Export Citations
Save this search
Please login to be able to save your searches and receive alerts for new content matching your search criteria.
- research-articleNovember 2023
Enhancing OSS Patch Backporting with Semantics
CCS '23: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications SecurityPages 2366–2380https://doi.org/10.1145/3576915.3623188Keeping open-source software (OSS) up to date is one potential solution to prevent known vulnerabilities. However, it requires frequent and costly testing and may introduce compatibility issues. Consequently, developers often choose to backport security ...
- research-articleNovember 2023
PyRTFuzz: Detecting Bugs in Python Runtimes via Two-Level Collaborative Fuzzing
CCS '23: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications SecurityPages 1645–1659https://doi.org/10.1145/3576915.3623166Given the widespread use of Python and its sustaining impact, the security and reliability of the Python runtime system is highly and broadly critical. Yet with real-world bugs in Python runtimes being continuously and increasingly reported, technique/...
- research-articleNovember 2023
Improving Security Tasks Using Compiler Provenance Information Recovered At the Binary-Level
CCS '23: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications SecurityPages 2695–2709https://doi.org/10.1145/3576915.3623098The complex optimizations supported by modern compilers allow for compiler provenance recovery at many levels. For instance, it is possible to identify the compiler family and optimization level used when building a binary, as well as the individual ...
- research-articleNovember 2023
Formalizing, Verifying and Applying ISA Security Guarantees as Universal Contracts
CCS '23: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications SecurityPages 2083–2097https://doi.org/10.1145/3576915.3616602Progress has recently been made on specifying instruction set architectures (ISAs) in executable formalisms rather than through prose. However, to date, those formal specifications are limited to the functional aspects of the ISA and do not cover its ...