English
Related papers

Related papers: Software Distribution Transparency and Auditabilit…

200 papers

The open-source Linux operating system is available through a wide variety of distributions, each containing a collection of installable software packages. It can be important to keep these packages as fresh as possible to benefit from new…

Software Engineering · Computer Science 2020-08-03 Damien Legay , Alexandre Decan , Tom Mens

Software systems have grown as an indispensable commodity used across various industries, and almost all essential services depend on them for effective operation. The software is no longer an independent or stand-alone piece of code…

Software Engineering · Computer Science 2025-05-29 Ritwik Murali , Akash Ravi

Advanced Persistent Threat (APT) attack usually refers to the form of long-term, covert and sustained attack on specific targets, with an adversary using advanced attack techniques to destroy the key facilities of an organization. APT…

Cryptography and Security · Computer Science 2021-12-20 Tiantian Zhu , Jinkai Yu , Tieming Chen , Jiayu Wang , Jie Ying , Ye Tian , Mingqi Lv , Yan Chen , Yuan Fan , Ting Wang

Malicious attacks on open-source software packages are a growing concern. The discovery of the XZ Utils backdoor intensified these concerns because of the potential widespread impact. This study, therefore, explores the challenges of…

Cryptography and Security · Computer Science 2025-07-22 Duc-Ly Vu , Trevor Dunlap , Karla Obermeier-Velazquez , Thanh-Cong Nguyen , Paul Gibert , John Speed Meyers , Santiago Torres-Arias

Automotive software is increasingly complex and critical to safe vehicle operation, and related embedded systems must remain up-to-date to ensure long-term system performance. Update mechanisms and data modification tools introduce…

Cryptography and Security · Computer Science 2020-06-25 Gregory Falco , Joshua E. Siegel

Supply chain attacks have emerged as a prominent cybersecurity threat in recent years. Reproducible and bootstrappable builds have the potential to reduce such attacks significantly. In combination with independent, exhaustive and periodic…

Cryptography and Security · Computer Science 2025-05-29 Joshua Drexel , Esther Hänggi , Iyán Méndez Veiga

Software updates reduce the opportunity for exploitation. However, since updates can also introduce breaking changes, enterprises face the problem of balancing the need to secure software with updates with the need to support operations. We…

Cryptography and Security · Computer Science 2022-05-26 Giorgio Di Tizio , Michele Armellini , Fabio Massacci

The rise of advanced persistent threats (APTs) has marked a significant cybersecurity challenge, characterized by sophisticated orchestration, stealthy execution, extended persistence, and targeting valuable assets across diverse sectors.…

Cryptography and Security · Computer Science 2024-04-19 Yuntao Wang , Han Liu , Zhendong Li , Zhou Su , Jiliang Li

Advanced persistent threats (APT) are stealthy cyber-attacks that are aimed at stealing valuable information from target organizations and tend to extend in time. Blocking all APTs is impossible, security experts caution, hence the…

Cryptography and Security · Computer Science 2021-05-24 Sidahmed Benabderrahmane , Ghita Berrada , James Cheney , Petko Valtchev

Open-source software is increasingly reused, complicating the process of patching to repair bugs. In the case of Linux, a distinct ecosystem has formed, with Linux mainline serving as the upstream, stable or long-term-support (LTS) systems…

Software Engineering · Computer Science 2024-02-09 Xingyu Li , Zheng Zhang , Zhiyun Qian , Trent Jaeger , Chengyu Song

In modern software development workflows, the open-source software supply chain contributes significantly to efficient and convenient engineering practices. With increasing system complexity, using open-source software as third-party…

Software Engineering · Computer Science 2025-11-18 Zihe Yan , Kai Luo , Haoyu Yang , Yang Yu , Zhuosheng Zhang , Guancheng Li

Linux users expect fresh packages in the official repositories of their distributions. Yet, due to philosophical divergences, the packages available in various distributions do not all have the same degree of freshness. Users therefore need…

Software Engineering · Computer Science 2021-03-17 Damien Legay , Alexandre Decan , Tom Mens

Software supply chain attacks have revealed blind spots in existing SCA tools, which are often limited to a single ecosystem and assess either software artifacts or community activity in isolation. This fragmentation across tools and…

Software Engineering · Computer Science 2025-12-02 Ziheng Liu , Runzhi He , Minghui Zhou

Advanced Persistent Threats (APTs) are sophisticated, targeted cyberattacks designed to gain unauthorized access to systems and remain undetected for extended periods. To evade detection, APT cyberattacks deceive defense layers with…

Cryptography and Security · Computer Science 2024-06-28 Sidahmed Benabderrahmane , Ngoc Hoang , Petko Valtchev , James Cheney , Talal Rahwan

Transparency is crucial in security-critical applications that rely on authoritative information, as it provides a robust mechanism for holding these authorities accountable for their actions. A number of solutions have emerged in recent…

Cryptography and Security · Computer Science 2018-08-08 Mustafa Al-Bassam , Sarah Meiklejohn

Threat information sharing is considered as one of the proactive defensive approaches for enhancing the overall security of trusted partners. Trusted partner organizations can provide access to past and current cybersecurity threats for…

Cryptography and Security · Computer Science 2021-12-21 Hisham Ali , Pavlos Papadopoulos , Jawad Ahmad , Nikolaos Pitropakis , Zakwan Jaroucheh , William J. Buchanan

With the increasing demand for data storage and the exponential growth of data, traditional single-server architectures are no longer sufficient to handle the massive amounts of data storage, transfer, and various file system events. As a…

Cryptography and Security · Computer Science 2023-05-23 Sayed Erfan Arefin

The absolute majority of software today is developed collaboratively using collaborative version control tools such as Git. It is a common practice that once a vulnerability is detected and fixed, the developers behind the software issue a…

Cryptography and Security · Computer Science 2023-02-07 Nitzan Farhi , Noam Koenigstein , Yuval Shavitt

Trusted computing defines how to securely measure, store, and verify the integrity of software controlling a computer. One of the major challenges that make them hard to be applied in practice is the issue with software updates.…

Cryptography and Security · Computer Science 2021-01-06 Wojciech Ozga , Do Le Quoc , Christof Fetzer

We describe a tracking technique for Linux devices, exploiting a new TCP source port generation mechanism recently introduced to the Linux kernel. This mechanism is based on an algorithm, standardized in RFC 6056, for boosting security by…

Cryptography and Security · Computer Science 2022-12-23 Moshe Kol , Amit Klein , Yossi Gilad
‹ Prev 1 2 3 10 Next ›