English
Related papers

Related papers: SafeRESTScript: Statically Checking REST API Consu…

200 papers

A gradual type system allows developers to declare certain types to be enforced by the compiler (i.e., statically typed), while leaving other types to be enforced via runtime checks (i.e., dynamically typed). When runtime checks fail,…

Programming Languages · Computer Science 2025-03-03 Felipe Bañados Schwerter , Ronald Garcia , Reid Holmes , Karim Ali

Static analysis has established itself as a weapon of choice for detecting security vulnerabilities. Taint analysis in particular is a very general and powerful technique, where security policies are expressed in terms of forbidden flows,…

Cryptography and Security · Computer Science 2021-11-19 Saikat Dutta , Diego Garbervetsky , Shuvendu Lahiri , Max Schäfer

Automated testing for REST APIs has become essential for ensuring the correctness and reliability of modern web services. While existing approaches primarily focus on detecting server crashes and error codes, they often overlook logical…

Software Engineering · Computer Science 2025-03-20 Ke Zhang , Chenxi Zhang , Chong Wang , Chi Zhang , YaChen Wu , Zhenchang Xing , Yang Liu , Qingshan Li , Xin Peng

Smart contracts written in Solidity are widely used in different blockchain platforms such as Ethereum, TRON and BNB Chain. One of the unique designs in Solidity smart contracts is its state-reverting mechanism for error handling and access…

Software Engineering · Computer Science 2024-06-25 Zeqin Liao , Sicheng Hao , Yuhong Nan , Zibin Zheng

Many researchers have explored ways to bring static typing to dynamic languages. However, to date, such systems are not precise enough when types depend on values, which often arises when using certain Ruby libraries. For example, the type…

Programming Languages · Computer Science 2019-04-09 Milod Kazerounian , Sankha Narayan Guria , Niki Vazou , Jeffrey S. Foster , David Van Horn

The introduction of remote attestation (RA) schemes has allowed academia and industry to enhance the security of their systems. The commercial products currently available enable only the validation of static properties, such as…

Cryptography and Security · Computer Science 2019-04-04 Flavio Toffalini , Eleonora Losiouk , Andrea Biondo , Jianying Zhou , Mauro Conti

In the last years Node.js has emerged as a framework particularly suitable for implementing lightweight IoT applications, thanks to its underlying asynchronous event-driven, non blocking I/O model. However, verifying the correctness of…

Programming Languages · Computer Science 2018-02-07 Davide Ancona , Luca Franceschini , Giorgio Delzanno , Maurizio Leotta , Marina Ribaudo , Filippo Ricca

Recent Large Reasoning Models (LRMs) have achieved remarkable progress on task-specific benchmarks, yet their evaluation methods remain constrained by isolated problem-solving paradigms. Existing benchmarks predominantly assess…

Computation and Language · Computer Science 2025-07-16 Zhuoshi Pan , Qizhi Pei , Yu Li , Qiyao Sun , Zinan Tang , H. Vicky Zhao , Conghui He , Lijun Wu

Ethereum smart contracts are programs that are deployed and executed in a consensus-based blockchain managed by a peer-to-peer network. Several re-entrancy attacks that aim to steal Ether, the cryptocurrency used in Ethereum, stored in…

Cryptography and Security · Computer Science 2020-09-15 Yuichiro Chinen , Naoto Yanai , Jason Paul Cruz , Shingo Okamura

Statically-annotated types have been shown to aid developers in a number of programming tasks, and this benefit holds true even when static type checking is not used. It is hypothesized that this is because developers use type annotations…

Software Engineering · Computer Science 2026-02-05 Samuel W. Flint , Robert Dyer , Bonita Sharif

We present a static analysis technique for detecting data races in Real-Time Operating System (RTOS) applications. These applications are often employed in safety-critical tasks and the presence of races may lead to erroneous behaviour with…

Programming Languages · Computer Science 2020-10-07 Rishi Tulsyan , Rekha Pai , Deepak D'Souza

Smart contracts have been increasingly used together with blockchains to automate financial and business transactions. However, many bugs and vulnerabilities have been identified in many contracts which raises serious concerns about smart…

Software Engineering · Computer Science 2020-05-21 Zhipeng Gao , Lingxiao Jiang , Xin Xia , David Lo , John Grundy

Recent technological advancements have enabled proliferated use of small embedded and IoT devices for collecting, processing, and transferring the security-critical information and user data. This exponential use has acted as a catalyst in…

Cryptography and Security · Computer Science 2021-01-18 Avani Dave , Nilanjan Banerjee , Chintan Patel

Human fallibility, unpredictable operating environments, and the heterogeneity of hardware devices are driving the need for software to be able to adapt as seen in the Internet of Things or telecommunication networks. Unfortunately,…

Programming Languages · Computer Science 2021-05-17 Paul Harvey , Simon Fowler , Ornela Dardha , Simon J. Gay

The Rust programming language, with its safety guarantees, has established itself as a viable choice for low-level systems programming language over the traditional, unsafe alternatives like C/C++. These guarantees come from a strong…

Software Engineering · Computer Science 2023-08-11 Pantazis Deligiannis , Akash Lal , Nikita Mehrotra , Aseem Rastogi

The complexity of browsers has steadily increased over the years, driven by the continuous introduction and update of Web platform components, such as novel Web APIs and security mechanisms. Their specifications are manually reviewed by…

Cryptography and Security · Computer Science 2022-09-02 Lorenzo Veronese , Benjamin Farinier , Pedro Bernardo , Mauro Tempesta , Marco Squarcina , Matteo Maffei

WebRTC is an API that allows users to share streaming information, whether it is text, sound, video or files. It is supported by all major browsers and has a flexible underlying infrastructure. In this study we review current WebRTC…

Cryptography and Security · Computer Science 2016-01-05 Ben Feher , Lior Sidi , Asaf Shabtai , Rami Puzis

Healthcare Internet of Things (IoT) applications require rigorous testing to ensure their dependability. Such applications are typically integrated with various third-party healthcare applications and medical devices through REST APIs. This…

Software Engineering · Computer Science 2023-09-11 Hassan Sartaj , Shaukat Ali , Tao Yue , Kjetil Moberg

Cross Site Scripting (XSS) Flaws are currently the most popular security problems in modern web applications. These Flaws make use of vulnerabilities in the code of web-applications, resulting in serious consequences, such as theft of…

Cryptography and Security · Computer Science 2010-04-13 K. Selvamani , A. Duraisamy , A. Kannan

In stream-based programming, data sources are abstracted as a stream of values that can be manipulated via callback functions. Stream-based programming is exploding in popularity, as it provides a powerful and expressive paradigm for…

Software Engineering · Computer Science 2018-08-10 Benno Stein , Lazaro Clapp , Manu Sridharan , Bor-Yuh Evan Chang