English
Related papers

Related papers: SafeRESTScript: Statically Checking REST API Consu…

200 papers

With the emergence of the Node.js ecosystem, JavaScript has become a widely-used programming language for implementing server-side web applications. In this paper, we present the first empirical study of static code analysis tools for…

Cryptography and Security · Computer Science 2023-08-07 Tiago Brito , Mafalda Ferreira , Miguel Monteiro , Pedro Lopes , Miguel Barros , José Fragoso Santos , Nuno Santos

We introduce Cargo Scan, the first interactive program analysis tool designed to help developers audit third-party Rust code. Real systems written in Rust rely on thousands of transitive dependencies. These dependencies are as dangerous in…

Programming Languages · Computer Science 2026-02-09 Lydia Zoghbi , David Thien , Ranjit Jhala , Deian Stefan , Caleb Stanford

The JavaScript programming language, which began as a simple scripting language for the Web, has become ubiquitous, spanning desktop, mobile, and server applications. This increase in usage has made JavaScript an attractive target for…

Cryptography and Security · Computer Science 2024-10-29 José Miguel Moreno , Narseo Vallina-Rodriguez , Juan Tapiador

Static analysis is an essential component of many modern software development tools. Unfortunately, the ever-increasing complexity of static analyzers makes their coding error-prone. Even analysis tools based on rigorous mathematical…

Software Engineering · Computer Science 2025-05-08 Daniela Ferreiro , Ignacio Casso , Jose F. Morales , Pedro López-García , Manuel V. Hermenegildo

Testing has become an indispensable activity of software development, yet writing good and relevant tests remains a quite challenging task. One well-known problem is that it often is impossible or unrealistic to test for every outcome, as…

Programming Languages · Computer Science 2017-08-18 Dimitri Racordon , Didier Buchs

Testing RESTful API is increasingly important in quality assurance of cloud-native applications. Recent advances in machine learning (ML) techniques have demonstrated that various testing activities can be performed automatically by large…

Software Engineering · Computer Science 2025-11-25 Xiaoke Han , Hong Zhu

Modern software relies on a multitude of automated testing and quality assurance tools to prevent errors, bugs and potential vulnerabilities. This study sets out to provide a head-to-head, quantitative and qualitative evaluation of six…

Software Engineering · Computer Science 2025-08-07 Damian Gnieciak , Tomasz Szandala

Rust is an emerging programming language that aims to prevent memory-safety bugs. However, the current design of Rust also brings side effects which may increase the risk of memory-safety issues. In particular, it employs OBRM…

Programming Languages · Computer Science 2021-04-27 Mohan Cui , Chengjun Chen , Hui Xu , Yangfan Zhou

Session management is a fundamental component of web applications: despite the apparent simplicity, correctly implementing web sessions is extremely tricky, as witnessed by the large number of existing attacks. This motivated the design of…

Cryptography and Security · Computer Science 2020-06-03 Stefano Calzavara , Riccardo Focardi , Niklas Grimm , Matteo Maffei , Mauro Tempesta

Although Rust primarily intends to be a safe programming language that excludes undefined behaviour, it provides its users with the escape hatch of unsafe Rust, allowing them to circumvent some of its strong compile-time checks. This…

Programming Languages · Computer Science 2025-10-28 Alex Le Blanc , Patrick Lam

WebAssembly is a low-level bytecode language that allows high-level languages like C, C++, and Rust to be executed in the browser at near-native performance. In recent years, WebAssembly has gained widespread adoption is now natively…

Cryptography and Security · Computer Science 2024-03-25 Håkon Harnes , Donn Morrison

std::string view is a reference-like data structure in the C++ Standard Template Library (STL) that enables fast and cheap processing of read-only strings. Due to its wide applicability and performance enhancing power, std::string view has…

Software Engineering · Computer Science 2024-08-20 Reka Kovacs , Gabor Horvath , Zoltan Porkolab

Browser fingerprinting is a stateless identification technique based on browser properties. Together, they form an identifier that can be collected without users' notice and has been studied to be unique and stable. As this technique relies…

Cryptography and Security · Computer Science 2021-03-02 Antonin Durey , Pierre Laperdrix , Walter Rudametkin , Romain Rouvoy

We propose an approach for preventing unsafe or otherwise low-quality large language model (LLM) outputs by leveraging the stochasticity of LLMs, an approach we call Repeated Checking with Regeneration (RCR). In this system, LLM checkers…

Artificial Intelligence · Computer Science 2025-09-30 Jake R. Watts , Joel Sokol

To identify security vulnerabilities in Android applications, numerous static application security testing (SAST) tools have been proposed. However, it poses significant challenges to assess their overall performance on diverse…

Software Engineering · Computer Science 2024-10-29 Jingyun Zhu , Kaixuan Li , Sen Chen , Lingling Fan , Junjie Wang , Xiaofei Xie

The cryptocurrency Ethereum is the most widely used execution platform for smart contracts. Smart contracts are distributed applications, which govern financial assets and, hence, can implement advanced financial instruments, such as…

Cryptography and Security · Computer Science 2023-02-01 Sebastian Holler , Sebastian Biewer , Clara Schneidewind

Dynamically typed object-oriented languages enable programmers to write elegant, reusable and extensible programs. However, with the current methodology for program verification, the absence of static type information creates significant…

Programming Languages · Computer Science 2015-01-13 Björn Engelmann , Ernst-Rüdiger Olderog , Nils Erik Flick

Multiparty session typing (MPST) is a method to make concurrent programming simpler. The idea is to use type checking to automatically detect safety and liveness violations of implementations relative to specifications. In practice, the…

Programming Languages · Computer Science 2025-01-30 Sung-Shik Jongmans

The Java virtual machine and the .NET common language runtime feature an access control mechanism specified operationally in terms of run-time stack inspection. We give a denotational semantics in "eager" form, and show that it is…

Programming Languages · Computer Science 2013-09-23 Anindya Banerjee , David A. Naumann

Web application pentesting is a crucial component in the offensive cybersecurity area, whose aim is to safeguard web applications and web services as the majority of the web applications are mounted in publicly accessible web environments.…

Cryptography and Security · Computer Science 2024-10-17 María Olivares-Naya , Jacobo Casado de Gracia , Alfonso Sánchez-Macián