HTTPS MITM attacks based on the shared TLS certificates as HTTPS Context Confusion Attack (SCC Attack)
Measurement of CFI solutions’ security
FuzzGuard: Filtering out Unreachable Inputs in Directed Grey-box Fuzzing through Deep Learning
Abstract:This paper proposed a deep-learning-based approach to predict the reachability of inputs before executing the target program, helping DGF filtering out the unreachable ones to boost the performance of fuzzing.
Abstract:A large-scale automated measurement of the WCD attack proposed in 2017.
Poison Over Troubled Forwarders: A Cache Poisoning Attack Targeting DNS Forwarding Devices
A cache poisoning attack targeting DNS forwarders.
Improve fuzzing efficiency with lightweight data flow analysis.
Fuzzing Android Binder services with automated interface analysis.
AI-based Side Channel and Covert Channel Detection.
Generate adversarial Chinese texts with Glyph and Pinyin mutation.
A Large-Scale Empirical Study on Vulnerability Distribution within Projects and the Lessons Learned
Empirical Study on Vulnerability Distribution within Projects.
Amplification Attacks Based on HTTP Range Requests