English
Related papers

Related papers: Leveraging Flawed Tutorials for Seeding Large-Scal…

200 papers

Security critical software, e.g., OpenSSL, comes with numerous side-channel leakages left unpatched due to a lack of resources or experts. The situation will only worsen as the pace of code development accelerates, with developers relying…

Cryptography and Security · Computer Science 2023-08-28 M. Caner Tol , Berk Sunar

Context: Identifying potential vulnerable code is important to improve the security of our software systems. However, the manual detection of software vulnerabilities requires expert knowledge and is time-consuming, and must be supported by…

Cryptography and Security · Computer Science 2022-01-24 Laura Wartschinski , Yannic Noller , Thomas Vogel , Timo Kehrer , Lars Grunske

The advancements in machine learning techniques have encouraged researchers to apply these techniques to a myriad of software engineering tasks that use source code analysis, such as testing and vulnerability detection. Such a large number…

Software Engineering · Computer Science 2022-09-14 Tushar Sharma , Maria Kechagia , Stefanos Georgiou , Rohit Tiwari , Indira Vats , Hadi Moazen , Federica Sarro

Context: Traditional software security analysis methods struggle to keep pace with the scale and complexity of modern codebases, requiring intelligent automation to detect, assess, and remediate vulnerabilities more efficiently and…

Software Engineering · Computer Science 2026-01-14 Shaznin Sultana , Sadia Afreen , Nasir U. Eisty

PHP's dominance in web development is undermined by security challenges: static analysis lacks semantic depth, causing high false positives; dynamic analysis is computationally expensive; and automated vulnerability localization suffers…

Cryptography and Security · Computer Science 2026-01-13 Zhiqiang Wang , Yizhong Ding , Zilong Xiao , Jinyu Lu , Yan Jia , Yanjun Li

This work presents a new tool to verify the correctness of cryptographic implementations with respect to cache attacks. Our methodology discovers vulnerabilities that are hard to find with other techniques, observed as exploitable leakage.…

Cryptography and Security · Computer Science 2017-09-07 Gorka Irazoqui , Kai Cong , Xiaofei Guo , Hareesh Khattri , Arun Kanuparthi , Thomas Eisenbarth , Berk Sunar

Typical users are known to use and reuse weak passwords. Yet, as cybersecurity concerns continue to rise, understanding the password practices of software developers becomes increasingly important. In this work, we examine developers'…

Software Engineering · Computer Science 2023-07-04 Nikolaos Lykousas , Constantinos Patsakis

In modern software development workflows, the open-source software supply chain contributes significantly to efficient and convenient engineering practices. With increasing system complexity, using open-source software as third-party…

Software Engineering · Computer Science 2025-11-18 Zihe Yan , Kai Luo , Haoyu Yang , Yang Yu , Zhuosheng Zhang , Guancheng Li

WebAssembly is revolutionizing the approach to developing modern applications. Although this technology was born to create portable and performant modules in web browsers, currently, its capabilities are extensively exploited in multiple…

Cryptography and Security · Computer Science 2025-02-11 Gaetano Perrone , Simon Pietro Romano

Coverage-guided fuzz testing has received significant attention from the research community, with a strong focus on binary applications, greatly disregarding other targets, such as web applications. The importance of the World Wide Web in…

Cryptography and Security · Computer Science 2024-07-02 Sebastian Neef , Lorenz Kleissner , Jean-Pierre Seifert

The Java libraries JCA and JSSE offer cryptographic APIs to facilitate secure coding. When developers misuse some of the APIs, their code becomes vulnerable to cyber-attacks. To eliminate such vulnerabilities, people built tools to detect…

Cryptography and Security · Computer Science 2022-05-02 Ying Zhang , Ya Xiao , Md Mahir Asef Kabir , Danfeng , Yao , Na Meng

Identifying potentially vulnerable locations in a code base is critical as a pre-step for effective vulnerability assessment; i.e., it can greatly help security experts put their time and effort to where it is needed most. Metric-based and…

Software Engineering · Computer Science 2020-01-22 Xiaoning Du , Bihuan Chen , Yuekang Li , Jianmin Guo , Yaqin Zhou , Yang Liu , Yu Jiang

Recently, ChatGPT has attracted great attention from the code analysis domain. Prior works show that ChatGPT has the capabilities of processing foundational code analysis tasks, such as abstract syntax tree generation, which indicates the…

Software Engineering · Computer Science 2024-06-21 Peiyu Liu , Junming Liu , Lirong Fu , Kangjie Lu , Yifan Xia , Xuhong Zhang , Wenzhi Chen , Haiqin Weng , Shouling Ji , Wenhai Wang

While code review is central to the software development process, it can be tedious and expensive to carry out. In this paper, we investigate whether and how Large Language Models (LLMs) can aid with code reviews. Our investigation focuses…

Software Engineering · Computer Science 2024-03-14 Rasmus Ingemann Tuffveson Jensen , Vali Tawosi , Salwa Alamir

Prior studies generally focus on software vulnerability detection and have demonstrated the effectiveness of Graph Neural Network (GNN)-based approaches for the task. Considering the various types of software vulnerabilities and the…

Software Engineering · Computer Science 2023-06-13 Xin-Cheng Wen , Cuiyun Gao , Feng Luo , Haoyu Wang , Ge Li , Qing Liao

Background: The C and C++ languages hold significant importance in Software Engineering research because of their widespread use in practice. Numerous studies have utilized Machine Learning (ML) and Deep Learning (DL) techniques to detect…

Software Engineering · Computer Science 2024-08-06 Anh The Nguyen , Triet Huynh Minh Le , M. Ali Babar

Large language models (LLMs) are increasingly deployed through open-source and commercial frameworks, enabling individuals and organizations to self-host advanced LLM capabilities. As LLM deployments become prevalent, particularly in…

Cryptography and Security · Computer Science 2025-08-27 Xinyi Hou , Jiahao Han , Yanjie Zhao , Haoyu Wang

The complexity of modern processor architectures has given rise to sophisticated interactions among their components. Such interactions may result in potential attack vectors in terms of side channels, possibly available to user-land…

Cryptography and Security · Computer Science 2022-11-28 Ahmad Ibrahim , Hamed Nemati , Till Schlüter , Nils Ole Tippenhauer , Christian Rossow

Code obfuscation is widely adopted in modern software development to protect intellectual property and hinder reverse engineering, but it also provides attackers with a powerful means to conceal malicious logic inside otherwise legitimate…

Cryptography and Security · Computer Science 2026-04-02 Francesco Pagano , Lorenzo Pisu , Leonardo Regano , Davide Maiorca , Alessio Merlo , Giorgio Giacinto

Vulnerability detection plays a key role in secure software development. There are many different vulnerability detection tools and techniques to choose from, and insufficient information on which vulnerability detection techniques to use…

Software Engineering · Computer Science 2021-03-10 Sarah Elder
‹ Prev 1 4 5 6 7 8 10 Next ›