English
Related papers

Related papers: SpellBound: Defending Against Package Typosquattin…

200 papers

Standardized file formats play a key role in the development and use of computer software. However, it is possible to abuse standardized file formats by creating a file that is valid in multiple file formats. The resulting polyglot (many…

Cryptography and Security · Computer Science 2022-04-14 Luke Koch , Sean Oesch , Mary Adkisson , Sam Erwin , Brian Weber , Amul Chaulagain

Malicious code in open-source repositories such as PyPI poses a growing threat to software supply chains. Traditional rule-based tools often overlook the semantic patterns in source code that are crucial for identifying adversarial…

Software Engineering · Computer Science 2026-01-27 Muhammad Umar Zeshan , Motunrayo Ibiyo , Claudio Di Sipio , Phuong T. Nguyen , Davide Di Ruscio

Patch backporting, the process of migrating mainline security patches to older branches, is an essential task in maintaining popular open-source projects (e.g., Linux kernel). However, manual backporting can be labor-intensive, while…

Cryptography and Security · Computer Science 2025-10-28 Zhaoyang Li , Zheng Yu , Jingyi Song , Meng Xu , Yuxuan Luo , Dongliang Mu

With the increasing usage of open-source software (OSS) components, vulnerabilities embedded within them are propagated to a huge number of underlying applications. In practice, the timely application of security patches in downstream…

Cryptography and Security · Computer Science 2023-01-09 Xinda Wang , Shu Wang , Pengbin Feng , Kun Sun , Sushil Jajodia , Sanae Benchaaboun , Frank Geck

Source code plagiarism is a common occurrence in undergraduate computer science education. In order to identify such cases, many source code plagiarism detection tools have been proposed. A source code plagiarism detection tool evaluates…

Software Engineering · Computer Science 2021-04-23 Hayden Cheers , Yuqing Lin , Shamus P. Smith

Cross-lingual plagiarism (CLP) occurs when texts written in one language are translated into a different language and used without acknowledging the original sources. One of the most common methods for detecting CLP requires online machine…

Computation and Language · Computer Science 2018-01-04 Victor Thompson

Deep packet inspection technology became a cornerstone of Internet censorship by facilitating cheap and effective filtering of what censors consider undesired information. Moreover, filtering is not limited to simple pattern matching but…

Cryptography and Security · Computer Science 2013-05-15 Philipp Winter , Tobias Pulls , Juergen Fuss

Recent high-profile incidents in open-source software have greatly raised practitioner attention on software supply chain attacks. To guard against potential malicious package updates, security practitioners advocate pinning dependency to…

Software Engineering · Computer Science 2025-02-11 Hao He , Bogdan Vasilescu , Christian Kästner

As software grows increasingly complex, the quantity and diversity of concerns to be addressed also rises. To answer this diversity of concerns, developers may end up using multiple programming languages in a single software project, a…

Programming Languages · Computer Science 2025-03-03 Philémon Houdaille , Djamel Eddine Khelladi , Benoit Combemale , Gunter Mussbacher , Tijs van der Storm

Artificial Intelligence (AI) and Machine Learning (ML) are pervasive in the current computer science landscape. Yet, there still exists a lack of software engineering experience and best practices in this field. One such best practice,…

Software Engineering · Computer Science 2021-03-09 Bart van Oort , Luís Cruz , Maurício Aniche , Arie van Deursen

Command injection vulnerabilities are a significant security threat in dynamic languages like Python, particularly in widely used open-source projects where security issues can have extensive impact. With the proven effectiveness of Large…

Software Engineering · Computer Science 2025-05-22 Yuxuan Wang , Jingshu Chen , Qingyang Wang

Watermarking has emerged as a promising technique for detecting texts generated by LLMs. Current research has primarily focused on three design criteria: high quality of the watermarked text, high detectability, and robustness against…

Cryptography and Security · Computer Science 2025-04-11 Li An , Yujian Liu , Yepeng Liu , Yang Zhang , Yuheng Bu , Shiyu Chang

We reveal the theoretical foundations of techniques for editing large language models, and present new methods which can do so without requiring retraining. Our theoretical insights show that a single metric (a measure of the intrinsic…

Artificial Intelligence · Computer Science 2024-10-31 Oliver J. Sutton , Qinghua Zhou , Wei Wang , Desmond J. Higham , Alexander N. Gorban , Alexander Bastounis , Ivan Y. Tyukin

Typographic attacks exploit the interplay between text and visual content in multimodal foundation models, causing misclassifications when misleading text is embedded within images. Existing datasets are limited in size and diversity,…

Computer Vision and Pattern Recognition · Computer Science 2026-03-19 Justus Westerhoff , Erblina Purelku , Jakob Hackstein , Jonas Loos , Leo Pinetzki , Erik Rodner , Lorenz Hufe

LLM-powered coding agents increasingly participate in software development workflows by generating code, selecting dependencies, and producing package installation commands. This creates a new software supply chain risk: when an agent…

Cryptography and Security · Computer Science 2026-05-29 Chia-Yi Hsu , Chia-Mu Yu , Chun-Ying Huang , Jun Sakuma

Type inference for dynamic languages like Python is a persistent challenge in software engineering. While large language models (LLMs) have shown promise in code understanding, their type inference capabilities remain underexplored. We…

Software Engineering · Computer Science 2025-07-31 Honghua Dong , Jiacheng Yang , Xun Deng , Yuhe Jiang , Gennady Pekhimenko , Fan Long , Xujie Si

App repackaging refers to the practice of customizing an existing mobile app and redistributing it in the wild. In this way, the attacker aims to force some mobile users to install the repackaged(likely malicious) app instead of the…

Cryptography and Security · Computer Science 2021-01-11 Alessio Merlo , Antonio Ruggia , Luigi Sciolla , Luca Verderame

Many security and software testing applications require checking whether certain properties of a program hold for any possible usage scenario. For instance, a tool for identifying software vulnerabilities may need to rule out the existence…

Software Engineering · Computer Science 2018-05-03 Roberto Baldoni , Emilio Coppa , Daniele Cono D'Elia , Camil Demetrescu , Irene Finocchi

In many programming languages there exist countless nuances, making developers accidentally release new versions of their packages that are not backwards-compatible. Such releases can directly impact projects which are using their packages,…

Programming Languages · Computer Science 2023-08-29 Tomasz Nowak , Michał Staniewski , Mieszko Grodzicki , Bartosz Smolarczyk

With the continuous rise of malicious campaigns and the exploitation of new attack vectors, it is necessary to assess the efficacy of the defensive mechanisms used to detect them. To this end, the contribution of our work is twofold. First,…

Cryptography and Security · Computer Science 2021-05-04 Vasilios Koutsokostas , Constantinos Patsakis
‹ Prev 1 3 4 5 6 7 10 Next ›