English
Related papers

Related papers: Security impact ratings considered harmful

200 papers

Software updates are essential to enhance security, fix bugs, and add better features to the existing software. While some users accept software updates, non-compliance remains a widespread issue. While some users accept software updates,…

Software Engineering · Computer Science 2025-10-30 Mahzabin Tamanna , Mohd Anwar , Joseph D. W. Stephens

Experts agree that keeping systems up to date is a powerful security measure. Previous work found that users sometimes explicitly refrain from performing timely updates, e.g., due to bad experiences which has a negative impact on end-user…

Human-Computer Interaction · Computer Science 2020-07-20 Christian Tiefenau , Maximilian Häring , Katharina Krombholz , Emanuel von Zezschwitz

Organizations struggle to handle sheer number of vulnerabilities in their cloud environments. The de facto methodology used for prioritizing vulnerabilities is to use Common Vulnerability Scoring System (CVSS). However, CVSS has inherent…

Cryptography and Security · Computer Science 2022-06-23 Muhammed Fatih Bulut , Abdulhamid Adebayo , Daby Sow , Steve Ocepek

Software updates are critical to the performance, compatibility, and security of software systems. However, users do not always install updates, leaving their machines vulnerable to attackers' exploits. While recent studies have highlighted…

Cryptography and Security · Computer Science 2018-09-06 Arunesh Mathur , Nathan Malkin , Marian Harbach , Eyal Peer , Serge Egelman

Owing to resource constraints, the existing prioritization and selection techniques for software security requirements (countermeasures) find a subset of higher-priority security requirements ignoring lower-priority requirements or…

Software Engineering · Computer Science 2017-06-02 Davoud Mougouei

Various researchers have shown that the Common Vulnerability Scoring System (CVSS) has many drawbacks and may not provide a precise view of the risks related to software vulnerabilities. However, many threat intelligence platforms and…

Cryptography and Security · Computer Science 2018-07-30 Milda Petraityte , Ali Dehghantanha , Gregory Epiphaniou

Nowadays, data has become an invaluable asset to entities and companies, and keeping it secure represents a major challenge. Data centers are responsible for storing data provided by software applications. Nevertheless, the number of…

Android devices are equipped with many pre-installed applications which have the capability of tracking and monitoring users. Although applications coming pre-installed pose a great danger to user security and privacy, they have received…

Cryptography and Security · Computer Science 2023-01-31 Abdullah Ozbay , Kemal Bicakci

With the expansion of the Internet of Things (IoT), the number of security incidents due to insecure and misconfigured IoT devices is increasing. Especially on the consumer market, manufacturers focus on new features and early releases at…

Cryptography and Security · Computer Science 2019-06-27 Philipp Morgner , Christoph Mai , Nicole Koschate-Fischer , Felix Freiling , Zinaida Benenson

Accurately assessing software vulnerabilities is essential for effective prioritization and remediation. While various scoring systems exist to support this task, their differing goals, methodologies and outputs often lead to inconsistent…

Cryptography and Security · Computer Science 2025-08-20 Viktoria Koscinski , Mark Nelson , Ahmet Okutan , Robert Falso , Mehdi Mirakhorli

Most researchers acknowledge an intrinsic hierarchy in the scholarly journals ('journal rank') that they submit their work to, and adjust not only their submission but also their reading strategies accordingly. On the other hand, much has…

Digital Libraries · Computer Science 2013-05-13 Björn Brembs , Marcus Munafò

High-quality software products rely on both well-written source code and timely detection and thorough reporting of bugs. However, some programmers view bug reports as negative assessments of their work, leading them to withhold reporting…

Software Engineering · Computer Science 2024-03-19 Vitaly Alifanov , Kamil Almetov , Ivan Kornienko , Arsen Mutalapov , Yegor Bugayenko

As AI systems appear to exhibit ever-increasing capability and generality, assessing their true potential and safety becomes paramount. This paper contends that the prevalent evaluation methods for these systems are fundamentally…

Artificial Intelligence · Computer Science 2024-07-15 John Burden

The task of designing secure software systems is fraught with uncertainty, as data on uncommon attacks is limited, costs are difficult to estimate, and technology and tools are continually changing. Consequently, experts may interpret the…

Cryptography and Security · Computer Science 2013-06-03 Simon Miller , Susan Appleby , Jonathan M. Garibaldi , Uwe Aickelin

Security holds an important role in a software. Most people are not aware of the significance of security in software system and tend to assume that they will be fine without security in their software systems. However, the lack of security…

Software Engineering · Computer Science 2020-12-25 Ariessa Davaindran Lingham , Nelson Tang Kwong Kin , Chen Wan Jing , Chong Heng Loong , Fatima-tuz-Zahra

AI safety practitioners invest considerable resources in AI system evaluations, but these investments may be wasted if evaluations fail to realize their impact. This paper questions the core value proposition of evaluations: that they…

Computers and Society · Computer Science 2024-08-06 Gabriel Mukobi

Rankings are a fact of life. Whether or not one likes them, they exist and are influential. Within academia, and in computer science in particular, rankings not only capture our attention but also widely influence people who have a limited…

Bug reports are common artefacts in software development. They serve as the main channel for users to communicate to developers information about the issues that they encounter when using released versions of software programs. In the…

Software Engineering · Computer Science 2021-12-21 Arthur D. Sawadogo , Quentin Guimard , Tegawendé F. Bissyandé , Abdoul Kader Kaboré , Jacques Klein , Naouel Moha

Interconnected autonomous systems often share security risks. However, an autonomous system lacks the incentive to make (sufficient) security investments if the cost exceeds its own benefit even though doing that would be socially…

Computer Science and Game Theory · Computer Science 2012-11-13 Jie Xu , Yu Zhang , Mihaela van der Schaar

A dilemma worth Shakespeare's Hamlet is increasingly haunting companies and security researchers: ``to update or not to update, this is the question``. From the perspective of recommended common practices by software vendors the answer is…

Software Engineering · Computer Science 2023-06-14 Fabio Massacci , Giorgio Di Tizio
‹ Prev 1 2 3 10 Next ›