English
Related papers

Related papers: Firewall Configuration Errors Revisited

200 papers

Insecure default values in software settings can be exploited by attackers to compromise the system that runs the software. As a countermeasure, there exist security-configuration guides specifying in detail which values are secure.…

Software Engineering · Computer Science 2023-08-03 Patrick Stöckle , Michael Sammereier , Bernd Grobauer , Alexander Pretschner

Research in cybersecurity may seem reactive, specific, ephemeral, and indeed ineffective. Despite decades of innovation in defense, even the most critical software systems turn out to be vulnerable to attacks. Time and again. Offense and…

Cryptography and Security · Computer Science 2024-09-04 Marcel Böhme

Traditional technologies of firewall testing are overlooked. A new formalized approach is presented. Recommendations on optimization of test procedures are given.

Cryptography and Security · Computer Science 2013-06-11 Alexander Barabanov , Alexey Markov , Valentin Tsirlov

This article puts forward the use of mutual information values to replicate the expertise of security professionals in selecting features for detecting web attacks. The goal is to enhance the effectiveness of web application firewalls…

Cryptography and Security · Computer Science 2024-07-29 Amanda Riverol , Gustavo Betarte , Rodrigo Martínez , Álvaro Pardo

Most modern software systems (operating systems like Linux or Android, Web browsers like Firefox or Chrome, video encoders like ffmpeg, x264 or VLC, mobile and cloud applications, etc.) are highly-configurable. Hundreds of configuration…

Software Engineering · Computer Science 2019-06-10 Juliana Alves Pereira , Hugo Martin , Mathieu Acher , Jean-Marc Jézéquel , Goetz Botterweck , Anthony Ventresque

The task of designing secure software systems is fraught with uncertainty, as data on uncommon attacks is limited, costs are difficult to estimate, and technology and tools are continually changing. Consequently, experts may interpret the…

Cryptography and Security · Computer Science 2013-06-03 Simon Miller , Susan Appleby , Jonathan M. Garibaldi , Uwe Aickelin

With the sharp rise in software dependability and failure cost, high quality has been in great demand. However, guaranteeing high quality in software systems which have grown in size and complexity coupled with the constraints imposed on…

Software Engineering · Computer Science 2016-01-08 Bassey Isong , Obeten Ekabua

The design of reliable circuits has received a lot of attention in the past, leading to the definition of several design techniques introducing fault detection and fault tolerance properties in systems for critical…

Hardware Architecture · Computer Science 2011-11-09 C. Bolchini , F. Salice , D. Sciuto , L. Pomante

Previous research on spreadsheet risks has predominantly focussed on errors inadvertently introduced by spreadsheet writers i.e. it focussed on the end-user aspects of spreadsheet development. When analyzing a faulty spreadsheet, one might…

Computers and Society · Computer Science 2024-12-31 Roland T. Mittermeir , Markus Clermont , Karin Hodnigg

Embedded software is developed under the assumption that hardware execution is always correct. Fault attacks break and exploit that assumption. Through the careful introduction of targeted faults, an adversary modifies the control-flow or…

Cryptography and Security · Computer Science 2020-03-25 Bilgiday Yuce , Patrick Schaumont , Marc Witteman

Vulnerability detection is crucial to protect software security. Nowadays, deep learning (DL) is the most promising technique to automate this detection task, leveraging its superior ability to extract patterns and representations within…

Software Engineering · Computer Science 2026-02-13 Yuejun Guo , Qiang Hu , Qiang Tang , Yves Le Traon

In Federated Learning (FL), a group of workers participate to build a global model under the coordination of one node, the chief. Regarding the cybersecurity of FL, some attacks aim at injecting the fabricated local model updates into the…

Machine Learning · Computer Science 2021-11-30 Ranwa Al Mallah , Godwin Badu-Marfo , Bilal Farooq

There continue to be numerous breaches publicised pertaining to cyber security despite security practices being applied within industry for many years. This article is intended to be the first in a number of articles as research into cyber…

Cryptography and Security · Computer Science 2016-01-18 Mark Evans , Leandros A. Maglaras , Ying He , Helge Janicke

Ensuring structural reliability remains a core concern in civil engineering, yet the quantitative effects of quality control measures on material variability and safety margins are not fully understood, especially for materials other than…

Applications · Statistics 2025-04-15 Tammam Bakeer , Wolfram Jaeger

This paper presents the Cybersecurity Psychology Framework (CPF), a novel methodology for quantifying human-centric vulnerabilities in security operations through systematic integration of established psychological constructs with…

Cryptography and Security · Computer Science 2025-10-14 Giuseppe Canale

There is no standard yet for measuring and controlling the costs associated with implementing cybersecurity programs. To advance research and practice towards this end, we develop a mapping using the well-known concept of quality costs and…

Cryptography and Security · Computer Science 2017-07-11 Nicole M. Radziwill , Morgan C. Benton

Major software failures are reported to be due to misconfiguration. As manual configuration is too error-prone to be deemed a reliable strategy for dynamic and complex systems, automated configuration management has become a standard.…

Distributed, Parallel, and Cluster Computing · Computer Science 2024-10-29 Tamara Ranković , Filip Šiljić , Jovan Tomić , Goran Sladić , Miloš Simić

Background: Security regressions are vulnerabilities introduced in a previously unaffected software system. They often happen as a result of source code changes (e.g., a bug fix) and can have severe effects. Aims: To increase the…

Software Engineering · Computer Science 2022-07-06 Larissa Braz , Enrico Fregnan , Vivek Arora , Alberto Bacchelli

Safety frameworks have emerged as a best practice for managing risks from frontier artificial intelligence (AI) systems. However, it may be difficult for stakeholders to know if companies are adhering to their frameworks. This paper…

Network segmentation is a foundational enterprise security control. Despite its recognized benefits, segmentation initiatives frequently fail in practice, and the field lacks a systematic empirical explanation for why these projects do not…

Cryptography and Security · Computer Science 2026-05-01 Rohit Dube