Hi, there 👋¶
This is a website that posts notes for papers I read every week.
Recent posts¶
See the note archives for a more complete list.
MiniBox: A Two-Way Sandbox for x86 Native Code (ACT’14) - 2022-01-28
Link: https://www.usenix.org/conference/atc14/technical-sessions/presentation/li_yanlin
Provides a two-way sandbox for x86 native code:
Asleep at the Keyboard? Assessing the Security of GitHub Copilot’s Code Contributions - 2021-12-29
A Survey on Firmware Security - 2021-12-25
Paper List:
Automatic Firmware Emulation through Invalidity-guided Knowledge Inference - 2021-11-17
Link: https://www.usenix.org/confere/usenixsecurity21/presentation/zhou
A Survey on Security of Automatic Generated Code - 2021-11-10
Towards Automatic Generation of Vulnerability-Based Signatures
Exploiting and Protecting Dynamic Code Generation (NDSS’ 15)
Reinforcement Learning-based Hierarchical Seed Scheduling for Greybox Fuzzing - 2021-11-04
paper link: https://www.cs.ucr.edu/~heng/pubs/afl-hier.pdf
A Survey on Fuzzing - 2021-10-27
Conceptually, a fuzzing test starts with generating massive normal and abnormal inputs to target applications, and try to detect exceptions by feeding the generated inputs to the target applications and monitoring the execution states. 1
SeqTrans: Automatic Vulnerability Fix via Sequence to Sequence Learning - 2021-10-20
Link: https://arxiv.org/pdf/2010.10805
Software vulnerability can be viewed as a specific category of bugs that are still mainly solved by programmers’ manual efforts. An automated method based on Neural Machine Translation (NMT), which is previously used for bugs repairs, can also be transfered to target on the vulnerability fixes after fine-tuning.
LIGHTBLUE: Automatic Profile-Aware Debloating of Bluetooth Stacks (USENIX Security’21) - 2021-09-25
Paper & Presentation: https://www.usenix.org/conference/usenixsecurity21/presentation/wu-jianliang
Bluetooth standards and their implementations are diverse and complex, which contains many functionalities that never be required in the common scenarios. Those useless parts actually extend the attack surface.