English
Related papers

Related papers: A Demand-Side Viewpoint to Software Vulnerabilitie…

200 papers

Requirements volatility is a major issue in software development, causing problems such as higher defect density, project delays and cost overruns. Software architecture that guides the overall vision of software product, is one of the…

Software Engineering · Computer Science 2019-04-18 Sandun Dasanayake , Sanja Aaramaa , Jouni Markkula , Markku Oivo

Over the past three decades, computers have managed to make their way into a majority of households. Due to this enormous transition, the surge in the internets popularity was inevitable. Just like everything else, whatever has a pro also…

Cryptography and Security · Computer Science 2024-09-02 C. Amuthadevi , Sparsh Srivastava , Raghav Khatoria , Varun Sangwan

Large language model (LLM) services have recently begun offering a plugin ecosystem to interact with third-party API services. This innovation enhances the capabilities of LLMs, but it also introduces risks, as these plugins developed by…

Cryptography and Security · Computer Science 2024-04-29 Wanru Zhao , Vidit Khazanchi , Haodi Xing , Xuanli He , Qiongkai Xu , Nicholas Donald Lane

Context: Security Vulnerabilities (SVs) pose many serious threats to software systems. Developers usually seek solutions to addressing these SVs on developer Question and Answer (Q&A) websites. However, there is still little known about…

Software Engineering · Computer Science 2021-09-10 Triet H. M. Le , Roland Croft , David Hin , M. Ali Babar

This paper reports a large-scale study that aims to understand how mobile application (app) vulnerabilities are associated with software libraries. We analyze both free and paid apps. Studying paid apps was quite meaningful because it…

Cryptography and Security · Computer Science 2017-03-28 Takuya Watanabe , Mitsuaki Akiyama , Fumihiro Kanei , Eitaro Shioji , Yuta Takata , Bo Sun , Yuta Ishi , Toshiki Shibahara , Takeshi Yagi , Tatsuya Mori

PHP is one of the most commonly used languages to develop web sites because of its simplicity, easy to learn and it can be easily embedded with any of the databases. A web developer with his basic knowledge developing an application without…

Cryptography and Security · Computer Science 2015-06-17 C. Sireesha , G. Jyostna , P. Raghu Varan , P. R. L. Eswari

Software development relies on code reuse to minimize costs, creating vulnerability risks through dependencies with substantial economic impact, as seen in the Crowdstrike and HeartBleed incidents. We analyze 52,897 dependencies across…

Econometrics · Economics 2025-07-02 Cornelius Fritz , Co-Pierre Georg , Angelo Mele , Michael Schweinberger

Cross Site Scripting (XSS) Flaws are currently the most popular security problems in modern web applications. These Flaws make use of vulnerabilities in the code of web-applications, resulting in serious consequences, such as theft of…

Cryptography and Security · Computer Science 2010-04-13 K. Selvamani , A. Duraisamy , A. Kannan

Open source software ecosystems consist of thousands of interdependent libraries, which users can combine to great effect. Recent work has pointed out two kinds of risks in these systems: that technical problems like bugs and…

Software Engineering · Computer Science 2022-05-11 William Schueller , Johannes Wachs

Information is the key asset of all organizations and can exist in many forms. It can be printed or written on paper, stored electronically, transmitted by mail or by electronic means, shown in films, or spoken in conversation. In today's…

Cryptography and Security · Computer Science 2014-04-15 Samir Lemes

The Web is replete with tutorial-style content on how to accomplish programming tasks. Unfortunately, even top-ranked tutorials suffer from severe security vulnerabilities, such as cross-site scripting (XSS), and SQL injection (SQLi).…

Cryptography and Security · Computer Science 2017-04-11 Tommi Unruh , Bhargava Shastry , Malte Skoruppa , Federico Maggi , Konrad Rieck , Jean-Pierre Seifert , Fabian Yamaguchi

Broken access control is one of the most common security vulnerabilities in web applications. These vulnerabilities are the major cause of many data breach incidents, which result in privacy concern and revenue loss. However, preventing and…

Cryptography and Security · Computer Science 2023-04-24 Li Zhong

While the Internet was conceived as a decentralized network, the most widely used web applications today tend toward centralization. Control increasingly rests with centralized service providers who, as a consequence, have also amassed…

Computers and Society · Computer Science 2012-02-22 Arvind Narayanan , Vincent Toubiana , Solon Barocas , Helen Nissenbaum , Dan Boneh

The software supply chain involves a multitude of tools and processes that enable software developers to write, build, and ship applications. Recently, security compromises of tools or processes has led to a surge in proposals to address…

Cryptography and Security · Computer Science 2022-09-12 Marcela S. Melara , Mic Bowman

Open-source software (OSS) supply chain security has become a topic of concern for organizations. Patching an OSS vulnerability can require updating other dependent software products in addition to the original package. However, the…

Software Engineering · Computer Science 2024-04-19 Cadence Patrick , Kimberly Ruth , Zakir Durumeric

Secure software is a cornerstone to safe and resilient digital ecosystems. It offers strong foundation to protect users' sensitive data and guard against cyber-threats. The rapidly increasing landscape of digital economy has encouraged…

Cryptography and Security · Computer Science 2023-07-13 Irum Rauf , Tamara Lopez , Thein Tun , Marian Petre , Bashar Nuseibeh

Identifying security issues early is encouraged to reduce the latent negative impacts on software systems. Code review is a widely-used method that allows developers to manually inspect modified code, catching security issues during a…

Software Engineering · Computer Science 2024-05-10 Wachiraphan Charoenwet , Patanamon Thongtanunam , Van-Thuan Pham , Christoph Treude

Large language models (LLMs) have developed rapidly in recent years, revolutionizing various fields. Despite their widespread success, LLMs heavily rely on external code dependencies from package management systems, creating a complex and…

Cryptography and Security · Computer Science 2025-09-01 Shuhan Liu , Xing Hu , Xin Xia , David Lo , Xiaohu Yang

Open-source projects are essential to software development, but publicly disclosing vulnerabilities without fixes increases the risk of exploitation. The Open Source Security Foundation (OpenSSF) addresses this issue by promoting robust…

Much of the current software depends on open-source components, which in turn have complex dependencies on other open-source libraries. Vulnerabilities in open source therefore have potentially huge impacts. The goal of this work is to get…

Software Engineering · Computer Science 2023-05-10 Tobias Dam , Sebastian Neumaier