrome Web Store (CWS).
We leverage historical data provided by ChromeStats to study global trends in the CWS and …
We leverage historical data provided by ChromeStats to study global trends in the CWS and …
[HTML][HTML] ESFuzzer: An Efficient Way to Fuzz WebAssembly Interpreter
J Han, Z Zhang, Y Du, W Wang, X Chen - Electronics, 2024 - mdpi.com
WebAssembly code is designed to run in a sandboxed environment, such as a web browser,
providing a high level of security and isolation from the underlying operating system and …
providing a high level of security and isolation from the underlying operating system and …
基于前馈神经网络的编译器测试用例生成方法
徐浩然, 王勇军, 黄志坚, 解培岱, 范书珲 - 软件学报, 2022 - jos.org.cn
编译器模糊测试, 是测试编译器功能性与安全性的常用技术之一. 模糊测试器通过产生语法正确
的测试用例, 对编译器的深层代码展开测试. 近来, 基于循环神经网络的深度学习模型被引入编译 …
的测试用例, 对编译器的深层代码展开测试. 近来, 基于循环神经网络的深度学习模型被引入编译 …
[HTML][HTML] MSLFuzzer: black-box fuzzing of SOHO router devices via message segment list inference
Y Cheng, W Fan, W Huang, J Yang, G Yu, W Liu - Cybersecurity, 2023 - Springer
The popularity of small office and home office routers has brought convenience, but it also
caused many security issues due to vulnerabilities. Black-box fuzzing through network …
caused many security issues due to vulnerabilities. Black-box fuzzing through network …
[PDF][PDF] МЕТОД ГЕНЕРАЦИИ СЕМАНТИЧЕСКИ КОРРЕКТНОГО КОДА ДЛЯ ФАЗЗИНГЕТЕСТИРОВАНИЯ ИНТЕРПРЕТАТОРОВ JAVASCRIPT
АВ Козачок, АА Спирин, НС Ерохина - Вопросы кибербезопасности, 2023 - cyberrus.info
В 2023 году согласно отчёту аналитического агент-контент веб-сайтов. Веб-браузеры
совершенствуются ства Meltwater4 в мире насчитывается 5, 16 милли-и становятся все …
совершенствуются ства Meltwater4 в мире насчитывается 5, 16 милли-и становятся все …