English
Related papers

Related papers: Vulnerabilities Mapping based on OWASP-SANS: a Sur…

200 papers

A common security architecture is based on the protection of certain resources by permission checks (used e.g., in Android and Blackberry). It has some limitations, for instance, when applications are granted more permissions than they…

Software Engineering · Computer Science 2023-05-05 Alexandre Bartel , Jacques Klein , Martin Monperrus , Yves Le Traon

Background: Due to their diversity, complexity, and above all importance, safety-critical and dependable systems must be developed with special diligence. Criticality increases as these systems likely contain artificial intelligence (AI)…

Software Engineering · Computer Science 2025-06-03 Amra Ramic , Stefan Kugele

The past few years have witnessed a boom of miniapps, as lightweight applications, miniapps are of great importance in the mobile internet sector. Consequently, the security of miniapps can directly impact compromising the integrity of…

Cryptography and Security · Computer Science 2023-11-21 Yuyang Han , Xu Ji , Zhiqiang Wang , Jianyi Zhang

Static analysis is sound in theory, but an implementation may unsoundly fail to analyze all of a program's code. Any such omission is a serious threat to the validity of the tool's output. Our work is the first to measure the prevalence of…

Software Engineering · Computer Science 2024-07-11 Jordan Samhi , René Just , Tegawendé F. Bissyandé , Michael D. Ernst , Jacques Klein

We propose an extension to the OWASP Multi-Agentic System (MAS) Threat Modeling Guide, translating recent anticipatory research in multi-agent security (MASEC) into practical guidance for addressing challenges unique to large language model…

Multiagent Systems · Computer Science 2025-08-14 Klaudia Krawiecka , Christian Schroeder de Witt

Software vulnerabilities can cause numerous problems, including crashes, data loss, and security breaches. These issues greatly compromise quality and can negatively impact the market adoption of software applications and systems.…

This paper tackles the problems of generating concrete test cases for testing whether an application is vulnerable to attacks, and of checking whether security solutions are correctly implemented. The approach proposed in the paper aims at…

Software Engineering · Computer Science 2020-07-08 Sébastien Salva , Loukmen Regainia

Several studies showed that misuses of cryptographic APIs are common in real-world code (e.g., Apache projects and Android apps). There exist several open-sourced and commercial security tools that automatically screen Java programs to…

Cryptography and Security · Computer Science 2021-12-09 Sharmin Afrose , Ya Xiao , Sazzadur Rahaman , Barton P. Miller , Danfeng , Yao

Machine learning (ML) applications have become an integral part of our lives. ML applications extensively use floating-point computation and involve very large/small numbers; thus, maintaining the numerical stability of such complex…

Software Engineering · Computer Science 2025-04-24 Shaila Sharmin , Anwar Hossain Zahid , Subhankar Bhattacharjee , Chiamaka Igwilo , Miryung Kim , Wei Le

Broken Access Control (BAC) violations, which consistently rank among the top five security risks in the OWASP API Security Top 10, refer to unauthorized access attempts arising from BAC vulnerabilities, whose successful exploitation can…

Cryptography and Security · Computer Science 2025-12-24 Yanjing Yang , He Zhang , Bohan Liu , Jinwei Xu , Jinghao Hu , Liming Dong , Zhewen Mao , Dongxue Pan

Pointers are a powerful, but dangerous feature provided by the C and C++ programming languages, and incorrect use of pointers is a common source of bugs and security vulnerabilities. Making secure software is crucial, as vulnerabilities…

Formal Languages and Automata Theory · Computer Science 2024-11-01 Vlad-Alexandru Teodorescu , Dorel Lucanu

Nowadays, web services play a major role in the development of enterprise applications. Many such applications are now developed using a service-oriented architecture (SOA), where microservices is one of its most popular kind. A RESTful web…

Software Engineering · Computer Science 2019-01-08 Andrea Arcuri

Security issues in shipped code can lead to unforeseen device malfunction, system crashes or malicious exploitation by crackers, post-deployment. These vulnerabilities incur a cost of repair and foremost risk the credibility of the company.…

Artificial Intelligence · Computer Science 2021-04-20 Anshul Tanwar , Hariharan Manikandan , Krishna Sundaresan , Prasanna Ganesan , Sathish Kumar Chandrasekaran , Sriram Ravi

As computing systems become increasingly advanced and as users increasingly engage themselves in technology, security has never been a greater concern. In malware detection, static analysis, the method of analyzing potentially malicious…

Cryptography and Security · Computer Science 2018-05-22 Chan Woo Kim

Software vulnerabilities in source code pose serious cybersecurity risks, prompting a shift from traditional detection methods (e.g., static analysis, rule-based matching) to AI-driven approaches. This study presents a systematic review of…

Software Engineering · Computer Science 2025-06-13 Samiha Shimmi , Hamed Okhravi , Mona Rahimi

Modern web browsers have effectively become the new operating system for business applications, yet their security posture is often under-scrutinized. This paper presents a novel, comprehensive Browser Security Posture Analysis…

Cryptography and Security · Computer Science 2025-05-14 Avihay Cohen

The thesis advances the field of software security by providing knowledge and automation support for software vulnerability assessment using data-driven approaches. Software vulnerability assessment provides important and multifaceted…

Software Engineering · Computer Science 2023-06-21 Triet H. M. Le

The interest in autonomous vehicles (AVs) for critical missions, including transportation, rescue, surveillance, reconnaissance, and mapping, is growing rapidly due to their significant safety and mobility benefits. AVs consist of complex…

Cryptography and Security · Computer Science 2025-09-23 Md Wasiul Haque , Md Erfan , Sagar Dasgupta , Md Rayhanur Rahman , Mizanur Rahman

While static analysis is useful in detecting early-stage hardware security bugs, its efficacy is limited because it requires information to form checks and is often unable to explain the security impact of a detected vulnerability. Large…

Cryptography and Security · Computer Science 2025-05-01 Baleegh Ahmad , Hammond Pearce , Ramesh Karri , Benjamin Tan

Systems of systems (SoSs) are particularly vulnerable to faults and other threats to their dependability, but frequently inhabit domains that demand high levels of dependability. For this reason fault tolerance analysis is important in SoS…

Software Engineering · Computer Science 2014-05-09 Claire Ingram , Steve Riddle , John Fitzgerald , Sakina A. H. J. Al-Lawati , Afra Alrbaiyan