Concept

Heartbleed

Related publications (26)

Emergence of highly coherent two-level systems in a noisy and dense quantum network

Quantum sensors and qubits are usually two-level systems (TLS), the quantum analogues of classical bits assuming binary values 0 or 1. They are useful to the extent to which superpositions of 0 and 1 persist despite a noisy environment. The standard prescr ...

Berlin2024

Arvin: Greybox Fuzzing Using Approximate Dynamic CFG Analysis

Mathias Josef Payer, Sirus Shahini

Fuzzing has emerged as the most broadly used testing technique to discover bugs. Effective fuzzers rely on coverage to prioritize inputs that exercise new program areas. Edge-based code coverage of the Program Under Test (PUT) is the most commonly used cov ...

ASSOC COMPUTING MACHINERY2023

ACTOR: Action-Guided Kernel Fuzzing

Mathias Josef Payer

Fuzzing reliably and efficiently finds bugs in software, including operating system kernels. In general, higher code coverage leads to the discovery of more bugs. This is why most existing kernel fuzzers adopt strategies to generate a series of inputs that ...

Berkeley2023

MINERVA: Browser API Fuzzing with Dynamic Mod-Ref Analysis

Mathias Josef Payer, Yu Jiang, Chijin Zhou

Browser APIs are essential to the modern web experience. Due to their large number and complexity, they vastly expand the attack surface of browsers. To detect vulnerabilities in these APIs, fuzzers generate test cases with a large amount of random API inv ...

New York2022

PROFACTORY: Improving IoT Security via Formalized Protocol Customization

Mathias Josef Payer, Fei Wang, Duo Xu, Xiangyu Zhang

As IoT applications gain widespread adoption, it becomes important to design and implement IoT protocols with security. Existing research in protocol security reveals that the majority of disclosed protocol vulnerabilities are caused by incorrectly impleme ...

USENIX ASSOC2022

Seed Selection for Successful Fuzzing

Mathias Josef Payer

Mutation-based greybox fuzzing-unquestionably the most widely-used fuzzing technique-relies on a set of non-crashing seed inputs (a corpus) to bootstrap the bug-finding process. When evaluating a fuzzer, common approaches for constructing this corpus inclu ...

ASSOC COMPUTING MACHINERY2021

Gramatron: Effective Grammar-Aware Fuzzing

Mathias Josef Payer

Fuzzers aware of the input grammar can explore deeper program states using grammar-aware mutations. Existing grammar-aware fuzzers are ineffective at synthesizing complex bug triggers due to: (i) grammars introducing a sampling bias during input generation ...

ASSOC COMPUTING MACHINERY2021

Contextual Semi-Supervised Learning: An Approach To Leverage Air-Surveillance and Untranscribed ATC Data in ASR Systems

Petr Motlicek, Juan Pablo Zuluaga Gomez, Amrutha Prasad

Air traffic management and specifically air-traffic control (ATC) rely mostly on voice communications between Air Traffic Controllers (ATCos) and pilots. In most cases, these voice communications follow a well-defined grammar that could be leveraged in Aut ...

ISCA-INT SPEECH COMMUNICATION ASSOC2021

FuZZan: Efficient Sanitizer Metadata Design for Fuzzing

Mathias Josef Payer

Fuzzing is one of the most popular and effective techniques for finding software bugs. To detect triggered bugs, fuzzers leverage a variety of sanitizers in practice. Unfortunately, sanitizers target long running experiments-e.g., developer test suites-not ...

USENIX ASSOC2020

Load-induced dynamical transitions at graphene interfaces

Gabriel Aeppli, Ming Ma

The structural superlubricity (SSL), a state of near-zero friction between two contacted solid surfaces, has been attracting rapidly increasing research interest since itwas realized in microscale graphite in 2012. An obvious question concerns the implicat ...

2020

Graph Chatbot

Chat with Graph Search

Ask any question about EPFL courses, lectures, exercises, research, news, etc. or try the example questions below.

DISCLAIMER: The Graph Chatbot is not programmed to provide explicit or categorical answers to your questions. Rather, it transforms your questions into API requests that are distributed across the various IT services officially administered by EPFL. Its purpose is solely to collect and recommend relevant references to content that you can explore to help you answer your questions.