做事过头
发表于 2025-3-25 07:23:00
Towards Automating Code-Reuse Attacks Using Synthesized Gadget Chains limiting its applicability to specific exploitation scenarios. Instead of using heuristics to find a gadget chain, we offload this task to an SMT solver. More specifically, we build a logical formula that encodes the CPU and memory state at the time when the attacker can divert execution flow to th
里程碑
发表于 2025-3-25 11:16:25
Peeler: Profiling Kernel-Level Events to Detect Ransomwarent the contextual behavior of applications by leveraging Bidirectional Encoder Representations from Transformers (BERT) pre-trained model. We evaluate Peeler on a large ransomware dataset including 67 ransomware families and demonstrate that it achieves a 99.5% F1-score.
Osmosis
发表于 2025-3-25 14:29:28
Mingling of Clear and Muddy Water: Understanding and Detecting Semantic Confusion in Blackhat SEO blackhat SEO websites with a precision of 98.35%. We further analyzed 57,477 long-tail keywords promoted by blackhat SEO and found more than 157 SEO campaigns. Finally, we deployed . into the gateway of a campus network for ten months and detected 23,093 domains with malicious semantic confusion co
有其法作用
发表于 2025-3-25 18:35:40
An Explainable Online Password Strength Estimator password has its calculated rank, and gives the user insight on how to pick a better password..We implemented PESrank in Python and conducted an extensive evaluation study of it. We also integrated it into the registration page of a course at our university. Even with a model based on 905 million p
Admonish
发表于 2025-3-25 22:24:44
http://reply.papertrans.cn/24/2339/233867/233867_25.png
TOXIN
发表于 2025-3-26 03:36:24
How to (Legally) Keep Secrets from Mobile Operatorsbad, secure channels are often subject to mass surveillance in the name of (inter)national security. Some protocols are constructed to allow easy data interception . Others are designed to preserve data privacy and are either subverted or prohibited to use without trapdoors..We introduce ., a primit
无礼回复
发表于 2025-3-26 08:07:42
A Formal Security Analysis of Session Resumption Across Hostnamesing a previous session. In practice, this is often done via ., where the server provides a “self-encrypted” ticket containing the shared secret to its clients. A client may resume its session by sending the ticket to the server, which allows the server to retrieve the shared secret stored within the
Nutrient
发表于 2025-3-26 11:57:31
Caught in the Web: DoS Vulnerabilities in Parsers for Structured Datacks with input that causes algorithms to execute in disproportionately large time and/or space. We generalise the characteristics of these vulnerabilities, and frame them in terms of three aspects, .: (1) the . of composite data structures formed by the internal representation of parsed data, (2) th
雄伟
发表于 2025-3-26 15:57:40
: An Enduring Timing Side-Channel to Evade Online Malware Sandboxeshe sandbox that provides an instrumented and isolated environment (virtualized or emulated) for any user to upload and run unknown artifacts and identify potentially malicious behaviors. The provided API and the wealth of information in the reports produced by these services have also helped attacke
诱使
发表于 2025-3-26 17:08:09
Characterizing GPU Overclocking Faults such as crypto-mining and neural-network training. It is common to overclock a GPU to gain performance, however this practice may introduce calculation faults. In our work, we lay the foundations to exploiting these faults, by characterizing their formation and structure. We find that temperature i