English
Related papers

Related papers: How Professional Hackers Understand Protected Code…

200 papers

Offensive security-tests are a common way to pro-actively discover potential vulnerabilities. They are performed by specialists, often called penetration-testers or white-hat hackers. The chronic lack of available white-hat hackers prevents…

Software Engineering · Computer Science 2023-08-24 Andreas Happe , Jürgen Cito

Evaluating the effectiveness of software protection is crucial for selecting the most effective methods to safeguard assets within software applications. Obfuscation involves techniques that deliberately modify software to make it more…

Cryptography and Security · Computer Science 2025-11-27 Leonardo Regano , Daniele Canavese , Cataldo Basile , Marco Torchiano

AI coding assistants are now central to professional software development, yet their impact on how developers think about and practice security remains poorly understood. While prior work has documented vulnerability rates in AI-generated…

Penetration testing refers to the process of simulating hacker attacks to evaluate the security of information systems . This study aims not only to clarify the theoretical foundations of penetration testing but also to explain and…

Cryptography and Security · Computer Science 2026-02-10 Wei Zhang , Ju Xing , Xiaoqi Li

Software needs to be secure, in particular, when deployed to critical infrastructures. Secure coding guidelines capture practices in industrial software engineering to ensure the security of code. This study aims to assess the level of…

Software Engineering · Computer Science 2021-01-07 Tiago Espinha Gasiba , Ulrike Lechner , Maria Pinto-Albuquerque , Daniel Mendez Fernandez

Software security requirements have been traditionally considered as a non-functional attribute of the software. However, as more software started to provide services online, existing mechanisms of using firewalls and other hardware to…

Software Engineering · Computer Science 2023-10-24 Asif Imran

Awareness of cybersecurity topics facilitates software developers to produce secure code. This awareness is especially important in industrial environments for the products and services in critical infrastructures. In this work, we address…

Software Engineering · Computer Science 2021-02-11 Tiago Espinha Gasiba , Ulrike Lechner , Maria Pinto-Albuquerque

Identifying security issues early is encouraged to reduce the latent negative impacts on software systems. Code review is a widely-used method that allows developers to manually inspect modified code, catching security issues during a…

Software Engineering · Computer Science 2024-05-10 Wachiraphan Charoenwet , Patanamon Thongtanunam , Van-Thuan Pham , Christoph Treude

Secure software engineering is a fundamental activity in modern software development. However, while the field of security research has been advancing quite fast, in practice, there is still a vast knowledge gap between the security experts…

Software Engineering · Computer Science 2021-04-09 Vivek Arora , Enrique Larios Vargas , Maurício Aniche , Arie van Deursen

Be it in debugging, testing, code review or, more recently, pair programming with AI assistance: in all these activities, software engineers need to understand source code. Accordingly, plenty of research is taking place in the field to…

Software Engineering · Computer Science 2023-10-18 Marvin Wyrich

Understanding code represents a core ability needed for automating software development tasks. While foundation models like LLMs show impressive results across many software engineering challenges, the extent of their true semantic…

Software Engineering · Computer Science 2025-04-16 Serge Lionel Nikiema , Jordan Samhi , Abdoul Kader Kaboré , Jacques Klein , Tegawendé F. Bissyandé

The implementations of most hardened cryptographic libraries use defensive programming techniques for side-channel resistance. These techniques are usually specified as guidelines to developers on specific code patterns to use or avoid.…

Cryptography and Security · Computer Science 2025-09-03 Moritz Schneider , Daniele Lain , Ivan Puddu , Nicolas Dutly , Srdjan Capkun

Awareness of cybersecurity topics, e.g., related to secure coding guidelines, enables software developers to write secure code. This awareness is vital in industrial environments for the products and services in critical infrastructures. In…

Software Engineering · Computer Science 2021-02-23 Tiago Espinha Gasiba , Ulrike Lechner , Maria Pinto-Albuquerque

The internet landscape is growing and at the same time becoming more heterogeneous. Services are performed via computers and networks, critical data is stored digitally. This enables freedom for the user, and flexibility for operators. Data…

Cryptography and Security · Computer Science 2020-12-17 Simon D Duque Anton , Daniel Fraunholz , Daniel Schneider

Code review is a critical step in the software development life cycle, which assesses and boosts the code's effectiveness and correctness, pinpoints security issues, and raises its quality by adhering to best practices. Due to the increased…

Software Engineering · Computer Science 2023-06-21 Feiyang Tang , Bjarte M. Østvold , Magiel Bruntink

Static analysis remains one of the most popular approaches for detecting and correcting poor or vulnerable program code. It involves the examination of code listings, test results, or other documentation to identify errors, violations of…

Artificial Intelligence · Computer Science 2021-08-27 Fitzroy D. Nembhard , Marco M. Carvalho

To avoid software vulnerabilities, organizations are shifting security to earlier stages of the software development, such as at code review time. In this paper, we aim to understand the developers' perspective on assessing software…

Software Engineering · Computer Science 2022-08-09 Larissa Braz , Alberto Bacchelli

This paper tackles the problems of generating concrete test cases for testing whether an application is vulnerable to attacks, and of checking whether security solutions are correctly implemented. The approach proposed in the paper aims at…

Software Engineering · Computer Science 2020-07-08 Sébastien Salva , Loukmen Regainia

CPU caches introduce variations into the execution time of programs that can be exploited by adversaries to recover private information about users or cryptographic keys. Establishing the security of countermeasures against this threat…

Cryptography and Security · Computer Science 2017-05-12 Goran Doychev , Boris Köpf

To counter man-at-the-end attacks such as reverse engineering and tampering, software is often protected with techniques that require support modules to be linked into the application. It is well-known, however, that attackers can exploit…

Cryptography and Security · Computer Science 2019-07-04 Jens Van den Broeck , Bart Coppens , Bjorn De Sutter
‹ Prev 1 2 3 10 Next ›