English
Related papers

Related papers: How Open Should Open Source Be?

200 papers

Providing high quality software and evaluating the software reliability in softwarized networks are crucial for vendors and customers. These networks rely on open source code, which are sensitive to contain high number of bugs. Both, the…

Software Engineering · Computer Science 2024-08-01 Hasan Yagiz Ozkan , Madeleine Kaufmann , Wolfgang Kellerer , Carmen Mas-Machuca

Securing browsers in mobile devices is very challenging, because these browser apps usually provide browsing services to other apps in the same device. A malicious app installed in a device can potentially obtain sensitive information…

Cryptography and Security · Computer Science 2014-09-02 Daoyuan Wu , Rocky K. C. Chang

Package confusion attacks such as typosquatting threaten software supply chains. Attackers make packages with names that syntactically or semantically resemble legitimate ones, tricking engineers into installing malware. While prior work…

Cryptography and Security · Computer Science 2025-08-05 Wenxin Jiang , Berk Çakar , Mikola Lysenko , James C. Davis

Attacks on Internet routing are typically viewed through the lens of availability and confidentiality, assuming an adversary that either discards traffic or performs eavesdropping. Yet, a strategic adversary can use routing attacks to…

Networking and Internet Architecture · Computer Science 2020-08-13 Yixin Sun , Maria Apostolaki , Henry Birge-Lee , Laurent Vanbever , Jennifer Rexford , Mung Chiang , Prateek Mittal

Malware constitutes a major global risk affecting millions of users each year. Standard algorithms in detection systems perform insufficiently when dealing with malware passed through obfuscation tools. We illustrate this studying in detail…

Cryptography and Security · Computer Science 2019-11-12 Alberto Redondo , David Rios Insua

Modifications to open-source software (OSS) are often provided in the form of "patch stacks" - sets of changes (patches) that modify a given body of source code. Maintaining patch stacks over extended periods of time is problematic when the…

Software Engineering · Computer Science 2020-09-03 Ralf Ramsauer , Daniel Lohmann , Wolfgang Mauerer

Identifying security issues early is encouraged to reduce the latent negative impacts on software systems. Code review is a widely-used method that allows developers to manually inspect modified code, catching security issues during a…

Software Engineering · Computer Science 2024-05-10 Wachiraphan Charoenwet , Patanamon Thongtanunam , Van-Thuan Pham , Christoph Treude

Android applications are usually obfuscated before release, making it difficult to analyze them for malware presence or intellectual property violations. Obfuscators might hide the true intent of code by renaming variables and/or modifying…

Software Engineering · Computer Science 2018-06-12 Fang-Hsiang Su , Jonathan Bell , Gail Kaiser , Baishakhi Ray

Bug fixing is a complex and time-consuming task in software development. Bug localization research tends to focus on the accuracy of automated tools that suggest source code files for developers to look at. However, little is known about…

Software Engineering · Computer Science 2026-05-07 Pablo Diaz Pedreira , Tamara Lopez , Michel Wermelinger

Open-source software (OSS) greatly facilitates program development for developers. However, the high number of vulnerabilities in open-source software is a major concern, including in Golang, a relatively new programming language. In…

Software Engineering · Computer Science 2024-01-18 Jinchang Hu , Lyuye Zhang , Chengwei Liu , Sen Yang , Song Huang , Yang Liu

Many tools and libraries are readily available to build and operate distributed Web applications. While the setup of operational environments is comparatively easy, practice shows that their continuous secure operation is more difficult to…

Cryptography and Security · Computer Science 2012-07-13 Matteo Maria Casalino , Michele Mangili , Henrik Plate , Serena Elisa Ponta

Typical users are known to use and reuse weak passwords. Yet, as cybersecurity concerns continue to rise, understanding the password practices of software developers becomes increasingly important. In this work, we examine developers'…

Software Engineering · Computer Science 2023-07-04 Nikolaos Lykousas , Constantinos Patsakis

The Android ecosystem is vulnerable to issues such as app repackaging, counterfeiting, and piracy, threatening both developers and users. To mitigate these risks, developers often employ code obfuscation techniques. However, while effective…

Cryptography and Security · Computer Science 2025-02-10 Akila Niroshan , Suranga Seneviratne , Aruna Seneviratne

Patch fuzzing is a technique aimed at identifying vulnerabilities that arise from newly patched code. While researchers have made efforts to apply patch fuzzing to testing JavaScript engines with considerable success, these efforts have…

Cryptography and Security · Computer Science 2025-05-02 Junjie Wang , Yuhan Ma , Xiaofei Xie , Xiaoning Du , Xiangwei Zhang

This article provides a quantitative analysis of privacy-compromising mechanisms on 1 million popular websites. Findings indicate that nearly 9 in 10 websites leak user data to parties of which the user is likely unaware; more than 6 in 10…

Cryptography and Security · Computer Science 2015-11-03 Timothy Libert

Vulnerabilities in open-source software can cause cascading effects in the modern digital ecosystem. It is especially worrying if these vulnerabilities repeat across many projects, as once the adversaries find one of them, they can scale up…

Cryptography and Security · Computer Science 2025-05-27 Jafar Akhoundali , Hamidreza Hamidi , Kristian Rietveld , Olga Gadyatskaya

Android applications are frequently plagiarized or repackaged, and software obfuscation is a recommended protection against these practices. However, there is very little data on the overall rates of app obfuscation, the techniques used, or…

Cryptography and Security · Computer Science 2018-02-21 Dominik Wermke , Nicolas Huaman , Yasemin Acar , Brad Reaves , Patrick Traynor , Sascha Fahl

The number of vulnerabilities reported in open source software has increased substantially in recent years. Security patches provide the necessary measures to protect software from attacks and vulnerabilities. In practice, it is difficult…

Software Engineering · Computer Science 2024-01-17 Zhiyuan Pan , Xing Hu , Xin Xia , Xian Zhan , David Lo , Xiaohu Yang

During the past years, overload at work leading to psychological diseases, such as burnouts, have drawn more public attention. This paper is a preliminary step toward an analysis of the work patterns and possible indicators of overload and…

Software Engineering · Computer Science 2018-10-04 Maëlick Claes , Mika Mäntylä , Miikka Kuutila , Bram Adams

As software development practices increasingly adopt AI-powered tools, ensuring that such tools can support secure coding has become critical. This study evaluates the effectiveness of GitHub Copilot's recently introduced code review…

Software Engineering · Computer Science 2025-09-18 Amena Amro , Manar H. Alalfi