English
Related papers

Related papers: Revisiting Security Vulnerabilities in Commercial …

200 papers

Context: Static Application Security Testing Tools (SASTTs) identify software vulnerabilities to support the security and reliability of software applications. Interestingly, several studies have suggested that alternative solutions may be…

Software Engineering · Computer Science 2024-03-15 Matteo Esposito , Valentina Falaschi , Davide Falessi

Vulnerabilities related to weak passwords are a pressing global economic and security issue. We report a novel, simple, and effective approach to address the weak password problem. Building upon chaotic dynamics, criticality at phase…

Cryptography and Security · Computer Science 2015-05-27 T. V. Laptyeva , S. Flach , K. Kladko

This study investigates the effectiveness of multifactor authentication (MFA) in protecting commercial accounts from unauthorized access, with an additional focus on accounts with known credential leaks. We employ the benchmark-multiplier…

Cryptography and Security · Computer Science 2023-05-02 Lucas Augusto Meyer , Sergio Romero , Gabriele Bertoli , Tom Burt , Alex Weinert , Juan Lavista Ferres

Password advice is constantly circulated by standards agencies, companies, websites and specialists. But there appears to be great diversity in terms of the advice that is given. Users have noticed that different websites are enforcing…

Cryptography and Security · Computer Science 2018-09-10 Hazel Murray , David Malone

In today's world, Web applications play a very important role in individual life as well as in any country's development. Web applications have gone through a very rapid growth in the recent years and their adoption is moving faster than…

Cryptography and Security · Computer Science 2013-06-18 Diallo Abdoulaye Kindy , Al-Sakib Khan Pathan

In today's digitally interconnected world, cybersecurity threats have reached unprecedented levels, presenting a pressing concern for individuals, organizations, and governments. This study employs a qualitative research approach to…

Cryptography and Security · Computer Science 2024-01-02 Daksh Dave , Gauransh Sawhney , Pushkar Aggarwal , Nitish Silswal , Dhruv Khut

Password security plays a crucial role in cybersecurity, yet traditional password strength meters, which rely on static rules like character-type requirements, often fail. Such methods are easily bypassed by common password patterns (e.g.,…

Cryptography and Security · Computer Science 2025-11-14 Muhammed El Mustaqeem Mazelan , Noor Hazlina Abdul , Nouar AlDahoul

As a new format of mobile application, mini programs, which function within a larger app and are built with HTML, CSS, and JavaScript web technology, have become the way to do almost everything in China. This paper presents our research on…

Cryptography and Security · Computer Science 2022-05-31 Jianyi Zhang , Leixin Yang , Yuyang Han , Zhi Sun , Zixiao Xiang

This paper attempts to strengthen the pursued research on social engineering (SE) threat identification, and control, by means of the author's illustrated classification, which includes attack types, determining the degree of possible harm…

Cryptography and Security · Computer Science 2019-02-25 V. Y. Sokolov , O. Y. Korzhenko

Cybersecurity incidents such as data breaches have become increasingly common, affecting millions of users and organizations worldwide. The complexity of cybersecurity threats challenges the effectiveness of existing security communication…

Cryptography and Security · Computer Science 2025-04-04 Carolina Carreira , Alexandra Mendes , João F. Ferreira , Nicolas Christin

Large language models (LLMs) are increasingly prevalent in security research. Their unique characteristics, however, introduce challenges that undermine established paradigms of reproducibility, rigor, and evaluation. Prior work has…

Like many desktop operating systems in the 1990s, Android is now in the process of including support for multi-user scenarios. Because these scenarios introduce new threats to the system, we should have an understanding of how well the…

Cryptography and Security · Computer Science 2014-10-29 Paul Ratazzi , Yousra Aafer , Amit Ahlawat , Hao Hao , Yifei Wang , Wenliang Du

Due to increased security awareness of enterprises for mobile applications operating with sensitive or personal data as well as extended regulations form legislative (the principle of proportionality) various approaches, how to implement…

Networking and Internet Architecture · Computer Science 2013-04-02 Florian G. Furtmueller

In recent years, Cloud Computing has transformed local businesses and created new business models on the Internet- and Cloud services are still flourishing. But after the emphatic hype in the early years, a more realistic perception of…

Cryptography and Security · Computer Science 2024-05-21 Fabian Süß , Marco Freimuth , Andreas Aßmuth , George R. S. Weir , Bob Duncan

To protect cryptographic implementations from side-channel vulnerabilities, developers must adopt constant-time programming practices. As these can be error-prone, many side-channel detection tools have been proposed. Despite this, such…

Cryptography and Security · Computer Science 2023-10-13 Antoine Geimer , Mathéo Vergnolle , Frédéric Recoules , Lesly-Ann Daniel , Sébastien Bardin , Clémentine Maurice

Modern web browsers have effectively become the new operating system for business applications, yet their security posture is often under-scrutinized. This paper presents a novel, comprehensive Browser Security Posture Analysis…

Cryptography and Security · Computer Science 2025-05-14 Avihay Cohen

In recent years, the importance of smart contract security has been heightened by the increasing number of attacks against them. To address this issue, a multitude of static application security testing (SAST) tools have been proposed for…

Software Engineering · Computer Science 2024-07-02 Kaixuan Li , Yue Xue , Sen Chen , Han Liu , Kairan Sun , Ming Hu , Haijun Wang , Yang Liu , Yixiang Chen

Existing SQL access control mechanisms are extremely limited. Attackers can leak information and escalate their privileges using advanced database features such as views, triggers, and integrity constraints. This is not merely a problem of…

Cryptography and Security · Computer Science 2016-11-18 Marco Guarnieri , Srdjan Marinovic , David Basin

Single Sign-On (SSO) systems simplify login procedures by using an an Identity Provider (IdP) to issue authentication tokens which can be consumed by Service Providers (SPs). Traditionally, IdPs are modeled as trusted third parties. This is…

Cryptography and Security · Computer Science 2014-12-05 Christian Mainka , Vladislav Mladenov , Jörg Schwenk

Safety is a paramount concern for large language models (LLMs) in open deployment, motivating the development of safeguard methods that enforce ethical and responsible use through safety alignment or guardrail mechanisms. Jailbreak attacks…

Cryptography and Security · Computer Science 2025-04-10 Qingzhao Zhang , Ziyang Xiong , Z. Morley Mao