English
Related papers

Related papers: CrySL: Validating Correct Usage of Cryptographic A…

200 papers

Advances in quantum computing increasingly threaten the security and privacy of data protected by current cryptosystems, particularly those relying on public-key cryptography. In response, the international cybersecurity community has…

Cryptography and Security · Computer Science 2026-02-17 Marthin Toruan , R. D. N. Shakya , Samuel Tseitkin , Raymond K. Zhao , Nalin Arachchilage

Mobile developers face unique challenges when detecting and reporting crashes in apps due to their prevailing GUI event-driven nature and additional sources of inputs (e.g., sensor readings). To support developers in these tasks, we…

Software Engineering · Computer Science 2017-06-06 Kevin Moran , Mario Linares-Vásquez , Carlos Bernal-Cárdenas , Christopher Vendome , Denys Poshyvanyk

API misuse in code generated by large language models (LLMs) presents a serious and growing challenge in software development, as although LLMs demonstrate impressive code generation capabilities, their interactions with complex library…

Software Engineering · Computer Science 2025-12-19 Terry Yue Zhuo , Junda He , Jiamou Sun , Zhenchang Xing , David Lo , John Grundy , Xiaoning Du

Modern software design practice implies widespread use in the development of ready-made components, usually designed as external libraries. The undoubted advantages of reusing third-party code can be offset by integration errors that appear…

Software Engineering · Computer Science 2022-02-09 Vladislav Feofilaktov , Vladimir Itsykson

Mobile databases are the statutory backbones of many applications on smartphones, and they store a lot of sensitive information. However, vulnerabilities in the operating system or the app logic can lead to sensitive data leakage by giving…

Cryptography and Security · Computer Science 2018-05-31 Gokhan Kul , Shambhu Upadhyaya , Varun Chandola

Authorship identification is the process of identifying and classifying authors through given codes. Authorship identification can be used in a wide range of software domains, e.g., code authorship disputes, plagiarism detection, exposure…

Software Engineering · Computer Science 2020-09-01 Wei Wang , Guozhu Meng , Haoyu Wang , Kai Chen , Weimin Ge , Xiaohong Li

Android OS is severely fragmented by API updates and device vendors' OS customization, creating a market condition where vastly different OS versions coexist. This gives rise to compatibility crash problems where Android apps crash on…

Human-Computer Interaction · Computer Science 2024-06-04 Donghwi Kim , Hyungjun Yoon , Chang Min Park , Sujin Han , Youngjin Kwon , Steven Y. Ko , Sung-Ju Lee

Like many desktop operating systems in the 1990s, Android is now in the process of including support for multi-user scenarios. Because these scenarios introduce new threats to the system, we should have an understanding of how well the…

Cryptography and Security · Computer Science 2014-10-29 Paul Ratazzi , Yousra Aafer , Amit Ahlawat , Hao Hao , Yifei Wang , Wenliang Du

We systematize software side-channel attacks with a focus on vulnerabilities and countermeasures in the cryptographic implementations. Particularly, we survey past research literature to categorize vulnerable implementations, and identify…

Cryptography and Security · Computer Science 2019-12-13 Tianwei Zhang , Jun Jiang , Yinqian Zhang

The pinning APIs of Rust language guarantee memory location stability for self-referential and asynchronous constructs, as long as used according to the pinning API contract. Rust ensures violations of such contract are impossible in…

Software Engineering · Computer Science 2025-06-23 Yuxuan Dai , Yang Feng

Mobile apps offer significant benefits, but their privacy protections often remain ineffective and confusing for users. While prior work mainly analyzes app privacy vulnerabilities, few approaches help users understand, set, and enforce…

Cryptography and Security · Computer Science 2026-04-28 Tran Thanh Lam Nguyen , Edoardo Di Tullio , Barbara Carminati , Elena Ferrari

Contemporary mobile applications (apps) are designed to track, use, and share users' data, often without their consent, which results in potential privacy and transparency issues. To investigate whether mobile apps have always been…

Cryptography and Security · Computer Science 2021-07-29 Saad Sajid Hashmi , Nazar Waheed , Gioacchino Tangari , Muhammad Ikram , Stephen Smith

Recently, interest has been emerging in the application of symbolic techniques to the specification and analysis of cryptosystems. These techniques, when accompanied by suitable proofs of soundness/completeness, can be used both to identify…

Native code is now commonplace within Android app packages where it co-exists and interacts with Dex bytecode through the Java Native Interface to deliver rich app functionalities. Yet, state-of-the-art static analysis approaches have…

Software Engineering · Computer Science 2022-01-25 Jordan Samhi , Jun Gao , Nadia Daoudi , Pierre Graux , Henri Hoyez , Xiaoyu Sun , Kevin Allix , Tegawendé F. Bissyandé , Jacques Klein

Designing an effective API is essential for library developers as it is the lens through which clients will judge its usability and benefits, as well as the main friction point when the library evolves. Despite its importance, defining the…

Software Engineering · Computer Science 2024-02-20 Gustave Monce , Thomas Couturou , Yasmine Hamdaoui , Thomas Degueule , Jean-Rémy Falleri

Resource leak bugs in Android apps are pervasive and can cause serious performance degradation and system crashes. In recent years, several resource leak detection techniques have been proposed to assist Android developers in correctly…

Software Engineering · Computer Science 2016-11-28 Yepang Liu , Lili Wei , Chang Xu , Shing-Chi Cheung

Lack of usability of security Application Programming In- terfaces (APIs) is one of the main reasons for mistakes that programmers make that result in security vulnerabilities in software applications they develop. Especially, APIs that…

Cryptography and Security · Computer Science 2018-05-25 Chamila Wijayarathna , Nalin Asanka Gamagedara Arachchilage

Context: Programmers frequently look for the code of previously solved problems that they can adapt for their own problem. Despite existing example code on the web, on sites like Stack Overflow, cryptographic Application Programming…

Software Engineering · Computer Science 2020-04-09 Kai Mindermann , Stefan Wagner

Android applications are executed on smartphones equipped with a variety of resources that must be properly accessed and controlled, otherwise the correctness of the executions and the stability of the entire environment might be negatively…

Software Engineering · Computer Science 2019-11-22 Oliviero Riganelli , Daniela Micucci , Leonardo Mariani

The integration of open-source third-party library dependencies in Java development introduces significant security risks when these libraries contain known vulnerabilities. Existing Software Composition Analysis (SCA) tools struggle to…

Software Engineering · Computer Science 2025-07-25 Wang Lingxiang , Quanzhi Fu , Wenjia Song , Gelei Deng , Yi Liu , Dan Williams , Ying Zhang