English
Related papers

Related papers: An Advanced Approach for Choosing Security Pattern…

200 papers

In the last decade, a lot of effort has been put into securing software application during development in the software industry. Software security is a research field in this area which looks at how security can be weaved into software at…

Cryptography and Security · Computer Science 2014-01-27 Adetunji Adebiyi , Chris Imafidon

Attack trees are a popular way to represent and evaluate potential security threats on systems or infrastructures. The goal of this work is to provide a framework allowing to express and check whether an attack tree is consistent with the…

Cryptography and Security · Computer Science 2018-02-12 Maxime Audinot , Sophie Pinchinat , Barbara Kordy

Pattern classification systems are commonly used in adversarial applications, like biometric authentication, network intrusion detection, and spam filtering, in which data can be purposely manipulated by humans to undermine their operation.…

Machine Learning · Computer Science 2017-09-05 Battista Biggio , Giorgio Fumera , Fabio Roli

Web applications require access to the file-system for many different tasks. When analyzing the security of a web application, secu- rity analysts should thus consider the impact that file-system operations have on the security of the whole…

Cryptography and Security · Computer Science 2017-05-11 Federico De Meo , Luca Viganò

Security patterns are a means to encapsulate and communicate proven security solutions. They are well-established approaches for introducing security into the software development process. Our objective is to explore the research efforts on…

Software Engineering · Computer Science 2018-12-03 Abbas Javan Jafari , Abbas Rasoolzadegan

Spring security is tremendously popular among practitioners for its ease of use to secure enterprise applications. In this paper, we study the application framework misconfiguration vulnerabilities in the light of Spring security, which is…

Cryptography and Security · Computer Science 2020-07-29 Mazharul Islam , Sazzadur Rahaman , Na Meng , Behnaz Hassanshahi , Padmanabhan Krishnan , Danfeng , Yao

Security risk management can be applied on well-defined or existing systems; in this case, the objective is to identify existing vulnerabilities, assess the risks and provide for the adequate countermeasures. Security risk management can…

Cryptography and Security · Computer Science 2014-04-09 Stéphane Paul

Software architecture models capture early design decisions that strongly influence system quality attributes, including security. However, architecture-level security assessment and feedback are often absent in practice, allowing security…

Software Engineering · Computer Science 2026-03-26 Mahdi Jafari , Rahul Sharma , Sami Naim , Christopher Gerking , Ralf Reussner

Security flaws in software applications today has been attributed mostly to design flaws. With limited budget and time to release software into the market, many developers often consider security as an afterthought. Previous research shows…

Cryptography and Security · Computer Science 2013-03-11 A. Adebiyi , Johnnes Arreymbi , Chris Imafidon

Context and Motivation Attack-Defense Trees (ADTs) are a graphical notation used to model and assess security requirements. ADTs are widely popular, as they can facilitate communication between different stakeholders involved in system…

Software Engineering · Computer Science 2024-04-10 Giovanna Broccia , Maurice H. ter Beek , Alberto Lluch Lafuente , Paola Spoletini , Alessio Ferrari

Recently efficient model-checking tools have been developed to find flaws in security protocols specifications. These flaws can be interpreted as potential attacks scenarios but the feasability of these scenarios need to be confirmed at the…

Cryptography and Security · Computer Science 2013-08-01 Hatem Ghabri , Ghazi Maatoug , Michael Rusinowitch

Most safety testing efforts for large language models (LLMs) today focus on evaluating foundation models. However, there is a growing need to evaluate safety at the application level, as components such as system prompts, retrieval…

Software Engineering · Computer Science 2025-07-15 Jia Yi Goh , Shaun Khoo , Nyx Iskandar , Gabriel Chua , Leanne Tan , Jessica Foo

Self-adaptive systems offer several attack surfaces due to the communication via different channels and the different sensors required to observe the environment. Often, attacks cause safety to be compromised as well, making it necessary to…

Cryptography and Security · Computer Science 2023-09-19 Thomas Witte , Raffaela Groner , Alexander Raschke , Matthias Tichy , Irdin Pekaric , Michael Felderer

We propose a methodology for verifying security properties of network protocols at design level. It can be separated in two main parts: context and requirements analysis and informal verification; and formal representation and procedural…

Cryptography and Security · Computer Science 2013-10-29 Jesus Diaz , David Arroyo , Francisco B. Rodriguez

The increasing frequency of attacks on Android applications coupled with the recent popularity of large language models (LLMs) necessitates a comprehensive understanding of the capabilities of the latter in identifying potential…

Cryptography and Security · Computer Science 2025-03-18 Vasileios Kouliaridis , Georgios Karopoulos , Georgios Kambourakis

The software development process is considered as one of the key guidelines in the creation of said software and this approach is necessary for providing a more efficient yet satisfactory output. Without separation of work into distinct…

Software Engineering · Computer Science 2020-12-15 Alya Hannah Ahmad Kamal , Caryn Chuah Yi Yen , Gan Jia Hui , Pang Sze Ling , Fatima-tuz-Zahra

Ensuring the security of large language models (LLMs) is an ongoing challenge despite their widespread popularity. Developers work to enhance LLMs security, but vulnerabilities persist, even in advanced versions like GPT-4. Attackers…

Cryptography and Security · Computer Science 2023-12-19 Aysan Esmradi , Daniel Wankit Yip , Chun Fai Chan

As large language models (LLMs) continue to evolve, it is critical to assess the security threats and vulnerabilities that may arise both during their training phase and after models have been deployed. This survey seeks to define and…

Cryptography and Security · Computer Science 2025-05-05 Francisco Aguilera-Martínez , Fernando Berzal

Penetration Testing is a methodology for assessing network security, by generating and executing possible attacks. Doing so automatically allows for regular and systematic testing. A key question then is how to automatically generate the…

Artificial Intelligence · Computer Science 2013-07-31 Carlos Sarraute

Penetration testing refers to the process of simulating hacker attacks to evaluate the security of information systems . This study aims not only to clarify the theoretical foundations of penetration testing but also to explain and…

Cryptography and Security · Computer Science 2026-02-10 Wei Zhang , Ju Xing , Xiaoqi Li
‹ Prev 1 2 3 10 Next ›