English
Related papers

Related papers: Policy Enforcement with Proactive Libraries

200 papers

Tracing the sequence of library and system calls that a program makes is very helpful in the characterization of its interactions with the surrounding environment and ultimately of its semantics. Due to entanglements of real-world software…

Cryptography and Security · Computer Science 2024-10-30 Daniele Cono D'Elia , Simone Nicchi , Matteo Mariani , Matteo Marini , Federico Palmaro

Various studies have empirically shown that the majority of Java and Android apps misuse cryptographic libraries, causing devastating breaches of data security. Therefore, it is crucial to detect such misuses early in the development…

Software Engineering · Computer Science 2017-10-04 Stefan Krüger , Johannes Späth , Karim Ali , Eric Bodden , Mira Mezini

Mobile app stores produce a tremendous amount of data in the form of user reviews, which is a huge source of user requirements and sentiments; such reviews allow app developers to proactively address issues in their apps. However, only a…

Information Retrieval · Computer Science 2023-03-14 Moghis Fereidouni , Adib Mosharrof , Umar Farooq , AB Siddique

Open-Source Projects and Libraries are being used in software development while also bearing multiple security vulnerabilities. This use of third party ecosystem creates a new kind of attack surface for a product in development. An…

Software Engineering · Computer Science 2018-08-15 Lorenzo Neil , Sudip Mittal , Anupam Joshi

Smart contracts are self-executing programs that manage financial transactions on blockchain networks. Developers commonly rely on third-party code libraries to improve both efficiency and security. However, improper use of these libraries…

Software Engineering · Computer Science 2026-04-02 Yishun Wang , Wenkai Li , Xiaoqi Li , Zongwei Li , Lei Xie , Yuqing Zhang

Several solutions ensuring the dynamic detection of malicious activities on Android ecosystem have been proposed. These are represented by generic rules and models that identify any purported malicious behavior. However, the approaches…

Cryptography and Security · Computer Science 2023-08-01 Abdellah Ouaguid , Mohamed Ouzzif , Noreddine Abghour

Object-oriented Application Programing Interfaces (APIs) support software reuse by providing pre-implemented functionalities. Due to the huge number of included classes, reusing and understanding large APIs is a complex task. Otherwise,…

Software Engineering · Computer Science 2016-06-03 Anas Shatnawi , Abdelhak Seriai , Houari Sahraoui , Zakarea Al-Shara

Implementing a security mechanism on top of APIs requires clear understanding of the semantics of each API, to ensure that security entitlements are enforced consistently and completely across all APIs that could perform the same function…

Cryptography and Security · Computer Science 2023-02-28 Somesh Jha , Mihai Christodorescu , Anh Pham

Well structured and readable source code is a pre-requisite for maintainable software and successful collaboration among developers. Static analysis enables the automated extraction of code complexity and readability metrics which can be…

Software Engineering · Computer Science 2021-10-29 Gustaf Holst , Felix Dobslaw

The increasing frequency of attacks on Android applications coupled with the recent popularity of large language models (LLMs) necessitates a comprehensive understanding of the capabilities of the latter in identifying potential…

Cryptography and Security · Computer Science 2025-03-18 Vasileios Kouliaridis , Georgios Karopoulos , Georgios Kambourakis

Resource leaks -- a program does not release resources it previously acquired -- are a common kind of bug in Android applications. Even with the help of existing techniques to automatically detect leaks, writing a leak-free program remains…

Software Engineering · Computer Science 2024-10-03 Bhargav Nagaraja Bhatt , Carlo A. Furia

Runtime enforcers can be used to ensure that running applications satisfy desired correctness properties. Although runtime enforcers that are correct-by-construction with respect to abstract behavioral models are relatively easy to specify,…

Software Engineering · Computer Science 2022-10-25 Oliviero Riganelli , Daniela Micucci , Leonardo Mariani

Software development activity has reached a high degree of complexity, guided by the heterogeneity of the components, data sources, and tasks. The proliferation of open-source software (OSS) repositories has stressed the need to reuse…

Software Engineering · Computer Science 2021-02-16 Phuong T. Nguyen , Juri Di Rocco , Claudio Di Sipio , Davide Di Ruscio , Massimiliano Di Penta

While current chat-based AI assistants primarily operate reactively, responding only when prompted by users, there is significant potential for these systems to proactively assist in tasks without explicit invocation, enabling a…

Human-Computer Interaction · Computer Science 2025-03-03 Valerie Chen , Alan Zhu , Sebastian Zhao , Hussein Mozannar , David Sontag , Ameet Talwalkar

Contemporary mobile applications (apps) are designed to track, use, and share users' data, often without their consent, which results in potential privacy and transparency issues. To investigate whether mobile apps have always been…

Cryptography and Security · Computer Science 2021-07-29 Saad Sajid Hashmi , Nazar Waheed , Gioacchino Tangari , Muhammad Ikram , Stephen Smith

A common cause of bugs and vulnerabilities are the violations of usage constraints associated with Application Programming Interfaces (APIs). API misuses are common in software projects, and while there have been techniques proposed to…

Software Engineering · Computer Science 2022-04-22 Hong Jin Kang , David Lo

Data science libraries, such as scikit-learn and pandas, specialize in processing and manipulating data. The data-centric nature of these libraries makes the detection of API misuse in them more challenging. This paper introduces DSCHECKER,…

Software Engineering · Computer Science 2025-10-01 Akalanka Galappaththi , Francisco Ribeiro , Sarah Nadi

With the widespread use and adoption of mobile platforms like Android a new software quality concern has emerged -- energy consumption. However, developing energy-efficient software and applications requires knowledge and likewise proper…

Software Engineering · Computer Science 2021-03-23 Andreas Schuler , Gabriele Kotsis

Human values are an important aspect of life and should be supported in ubiquitous technologies such as mobile applications (apps). There has been a lot of focus on fixing certain kinds of violation of human values, especially privacy,…

Software Engineering · Computer Science 2021-09-30 Conghui Li , Humphrey O. Obie , Hourieh Khalajzadeh

Third-party libraries are a central building block to develop software systems. However, outdated third-party libraries are commonly used, and developers are usually less aware of the potential risks. Therefore, a quantitative and holistic…

Software Engineering · Computer Science 2020-02-26 Ying Wang , Bihuan Chen , Kaifeng Huang , Bowen Shi , Congying Xu , Xin Peng , Yang Liu , Yijian Wu