6 matches found
PickleFuzzer: A Case Study in Fuzzing for Discrepancies between Python Pickle Implementations
Python's native serialization protocol, pickle, is a powerful but insecure format for transferring untrusted data. It is frequently used, especially for saving machine learning models, despite known security challenges. While developers sometimes mitigate this risk by restricting imports during...
RVISmith: Fuzzing Compilers for RVV Intrinsics
Modern processors are equipped with single instruction multiple data SIMD instructions for fine-grained data parallelism. Compiler auto-vectorization techniques that target SIMD instructions face performance limitations due to insufficient information available at compile time, requiring...
LLM-Based Dynamic Differential Testing for Database Connectors with Reinforcement Learning-Guided Prompt Selection
Database connectors are critical components enabling applications to interact with underlying database management systems DBMS, yet their security vulnerabilities often remain overlooked. Unlike traditional software defects, connector vulnerabilities exhibit subtle behavioral patterns and are...
TokenProber: Jailbreaking Text-To-Image Models Via Fine-Grained Word Impact Analysis
Text-to-image T2I models have significantly advanced in producing high-quality images. However, such models have the ability to generate images containing not-safe-for-work NSFW content, such as pornography, violence, political content, and discrimination. To mitigate the risk of generating NSFW...
OpDiffer: LLM-Assisted Opcode-Level Differential Testing of Ethereum Virtual Machine
As Ethereum continues to thrive, the Ethereum Virtual Machine EVM has become the cornerstone powering tens of millions of active smart contracts. Intuitively, security issues in EVMs could lead to inconsistent behaviors among smart contracts or even denial-of-service of the entire blockchain...
Auditing Web Applications Firewalls: LightBulb
Auditing Web Applications Firewalls LightBulb is an open source python framework for auditing web applications firewalls Web Applications Firewalls WAFs are fundamental building blocks of modern application security. For example, the PCI standard for organizations handling credit card transaction...