Package managers have become a vital part of the modern software development process.
They allow developers to reuse third-party code, share their own code, minimize their …

Fuzzing is an important technique in software and security testing that involves continuously
generating a large number of test cases against target programs to discover unexpected …

Software vulnerabilities undermine the security of applications. By blocking unused
functionality, the impact of potential exploits can be reduced. While seccomp provides a …

Intel Software Guard eXtension (SGX) is the cornerstone of Confidential Computing,
enabling runtime code and data integrity and confidentiality via enclaves. Unfortunately …

Mobile application developers rely heavily on opensource software (OSS) to offload
common functionalities such as the implementation of protocols and media format playback …

Internet of Things (IoT) is hard to deploy adequate security defenses due to the diversity of
architectures as well as the limited computing and storage capabilities, which makes it more …

With the proliferation of malware on IoT devices, research on IoT malicious code has also
become more mature. Most studies use learning models to detect or classify malware …

Knowledge of a program's input format is essential for effective input generation in fuzzing.
Automated input format reverse engineering represents an attractive but challenging …

Fault injection attacks can cause errors in software for malicious purposes. Oftentimes,
vulnerable points of a program are detected after its development. It is therefore critical for …

With the rapid expansion of the Internet of Things, a vast number of microcontroller-based
(MCU) IoT devices are now susceptible to attacks through the Internet. Vulnerabilities within …