English
Related papers

Related papers: Is Less Really More? Why Reducing Code Reuse Gadge…

200 papers

The problem of "debloating" programs for security and performance purposes has begun to see increased attention. Of particular interest in many environments is debloating commodity off-the-shelf (COTS) software, which is most commonly made…

Programming Languages · Computer Science 2020-05-18 Michael Vaughn , Thomas Reps

Software engineering and information systems practices seek ultimately to create the flawless product. One of the tools used to improve the quality of software development is the use of metrics. In this paper, metrics retrieved from open…

Software Engineering · Computer Science 2015-11-11 Mamdouh Alenezi , Ibrahim Abunadi

The deployment of monoculture software stacks can cause a devastating damage even by a single exploit against a single vulnerability. Inspired by the resilience benefit of biological diversity, the concept of software diversity has been…

Cryptography and Security · Computer Science 2021-11-22 Huashan Chen , Richard B. Garcia-Lebron , Zheyuan Sun , Jin-Hee Cho , Shouhuai Xu

The software development community has been using code quality metrics for the last five decades. Despite their wide adoption, code quality metrics have attracted a fair share of criticism. In this paper, first, we carry out a qualitative…

Software Engineering · Computer Science 2020-12-24 Tushar Sharma , Diomidis Spinellis

Context: Code refactoring is widely recognized as an essential software engineering practice that improves the understandability and maintainability of source code. Several studies attempted to detect refactoring activities through mining…

Software Engineering · Computer Science 2025-02-07 Eman Abdullah AlOmar

Context: Performance regressions negatively impact execution time and memory usage of software systems. Nevertheless, there is a lack of systematic methods to evaluate the effectiveness of performance test suites. Performance mutation…

Software debloating seeks to mitigate security risks and improve performance by eliminating unnecessary code. In recent years, a plethora of debloating tools have been developed, creating a dense and varied landscape. Several studies have…

Software Engineering · Computer Science 2024-07-17 Mohannad Alhanahnah , Yazan Boshmaf , Ashish Gehani

Code-reuse attacks have become a kind of common attack method, in which attackers use the existing code in the program to hijack the control flow. Most existing defenses focus on control flow integrity (CFI), code randomization, and…

Cryptography and Security · Computer Science 2023-03-23 Xiaoqi Song , Wenjie Lv , Haipeng Qu , Lingyun Ying

Today's software is bloated with both code and features that are not used by most users. This bloat is prevalent across the entire software stack, from operating systems and applications to containers. Containers are lightweight…

Evaluating the effectiveness of software protection is crucial for selecting the most effective methods to safeguard assets within software applications. Obfuscation involves techniques that deliberately modify software to make it more…

Cryptography and Security · Computer Science 2025-11-27 Leonardo Regano , Daniele Canavese , Cataldo Basile , Marco Torchiano

In this paper we provide secrecy metrics applicable to physical-layer coding techniques with finite blocklengths over Gaussian and fading wiretap channel models. Our metrics go beyond some of the known practical secrecy measures, such as…

Cryptography and Security · Computer Science 2015-09-24 Willie K. Harrison , Dinis Sarmento , João P. Vilela , Marco Gomes

While Minimum Bayes Risk (MBR) decoding using metrics such as COMET or MetricX has outperformed traditional decoding methods such as greedy or beam search, it introduces a challenge we refer to as metric bias. As MBR decoding aims to…

Computation and Language · Computer Science 2024-11-07 Geza Kovacs , Daniel Deutsch , Markus Freitag

Just-in-time return-oriented programming (JIT-ROP) allows one to dynamically discover instruction pages and launch code reuse attacks, effectively bypassing most fine-grained address space layout randomization (ASLR) protection. However,…

Cryptography and Security · Computer Science 2020-06-16 Salman Ahmed , Ya Xiao , Gang Tan , Kevin Snow , Fabian Monrose , Danfeng , Yao

The accurate measurement of security metrics is a critical research problem because an improper or inaccurate measurement process can ruin the usefulness of the metrics, no matter how well they are defined. This is a highly challenging…

Applications · Statistics 2018-10-18 Pang Du , Zheyuan Sun , Huashan Chen , Jin-Hee Cho , Shouhuai Xu

The use of learning-based techniques to achieve automated software vulnerability detection has been of longstanding interest within the software security domain. These data-driven solutions are enabled by large software vulnerability…

Software Engineering · Computer Science 2023-01-16 Roland Croft , M. Ali Babar , Mehdi Kholoosi

Leakage of confidential information represents a serious security risk. Despite a number of novel, theoretical advances, it has been unclear if and how quantitative approaches to measuring leakage of confidential information could be…

Cryptography and Security · Computer Science 2010-07-07 Jonathan Heusser , Pasquale Malacaria

Logging code plays an important role in software systems by recording key events and behaviors, which are essential for debugging and monitoring. However, insecure logging practices can inadvertently expose sensitive information or enable…

Software Engineering · Computer Science 2026-04-23 He Yang Yuan , Xin Wang , Kundi Yao , An Ran Chen , Zishuo Ding , Zhenhao Li

With the increasing reliance on software and automation nowadays, tight deadlines, limited resources, and prioritization of functionality over security can lead to insecure coding practices. When not handled properly, these constraints…

Software Engineering · Computer Science 2025-07-16 Chaima Boufaied , Taher Ghaleb , Zainab Masood

Researchers have developed numerous debugging approaches to help programmers in the debugging process, but these approaches are rarely used in practice. In this paper, we investigate how programmers debug their code and what researchers…

Software Engineering · Computer Science 2021-03-24 Thomas Hirsch , Birgit Hofer

Despite recent advances in Large Language Models (LLMs) for code generation, the quality of LLM-generated code still faces significant challenges. One significant issue is code repetition, which refers to the model's tendency to generate…

Software Engineering · Computer Science 2025-04-18 Mingwei Liu , Juntao Li , Ying Wang , Xueying Du , Zuoyu Ou , Qiuyuan Chen , Bingxu An , Zhao Wei , Yong Xu , Fangming Zou , Xin Peng , Yiling Lou