ArXivCSExplorer
☆☆Bookmarks🏆RSSHow to UseFAQ
Built with and by Teycir Ben Soltane•
How to Use•FAQ•GitHub•arXiv.org•
Share:

~ similar to 2605.25923v2· 20 results

cs.CRcs.LGRecentMay 7, 2026

Beyond the Wrapper: Identifying Artifact Reliance in Static Malware Classifiers using TRUSTEE

Riyazuddin Mohammed, Lan Zhang

The paper demonstrates that static malware classifiers often rely on superficial artifacts like packing and metadata rather than true malicious semantics, using the TRUSTEE interpretability tool to di…

View →
cs.CRRecentApr 25, 2026

AsmRAG: LLM-Driven Malware Detection by Retrieving Functionally Similar Assembly Code

ElMouatez Billah Karbab

AsmRAG is a novel framework that improves malware detection by treating it as an evidence-based retrieval task using a code-specialized LLM, achieving high accuracy while providing transparent forensi…

View →
cs.CRcs.SCRecentMay 25, 2026

Heimdall: Formally Verified Automated Migration of Legacy eBPF Programs to Rust

Vishnu Asutosh Dasu, Monika Santra, Md Rafi Ur Rashid, Ashish Kumar +2 more

The paper introduces Heimdall, an automated pipeline that uses LLMs and formal verification to safely and automatically migrate legacy, potentially buggy eBPF programs written in C to memory-safe Rust…

View →
cs.CRcs.AIRecentJun 1, 2026

Large Byte Model: Teaching Language Models About Compiled Code

Florian Störtz, Catalin-Andrei Stan, Alexandru Dinu, Sandra Servia-Rodríguez +3 more

The paper introduces the first byte-native Large Language Model (LLM) capable of analyzing raw executable binary data, achieving high accuracy in tasks like malware and architecture classification.

View →
cs.CRcs.AIRecentMay 7, 2026

LCC-LLM: Leveraging Code-Centric Large Language Models for Malware Attribution

Christopher G. Pedraza Pohlenz, Hassan Jalil Hadi, Ali Hassan, Ali Shoker

The paper introduces LCC-LLM, a code-centric framework and dataset that significantly improves the reliability of malware attribution and static analysis by grounding LLM reasoning in comprehensive, m…

View →
cs.CRRecentMay 15, 2026

MalwarePT: A Binary-Level Foundation Model for Malware Analysis

Saastha Vasan, Yuzhou Nie, Kaie Chen, Yigitcan Kaya +5 more

MalwarePT introduces a novel binary-level foundation model, pretrained on Windows PE code-section bytes using a ModernBERT-style encoder, demonstrating superior transfer learning capabilities across v…

View →
cs.CRcs.LGRecentApr 29, 2026

eDySec: A Deep Learning-based Explainable Dynamic Analysis Framework for Detecting Malicious Packages in PyPI Ecosystem

Sk Tanzir Mehedi, Raja Jurdak, Chadni Islam, Abu Bakar Siddique Mahi +1 more

eDySec introduces a deep learning framework for dynamic behavioral analysis that significantly improves the detection of malicious software packages in the PyPI ecosystem by enhancing stability and ex…

View →
cs.CRcs.AIRecentApr 22, 2026

Mythos and the Unverified Cage: Z3-Based Pre-Deployment Verification for Frontier-Model Sandbox Infrastructure

Dominik Blain

The paper introduces COBALT, a Z3 SMT-based formal verification engine, to proactively detect arithmetic vulnerabilities (CWE-190/191/195) in the critical infrastructure surrounding frontier AI models…

View →
cs.SEcs.CRRecentMay 21, 2026

Finding Missing Input Validation in TEEs via LLM-Assisted Symbolic Execution

Chengyan Ma, Jieke Shi, Ruidong Han, Ye Liu +2 more

The paper introduces SymTEE, an LLM-assisted symbolic execution framework that detects missing input validation vulnerabilities in TEE applications without needing complex, real TEE setups.

View →
cs.CRRecentMar 30, 2026

Attesting LLM Pipelines: Enforcing Verifiable Training and Release Claims

Zhuoran Tan, Jeremy Singer, Christos Anagnostopoulos

The paper proposes an attestation-aware promotion gate to mitigate supply-chain risks in LLM pipelines by cryptographically verifying and enforcing claims about training and release artifacts before d…

View →
cs.CRcs.LGRecentApr 30, 2026

Trident: Improving Malware Detection with LLMs and Behavioral Features

Rebecca Saul, Jingzhi Jiang, Elliott Chia, David Wagner

The paper introduces Trident, a novel malware detection system that combines static features, LLM-derived behavioral rules, and direct LLM analysis to achieve superior robustness against concept drift…

View →
cs.CRRecentMay 26, 2026

Batch Me If You Can: Coverage-guided RPKI Fuzzing at Scale

Haya Schulmann, Niklas Vogel

The paper introduces CAT, a novel coverage-guided fuzzing tool that overcomes the limitations of existing fuzzers for complex, multi-object cryptographic repositories like RPKI, leading to the discove…

View →
cs.CRcs.PLcs.SERecentApr 28, 2026

Symbolic Execution Meets Multi-LLM Orchestration: Detecting Memory Vulnerabilities in Incomplete Rust CVE Snippets

Zeyad Abdelrazek, Young Lee

The paper introduces a novel multi-LLM orchestration system combined with symbolic execution to successfully detect memory vulnerabilities in uncompilable, incomplete Rust CVE code snippets, achieving…

View →
cs.CRRecentMar 25, 2026

Bridging Code Property Graphs and Language Models for Program Analysis

Ahmed Lekssays

The paper introduces codebadger, a Model Context Protocol (MCP) server that integrates Joern's Code Property Graph (CPG) with LLMs, enabling large language models to perform large-scale, semantic prog…

View →
cs.CRcs.LGcs.SERecentApr 2, 2026

EXHIB: A Benchmark for Realistic and Diverse Evaluation of Function Similarity in the Wild

Yiming Fan, Jun Yeon Won, Ding Zhu, Melih Sirlanci +2 more

The paper introduces EXHIB, a comprehensive benchmark of five real-world datasets, to evaluate Function Similarity Detection, demonstrating that current models fail to generalize across diverse low- a…

View →
cs.CRcs.AIcs.MARecentApr 20, 2026

RAVEN: Retrieval-Augmented Vulnerability Exploration Network for Memory Corruption Analysis in User Code and Binary Programs

Parteek Jamwal, Minghao Shao, Boyuan Chen, Achyuta Muthuvelan +14 more

The paper introduces RAVEN, a Retrieval-Augmented Vulnerability Exploration Network, which uses LLM agents and RAG to automatically generate comprehensive, structured vulnerability analysis reports fo…

View →
cs.CRRecentMay 20, 2026

A Large Language Model Approach to Generating Bypass Rules for Malware Evasion in Analysis Sandbox

Zhiyong Sui, Lamine Noureddine, Mst Eshita Khatun, Sideeq Bello +2 more

The paper introduces ABLE, an LLM-based system that automatically generates YARA rules to bypass malware evasion checks in analysis sandboxes, achieving a 79% bypass success rate.

View →
cs.CRcs.AIRecentMay 7, 2026

Patch2Vuln: Agentic Reconstruction of Vulnerabilities from Linux Distribution Binary Patches

Isaac David, Arthur Gervais

The paper introduces Patch2Vuln, a pipeline that uses an LLM agent to reconstruct security vulnerabilities by analyzing differences between old and new Linux binary packages, successfully localizing p…

View →
cs.CRRecentMay 26, 2026

Resolving the Correct Library: A Loader-Level Defense Solution Against Shared Object Hijacking

Can Ozkan, Dave Singelee

The paper proposes a novel loader-centric verification framework that cryptographically enforces the authenticity of shared objects resolved by the dynamic linker, effectively preventing shared librar…

View →
cs.CRRecentMay 13, 2026

Memory Forensics Techniques for Automated Detection and Analysis of Go Malware

Hala Ali, Andrew Case, Irfan Ahmed

The paper introduces a novel memory forensics framework to perform runtime analysis of Go malware, successfully recovering critical execution state and artifacts that are invisible to traditional stat…

View →