惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

P
Privacy International News Feed
D
Docker
WordPress大学
WordPress大学
G
Google Developers Blog
小众软件
小众软件
Stack Overflow Blog
Stack Overflow Blog
MyScale Blog
MyScale Blog
S
Security Archives - TechRepublic
S
SegmentFault 最新的问题
宝玉的分享
宝玉的分享
爱范儿
爱范儿
Application and Cybersecurity Blog
Application and Cybersecurity Blog
Google DeepMind News
Google DeepMind News
F
Full Disclosure
S
Secure Thoughts
S
Security @ Cisco Blogs
Recent Announcements
Recent Announcements
W
WeLiveSecurity
Schneier on Security
Schneier on Security
AWS News Blog
AWS News Blog
T
Tenable Blog
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
U
Unit 42
Project Zero
Project Zero
V
V2EX
T
The Blog of Author Tim Ferriss
T
Tailwind CSS Blog
Spread Privacy
Spread Privacy
C
CERT Recently Published Vulnerability Notes
Webroot Blog
Webroot Blog
The Last Watchdog
The Last Watchdog
B
Blog
K
Kaspersky official blog
云风的 BLOG
云风的 BLOG
N
News and Events Feed by Topic
J
Java Code Geeks
阮一峰的网络日志
阮一峰的网络日志
美团技术团队
I
Intezer
雷峰网
雷峰网
GbyAI
GbyAI
罗磊的独立博客
Jina AI
Jina AI
Help Net Security
Help Net Security
A
Arctic Wolf
腾讯CDC
H
Heimdal Security Blog
V
Visual Studio Blog
TaoSecurity Blog
TaoSecurity Blog
Last Week in AI
Last Week in AI

cs.CR updates on arXiv.org

An AI Security Agent for University ACMIS: Multi-Vector Threat Detection and Automated Response From Privacy to Workflow Integrity: Communication-Graph Metadata in Autonomous Agent Interoperability Learn from Your Mistakes: Tree-like Self-Play for Secure Code LLMs Send a SCOUT First: Pre-hoc Reasoning for Adaptive Detector Allocation in Prompt-Injection Defense QSignAI: Quantum-Randomness-Seeded Identity Signatures at the Intersection of AI for Science and Science for AI A Standardized Ontology for Intent-Based Security Management in Autonomous Networks Code as a Weapon: A Consensus-Labeled Prompt Bank for Measuring Coding-Model Compliance with Malicious-Code Requests Cordyceps: Covert Control Attacks on LLMs via Data Poisoning SAMark: A Self-Anchored Text Watermarking with Paragraph-Level Paraphrase Robustness Mechanistic origins of catastrophic forgetting: why RL preserves circuits better than SFT? Red-Teaming Agent Execution Contexts: Open-World Security Evaluation on OpenClaw From Specification to Deployment: Empirical Evidence from a W3C VC + DID Trust Infrastructure for Autonomous Agents Attacking the Spike: On the Transferability and Security of Spiking Neural Networks to Adversarial Examples Vendor-Conditioned Contrastive Learning for Predicting Organizational Cyber Threat Targets A Formal Calculus for International Relations Computation and Evaluation On the Theory and Practice of Privacy-Preserving Bayesian Data Analysis Moving Target Defense for Web Applications using Bayesian Stackelberg Games A Mathematical Trust Algebra for International Nation Relations Computation and Evaluation A First Attempt to Cloud-Based User Verification in Distributed System Some Experimental Issues in Financial Fraud Detection: An Investigation Using Data Analytics to Detect Anomalous States in Vehicles On the Differential Privacy of Bayesian Inference Building and Measuring Privacy-Preserving Predictive Blacklists Novel Feature Extraction, Selection and Fusion for Effective Malware Family Classification Security Games with Ambiguous Beliefs of Agents Generating and Exploring S-Box Multivariate Quadratic Equation Systems with SageMath Private Disclosure of Information in Health Tele-monitoring Applications of Artificial Intelligence Techniques to Combating Cyber Crimes: A Review Implicit Contextual Integrity in Online Social Networks Phishing Detection in IMs using Domain Ontology and CBA - An innovative Rule Generation Approach Detecting fraudulent activity in a cloud using privacy-friendly data aggregates The Application of Differential Privacy for Rank Aggregation: Privacy and Accuracy An Evasion and Counter-Evasion Study in Malicious Websites Detection Hybrid Epidemics - A Case Study on Computer Worm Conficker A Self-Adaptive Network Protection System An Argumentation-Based Framework to Address the Attribution Problem in Cyber-Warfare Protecting Privacy through Distributed Computation in Multi-agent Decision Making Using Neural Network to Propose Solutions to Threats in Attack Patterns A Utility-Theoretic Approach to Privacy in Online Services Intrusion Detection using Continuous Time Bayesian Networks A DDoS-Aware IDS Model Based on Danger Theory and Mobile Agents Mining Malware Specifications through Static Reachability Analysis Subjective Logic Operators in Trust Assessment: an Empirical Study GOTCHA Password Hackers! On estimating total time to solve SAT in distributed computing environments: Application to the SAT@home project POMDPs Make Better Hackers: Accounting for Uncertainty in Penetration Testing Les POMDP font de meilleurs hackers: Tenir compte de l'incertitude dans les tests de penetration Automated Attack Planning Penetration Testing == POMDP Solving? Attack Planning in the Real World An Algorithm to Find Optimal Attack Paths in Nondeterministic Scenarios A Fuzzy Logic Based Certain Trust Model for E-Commerce Predicting Network Attacks Using Ontology-Driven Inference Semantic Matching of Security Policies to Support Security Experts A formalization of re-identification in terms of compatible probabilities A trust-based security mechanism for nomadic users in pervasive systems Intrusion Detection on Smartphones Obesity Heuristic, New Way On Artificial Immune Systems Secured Wireless Communication using Fuzzy Logic based High Speed Public-Key Cryptography (FLHSPKC) Mining Permission Request Patterns from Android and Facebook Applications (extended author version) Building a Chaotic Proved Neural Network Detecting Danger: The Dendritic Cell Algorithm Detecting Anomalous Process Behaviour using Second Generation Artificial Immune Systems Outrepasser les limites des techniques classiques de Prise d'Empreintes grace aux Reseaux de Neurones Building Computer Network Attacks ToLeRating UR-STD The DCA:SOMe Comparison A comparative study between two biologically-inspired algorithms Real-Time Alert Correlation with Type Graphs Performance Evaluation of DCA and SRC on a Single Bot Detection Behavioural Correlation for Detecting P2P Bots Malicious Code Execution Detection and Response Immune System inspired by the Danger Theory Integrating Real-Time Analysis With The Dendritic Cell Algorithm Through Segmentation Integrating Innate and Adaptive Immunity for Intrusion Detection Information Fusion for Anomaly Detection with the Dendritic Cell Algorithm Further Exploration of the Dendritic Cell Algorithm: Antigen Multiplier and Time Windows Detecting Bots Based on Keylogging Activities Detecting Danger: Applying a Novel Immunological Concept to Intrusion Detection Systems Detecting Motifs in System Call Sequences Dendritic Cells for SYN Scan Detection Detecting Botnets Through Log Correlation DCA for Bot Detection Cooperative Automated Worm Response and Detection Immune Algorithm Cryptographic Implications for Artificially Mediated Games Differentially Private Empirical Risk Minimization An Immune Inspired Network Intrusion Detection System Utilising Correlation Context An Immune Inspired Approach to Anomaly Detection Hybrid Intrusion Detection and Prediction multiAgent System HIDPAS Artificial Dendritic Cells: Multi-faceted Perspectives AIS for Misbehavior Detection in Wireless Sensor Networks: Performance and Design Principles The Role of Self-Forensics in Vehicle Crash Investigations and Event Reconstruction Beyond Nash Equilibrium: Solution Concepts for the 21st Century From Qualitative to Quantitative Proofs of Security Properties Using First-Order Conditional Logic Danger Theory: The Link between AIS and IDS? Dempster-Shafer for Anomaly Detection The Danger Theory and Its Application to Artificial Immune Systems ANTIDS: Self-Organized Ant-based Clustering Model for Intrusion Detection System Analyzing and Improving Performance of a Class of Anomaly-based Intrusion Detectors Soft Constraint Programming to Analysing Security Protocols A Method for Clustering Web Attacks Using Edit Distance Encoding a Taxonomy of Web Attacks with Different-Length Vectors
An Empirical Study on Real Bug Fixes from Solidity Smart Contract Projects
Yilin Wang, Xiangping Chen, Yuan Huang, Hao-Nan Zhu, Jing Bian, · 2022-10-21 · via cs.CR updates on arXiv.org

Smart contracts are pieces of code that reside inside the blockchains and can be triggered to execute any transaction when specifically predefined conditions are satisfied. Being commonly used for commercial transactions in blockchain makes the security of smart contracts particularly important. Over the last few years, we have seen a great deal of academic and practical interest in detecting and fixing the bugs in smart contracts written by Solidity. But little is known about the real bug fixes in Solidity smart contract projects. To understand the bug fixes and enrich the knowledge of bug fixes in real-world projects, we conduct an empirical study on historical bug fixes from 46 real-world Solidity smart contract projects in this paper. We provide a multi-faceted discussion and mainly explore the following four questions: File Type and Amount, Fix Complexity, Bug distribution, and Fix Patches. We distill four findings during the process to explore these four questions. Finally, based on these findings, we provide actionable implications to improve the current approaches to fixing bugs in Solidity smart contracts from three aspects: Automatic repair techniques, Analysis tools, and Solidity developers.

此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。