English
Related papers

Related papers: SNITCH: Dynamic Dependent Information Flow Analysi…

200 papers

Context: Ensuring high levels of dependability in modern computer-based systems has become increasingly challenging due to their complexity. Although systems are validated at design time, their behavior can be different at runtime, possibly…

Software Engineering · Computer Science 2026-03-30 Francesco Vitale , Francesco Flammini , Mauro Caporuscio , Nicola Mazzocca

We propose a light-weight approach for certification of monitor inlining for sequential Java bytecode using proof-carrying code. The goal is to enable the use of monitoring for quality assurance at development time, while minimizing the…

Logic in Computer Science · Computer Science 2010-12-15 Mads Dam , Andreas Lundblad

Native code is now commonplace within Android app packages where it co-exists and interacts with Dex bytecode through the Java Native Interface to deliver rich app functionalities. Yet, state-of-the-art static analysis approaches have…

Software Engineering · Computer Science 2022-01-25 Jordan Samhi , Jun Gao , Nadia Daoudi , Pierre Graux , Henri Hoyez , Xiaoyu Sun , Kevin Allix , Tegawendé F. Bissyandé , Jacques Klein

Dynamic program slicing can significantly reduce the code developers need to inspect by narrowing it down to only a subset of relevant program statements. However, despite an extensive body of research showing its usefulness, dynamic…

Software Engineering · Computer Science 2022-01-04 Bogdan Alexandru Stoica , Swarup K. Sahoo , James R. Larus , Vikram S. Adve

Reliable 3D dynamic perception requires models that can anticipate motion beyond predefined categories, yet progress is hindered by the scarcity of dense, high-quality motion annotations. While self-supervision on unlabeled real data offers…

Computer Vision and Pattern Recognition · Computer Science 2026-04-13 Qingwen Zhang , Xiaomeng Zhu , Chenhan Jiang , Patric Jensfelt

We present an efficient and expressive tool for the instrumentation of Java programs at the bytecode-level. BISM (Bytecode-Level Instrumentation for Software Monitoring) is a light-weight Java bytecode instrumentation tool that features an…

Programming Languages · Computer Science 2021-06-04 Chukri Soueidi , Marius Monnier , Ali Kassem , Yliès Falcone

Software vulnerabilities represent one of the most pressing threats to computing systems. Identifying vulnerabilities in source code is crucial for protecting user privacy and reducing economic losses. Traditional static analysis tools rely…

Software Engineering · Computer Science 2024-10-25 Zhonghao Jiang , Weifeng Sun , Xiaoyan Gu , Jiaxin Wu , Tao Wen , Haibo Hu , Meng Yan

Tracing the sequence of library and system calls that a program makes is very helpful in the characterization of its interactions with the surrounding environment and ultimately of its semantics. Due to entanglements of real-world software…

Cryptography and Security · Computer Science 2024-10-30 Daniele Cono D'Elia , Simone Nicchi , Matteo Mariani , Matteo Marini , Federico Palmaro

Applications written in low-level languages without type or memory safety are especially prone to memory corruption. Attackers gain code execution capabilities through such applications despite all currently deployed defenses by exploiting…

Cryptography and Security · Computer Science 2014-07-03 Mathias Payer , Antonio Barresi , Thomas R. Gross

Data-driven software engineering processes, such as vulnerability prediction heavily rely on the quality of the data used. In this paper, we observe that it is infeasible to obtain a noise-free security defect dataset in practice. Despite…

Software Engineering · Computer Science 2022-04-04 Roland Croft , M. Ali Babar , Huaming Chen

Obtaining flow-level measurements, similar to those provided by Netflow/IPFIX, with OpenFlow is challenging as it requires the installation of an entry per flow in the flow tables. This approach does not scale well with the number of…

Networking and Internet Architecture · Computer Science 2017-02-23 José Suárez-Varela , Pere Barlet-Ros

We present the first systematic approach to static and dynamic taint analysis for Graph APIs focusing on broken access control. The approach comprises the following. We taint nodes of the Graph API if they represent data requiring specific…

Cryptography and Security · Computer Science 2026-03-18 Leen Lambers , Lucas Sakizloglou , Taisiya Khakharova , Fernando Orejas

Nowadays, the use of agile software development methods like Scrum is common in industry and academia. Considering the current attacking landscape, it is clear that developing secure software should be a main concern in all software…

Cryptography and Security · Computer Science 2015-07-13 Christoph Pohl , Hans-Joachim Hof

Software systems on the Internet of Things have driven the world into a new industrial revolution, bringing with it new features and concerns such as autonomy, continuous device connectivity, and interaction among systems, users, and…

Software Engineering · Computer Science 2021-07-30 Bruno Pedraca de Souza , Guilherme Horta Travassos

Today's routing protocols critically rely on the assumption that the underlying hardware is trusted. Given the increasing number of attacks on network devices, and recent reports on hardware backdoors this assumption has become…

Networking and Internet Architecture · Computer Science 2017-05-02 Kashyap Thimmaraju , Liron Schiff , Stefan Schmid

The existence of native code in Android apps plays an important role in triggering inconspicuous propagation of secrets and circumventing malware detection. However, the state-of-the-art information-flow analysis tools for Android apps all…

Cryptography and Security · Computer Science 2022-03-01 Cong Sun , Yuwan Ma , Dongrui Zeng , Gang Tan , Siqi Ma , Yafei Wu

With the increasing reliance on software and automation nowadays, tight deadlines, limited resources, and prioritization of functionality over security can lead to insecure coding practices. When not handled properly, these constraints…

Software Engineering · Computer Science 2025-07-16 Chaima Boufaied , Taher Ghaleb , Zainab Masood

LLM API calls are becoming a ubiquitous program construct, yet they create a boundary that no existing program analysis can cross: runtime values enter a natural-language prompt, undergo opaque processing inside the LLM, and re-emerge as…

Software Engineering · Computer Science 2026-05-27 Zihao Xu , Xiao Cheng , Ruijie Meng , Yuekang Li

This paper studies the problem of reasoning about flow security properties in virtualised computing networks with mobility from perspective of formal language. We propose a distributed process algebra CSP_{4v} with security labelled…

Cryptography and Security · Computer Science 2020-04-14 Chunyan Mu

Advanced Persistent Threats (APTs) are stealthy customized attacks by intelligent adversaries. This paper deals with the detection of APTs that infiltrate cyber systems and compromise specifically targeted data and/or infrastructures.…

Computer Science and Game Theory · Computer Science 2021-06-29 Shana Moothedath , Dinuka Sahabandu , Joey Allen , Andrew Clark , Linda Bushnell , Wenke Lee , Radha Poovendran