English
Related papers

Related papers: SpellBound: Defending Against Package Typosquattin…

200 papers

Large Language Models (LLMs) enable a new ecosystem with many downstream applications, called LLM applications, with different natural language processing tasks. The functionality and performance of an LLM application highly depend on its…

Cryptography and Security · Computer Science 2025-06-16 Bo Hui , Haolin Yuan , Neil Gong , Philippe Burlina , Yinzhi Cao

Property-based testing (PBT) is a popular technique for establishing confidence in software, where users write properties -- i.e., executable specifications -- that can be checked many times in a loop by a testing framework. In modern PBT…

Software Engineering · Computer Science 2026-02-24 Alperen Keles , Justine Frank , Ceren Mert , Harrison Goldstein , Leonidas Lampropoulos

Transparent and efficient vulnerability and patch disclosure are still a challenge in the security community, essentially because of the poor-quality documentation stemming from the lack of standards. SECOM is a recently-proposed standard…

Cryptography and Security · Computer Science 2023-01-18 Sofia Reis , Corina Pasareanu , Rui Abreu , Hakan Erdogmus

Automatically generating formal specifications could reduce the effort needed to improve program correctness, but in practice, this is still challenging. Many developers avoid writing contracts by hand, which limits the use of automated…

Software Engineering · Computer Science 2026-04-21 Ragib Shahariar Ayon , Shibbir Ahmed

LLM-powered coding agents increasingly make software supply chain decisions. They generate imports, recommend packages, and write installation commands. Prior work showed that these systems can hallucinate non-existent package names, which…

Cryptography and Security · Computer Science 2026-05-12 Yiyong Liu , Chia-Yi Hsu , Chun-Ying Huang , Michael Backes , Rui Wen , Chia-Mu Yu

Tool-augmented Large Language Model (LLM) agents have demonstrated impressive capabilities in automating complex, multi-step real-world tasks, yet remain vulnerable to indirect prompt injection. Adversaries exploit this weakness by…

Cryptography and Security · Computer Science 2026-05-12 Wei Zhao , Zhe Li , Peixin Zhang , Jun Sun

We introduce a novel concept, called Name Confusion, and demonstrate how it can be employed to thwart multiple classes of code-reuse attacks. By building upon Name Confusion, we derive Phantom Name System (PNS): a security protocol that…

Cryptography and Security · Computer Science 2020-08-28 Mohamed Tarek Ibn Ziad , Miguel A. Arroyo , Evgeny Manzhosov , Vasileios P. Kemerlis , Simha Sethumadhavan

We conducted a thorough SLR to better grasp the challenges and possible solutions associated with existing npm security tools. Our goal was to delve into documented experiences and findings. Specifically, we were keen to learn about the…

Software Engineering · Computer Science 2024-07-04 Angel Temelko , Fang Hou , Siamak Farshidi , Slinger Jansen

Relying on dependency packages accelerates software development, but it also increases the exposure to security vulnerabilities that may be present in dependencies. While developers have full control over which dependency packages (and…

Software Engineering · Computer Science 2023-10-13 Abbas Javan Jafari , Diego Elias Costa , Ahmad Abdellatif , Emad Shihab

Recent advances in Artificial Intelligence (AI), especially in Machine Learning (ML), have introduced various practical applications (e.g., virtual personal assistants and autonomous cars) that enhance the experience of everyday users.…

Software Engineering · Computer Science 2020-12-09 Minke Xiu , Ellis E. Eghan , Zhen Ming , Jiang , Bram Adams

Large Language Models (LLMs) are widely deployed in applications that accept user-submitted content, such as uploaded documents or pasted text, for tasks like summarization and question answering. In this paper, we identify a new class of…

Cryptography and Security · Computer Science 2025-08-28 Zhuotao Lian , Weiyu Wang , Qingkui Zeng , Toru Nakanishi , Teruaki Kitasuka , Chunhua Su

PyPI provides a convenient and accessible package management platform to developers, enabling them to quickly implement specific functions and improve work efficiency. However, the rapid development of the PyPI ecosystem has led to a severe…

Software Engineering · Computer Science 2023-09-21 Wenbo Guo , Zhengzi Xu , Chengwei Liu , Cheng Huang , Yong Fang , Yang Liu

Valgrind, and specifically the included tool Memcheck, offers an easy and reliable way for checking the correctness of memory operations in programs. This works in an unintrusive way where Valgrind translates the program into intermediate…

Software Engineering · Computer Science 2013-10-04 Thomas M. Baumann , Jose Gracia

Modern software systems are developed in diverse programming languages and often harbor critical vulnerabilities that attackers can exploit to compromise security. These vulnerabilities have been actively targeted in real-world attacks,…

Cryptography and Security · Computer Science 2025-03-27 Zhuoyun Qian , Fangtian Zhong , Qin Hu , Yili Jiang , Jiaqi Huang , Mengfei Ren , Jiguo Yu

Content moderation is the process of screening and monitoring user-generated content online. It plays a crucial role in stopping content resulting from unacceptable behaviors such as hate speech, harassment, violence against specific…

Computation and Language · Computer Science 2023-01-02 Álvaro Huertas-García , Alejandro Martín , Javier Huertas Tato , David Camacho

GitHub is one of the most widely used public code development platform. However, the code hosted publicly on the platform is vulnerable to commit spoofing that allows an adversary to introduce malicious code or commits into the repository…

Software Engineering · Computer Science 2025-04-29 Anupam Sharma , Sreyashi Karmakar , Gayatri Priyadarsini Kancherla , Abhishek Bichhawat

As the Internet help us cross cultural border by providing different information, plagiarism issue is bound to arise. As a result, plagiarism detection becomes more demanding in overcoming this issue. Different plagiarism detection tools…

Computer Vision and Pattern Recognition · Computer Science 2010-03-25 Chow Kok Kent , Naomie Salim

Visual Prompt Learning (VPL) differs from traditional fine-tuning methods in reducing significant resource consumption by avoiding updating pre-trained model parameters. Instead, it focuses on learning an input perturbation, a visual…

Cryptography and Security · Computer Science 2024-05-27 Huali Ren , Anli Yan , Chong-zhi Gao , Hongyang Yan , Zhenxin Zhang , Jin Li

System prompts that include detailed instructions to describe the task performed by the underlying LLM can easily transform foundation models into tools and services with minimal overhead. They are often considered intellectual property,…

Cryptography and Security · Computer Science 2025-08-07 David Pape , Sina Mavali , Thorsten Eisenhofer , Lea Schönherr

Large language models (LLMs) have profoundly transformed natural language applications, with a growing reliance on instruction-based definitions for designing chatbots. However, post-deployment the chatbot definitions are fixed and are…

Machine Learning · Computer Science 2024-02-20 Reshabh K Sharma , Vinayak Gupta , Dan Grossman
‹ Prev 1 4 5 6 7 8 10 Next ›