Fuzz testing (fuzzing) has witnessed its prosperity in detecting security flaws recently. It
generates a large number of test cases and monitors the executions for defects. Fuzzing has …

Automated detection of software vulnerabilities is a fundamental problem in software
security. Existing program analysis techniques either suffer from high false positives or false …

The constantly increasing number of disclosed security vulnerabilities have become an
important concern in the software industry and in the field of cybersecurity, suggesting that …

System auditing provides a low-level view into cyber threats by monitoring system entity
interactions. In response to advanced cyber-attacks, one prevalent solution is to apply data …

Among the many software testing techniques available today, fuzzing has remained highly
popular due to its conceptual simplicity, its low barrier to deployment, and its vast amount of …

The large transformer-based language models demonstrate excellent performance in
natural language processing. By considering the transferability of the knowledge gained by …

Existing Greybox Fuzzers (GF) cannot be effectively directed, for instance, towards
problematic changes or patches, towards critical system calls or dangerous locations, or …

CPU vulnerabilities undermine the security guarantees provided by software-and hardware-
security improvements. While the discovery of transient-execution attacks increased the …

The vast majority of security breaches encountered today are a direct result of insecure
code. Consequently, the protection of computer systems critically depends on the rigorous …

Work on automating vulnerability discovery has long been hampered by a shortage of
ground-truth corpora with which to evaluate tools and techniques. This lack of ground truth …