English
Related papers

Related papers: Finding Tizen security bugs through whole-system s…

200 papers

Modern blockchain applications are often constrained by a trade-off between user experience and trust. Chainless Apps present a new paradigm of application architecture that separates execution, trust, bridging, and settlement into distinct…

Cryptography and Security · Computer Science 2025-05-30 Brian Seong , Paul Gebheim

Modern malware poses a severe threat to cybersecurity, continually evolving in sophistication. To combat this threat, researchers and security professionals continuously explore advanced techniques for malware detection and analysis.…

Cryptography and Security · Computer Science 2024-04-26 Pasquale Caporaso , Giuseppe Bianchi , Francesco Quaglia

Early identification of security issues in software development is vital to minimize their unanticipated impacts. Code review is a widely used manual analysis method that aims to uncover security issues along with other coding issues in…

Software Engineering · Computer Science 2024-07-18 Wachiraphan Charoenwet , Patanamon Thongtanunam , Van-Thuan Pham , Christoph Treude

Static software checking tools are useful as an additional automated software inspection step that can easily be integrated in the development cycle and assist in creating secure, reliable and high quality code. However, an often quoted…

Software Engineering · Computer Science 2007-05-23 Cathal Boogerd , Leon Moonen

The inherent determinism of blockchain technology poses a significant challenge to generating secure random numbers within smart contracts, leading to exploitable vulnerabilities, particularly in decentralized finance (DeFi) ecosystems and…

Cryptography and Security · Computer Science 2025-10-22 Hadis Rezaei , Ahmed Afif Monrat , Karl Andersson , Francesco Flammini

Protecting programs against control-flow hijacking attacks recently has become an arms race between defenders and attackers. While certain defenses, e.g., \textit{Control Flow Integrity} (CFI), restrict the targets of indirect control-flow…

Cryptography and Security · Computer Science 2018-12-21 Paul Muntean

The conventional wisdom is that a software-defined network (SDN) operates under the premise that the logically centralized control plane has an accurate representation of the actual data plane state. Unfortunately, bugs, misconfigurations,…

Networking and Internet Architecture · Computer Science 2020-12-08 Apoorv Shukla , Said Jawad Saidi , Stefan Schmid , Marco Canini , Thomas Zinner , Anja Feldmann

The mass production of complex software has made it impossible to manually test it for security vulnerabilities. Automated security testing tools come in a variety of flavors, function at various stages of software development, and target…

Software Engineering · Computer Science 2023-01-18 Yan Wu , Jingyi Su , David D. Moran , Chris D. Near

In this paper, we present a novel marriage of static and dynamic analysis. Given a large code base with many functions and a mature test suite, we propose using static analysis to find functions 1) with assertions or other evident…

Software Engineering · Computer Science 2016-09-22 Mohammad Amin Alipour , Alex Groce , Chaoqiang Zhang , Anahita Sanadaji , Gokul Caushik

Fuzzing has been studied and applied ever since the 1990s. Automated and continuous fuzzing has recently been applied also to open source software projects, including the Linux and BSD kernels. This paper concentrates on the practical…

Software Engineering · Computer Science 2020-02-26 Jukka Ruohonen , Kalle Rindell

The Trusted Platform Module (TPM) is a cryptoprocessor designed to protect integrity and security of modern computers. Communications with the TPM go through the TPM Software Stack (TSS), a popular implementation of which is the open-source…

Software Engineering · Computer Science 2023-10-30 Yani Ziani , Nikolai Kosmatov , Frédéric Loulergue , Daniel Gracia Pérez , Téo Bernier

The assurance of mobile app GUI has become increasingly important, as the GUI serves as the primary medium of interaction between users and apps. Although numerous automated GUI testing approaches have been developed with diverse…

Software Engineering · Computer Science 2026-05-05 Shengcheng Yu , Yuchen Ling , Chunrong Fang , Quan Zhou , Yi Zhao , Chunyang Chen , Shaomin Zhu , Zhenyu Chen

Constant-time programming is a countermeasure to prevent cache based attacks where programs should not perform memory accesses that depend on secrets. In some cases this policy can be safely relaxed if one can prove that the program does…

Cryptography and Security · Computer Science 2023-06-22 Cristian Ene , Laurent Mounier , Marie-Laure Potet

Smart contracts are self-executing programs that manage financial transactions on blockchain networks. Developers commonly rely on third-party code libraries to improve both efficiency and security. However, improper use of these libraries…

Software Engineering · Computer Science 2026-04-02 Yishun Wang , Wenkai Li , Xiaoqi Li , Zongwei Li , Lei Xie , Yuqing Zhang

Knowledge-based systems reason over some knowledge base. Hence, an important issue for such systems is how to acquire the knowledge needed for their inference. This paper assesses active learning methods for acquiring knowledge for "static…

Software Engineering · Computer Science 2020-10-23 Xueqi Yang , Zhe Yu , Junjie Wang , Tim Menzies

We propose a memory-model-aware static program analysis method for accurately analyzing the behavior of concurrent software running on processors with weak consistency models such as x86-TSO, SPARC-PSO, and SPARC-RMO. At the center of our…

Programming Languages · Computer Science 2017-09-29 Markus Kusano , Chao Wang

How to apply automated verification technology such as model checking and static program analysis to millions of lines of embedded C/C++ code? How to package this technology in a way that it can be used by software developers and engineers,…

Software Engineering · Computer Science 2013-01-03 Ralf Huuck

We propose a method combining machine learning with a static analysis tool (i.e. Infer) to automatically repair source code. Machine Learning methods perform well for producing idiomatic source code. However, their output is sometimes…

Software Engineering · Computer Science 2023-04-24 Ruba Mutasim , Gabriel Synnaeve , David Pichardie , Baptiste Rozière

We study 10 C/C++ projects that have been using a static analysis security testing tool. We analyze the historical scan reports generated by the tool and study how frequently memory-related alerts appeared. We also studied the subsequent…

Software Engineering · Computer Science 2021-04-12 Nasif Imtiaz , Laurie Williams

The increasing inclusion of Machine Learning (ML) models in safety critical systems like autonomous cars have led to the development of multiple model-based ML testing techniques. One common denominator of these testing techniques is their…

Machine Learning · Computer Science 2019-09-09 Houssem Ben Braiek , Foutse Khomh