skip to content
Decrypt LOL

Get Cyber-Smart in Just 5 Minutes a Week

Decrypt delivers quick and insightful updates on cybersecurity. No spam, no data sharing—just the info you need to stay secure.

Read the latest edition

NIFuzz Tool Developed to Estimate Software Information Leaks

/ 1 min read

🔍 NIFuzz: A New Tool for Quantifying Information Leaks in Software. Researchers have developed NIFuzz, a scalable fuzzer designed to estimate information leaks in software, which can undermine security features like ASLR and PAC. The paper introduces three metrics for assessing the size of these leaks, including a novel method for calculating conditional mutual information. NIFuzz operates with minimal overhead and employs various strategies to enhance leak detection and quantification. Evaluations on 14 programs, including eight real-world CVEs, demonstrate its effectiveness in identifying and estimating known information leaks, highlighting its potential to improve software security assessments.

Source
{entry.data.source.title}
Original