English
Related papers

Related papers: Code-based Vulnerability Detection in Node.js Appl…

200 papers

Android is nowadays the most popular operating system in the world, not only in the realm of mobile devices, but also when considering desktop and laptop computers. Such a popularity makes it an attractive target for security attacks, also…

Web applications are becoming truly pervasive in all kinds of business models and organizations. Today, most critical systems such as those related to health care, banking, or even emergency response, are relying on these applications. They…

Cryptography and Security · Computer Science 2009-06-01 Joaquin Garcia-Alfaro , Guillermo Navarro-Arribas

The automated code evaluation system (AES) is mainly designed to reliably assess user-submitted code. Due to their extensive range of applications and the accumulation of valuable resources, AESs are becoming increasingly popular. Research…

Software Engineering · Computer Science 2023-07-19 Md. Mostafizer Rahman , Yutaka Watanobe , Atsushi Shirafuji , Mohamed Hamada

Web sites routinely incorporate JavaScript programs from several sources into a single page. These sources must be protected from one another, which requires robust sandboxing. The many entry-points of sandboxes and the subtleties of…

Programming Languages · Computer Science 2015-06-26 Joe Gibbs Politz , Spiridon Eliopoulos , Arjun Guha , Shriram Krishnamurthi

Serverless computing has rapidly emerged as a prominent cloud paradigm, enabling developers to focus solely on application logic without the burden of managing servers or underlying infrastructure. Public serverless repositories have become…

Cryptography and Security · Computer Science 2025-10-21 Eduard Marin , Jinwoo Kim , Alessio Pavoni , Mauro Conti , Roberto Di Pietro

Contemporary software projects often utilize a README.md to share crucial information such as installation and usage examples related to their software. Furthermore, these files serve as an important source of updated and useful…

Software Engineering · Computer Science 2018-02-28 Shohei Ikeda , Akinori Ihara , Raula Gaikovina Kula , Kenichi Matsumoto

Even though a lot of effort has been invested in analyzing client-side web applications during the past decade, the existing tools often fail to deal with the complexity of modern JavaScript applications. However, from an attacker point of…

Software Engineering · Computer Science 2020-04-15 Behnaz Hassanshahi , Hyunjun Lee , Paddy Krishnan , Jörn Güy Suß

For better or worse, JavaScript is the cornerstone of modern Web. Prototype-based languages like JavaScript are susceptible to prototype pollution vulnerabilities, enabling an attacker to inject arbitrary properties into an object's…

Cryptography and Security · Computer Science 2023-11-08 Mikhail Shcherbakov , Paul Moosbrugger , Musard Balliu

Typical Node.js applications extensively rely on packages hosted in the npm registry. As such packages may be used by thousands of other packages or applications, it is important to assess their code coverage. Moreover, increasing code…

Software Engineering · Computer Science 2021-05-17 Haiyang Sun , Andrea Rosà , Daniele Bonetta , Walter Binder

Code cloning is frequently observed in software development, often leading to a variety of maintenance and security issues. While substantial research has been conducted on code cloning in traditional software, to the best of my knowledge,…

Software Engineering · Computer Science 2025-08-26 Huashan Chen , Zisheng Huang , Yifan Xu , Wenjie Huang , Jinfu Chen , Haotang Li , Kebin Peng , Feng Liu , Sen He

Web communication has become an indispensable characteristic of mobile apps. However, it is not clear what data the apps transmit, to whom, and what consequences such transmissions have. We analyzed the web communications found in mobile…

Cryptography and Security · Computer Science 2020-06-03 Pascal Gadient , Mohammad Ghafari , Marc-Andrea Tarnutzer , Oscar Nierstrasz

In today's digital landscape, the importance of timely and accurate vulnerability detection has significantly increased. This paper presents a novel approach that leverages transformer-based models and machine learning techniques to…

Software Engineering · Computer Science 2025-01-10 Daniele Cipollone , Changjie Wang , Mariano Scazzariello , Simone Ferlin , Maliheh Izadi , Dejan Kostic , Marco Chiesa

Tracing the sequence of library and system calls that a program makes is very helpful in the characterization of its interactions with the surrounding environment and ultimately of its semantics. Due to entanglements of real-world software…

Cryptography and Security · Computer Science 2024-10-30 Daniele Cono D'Elia , Simone Nicchi , Matteo Mariani , Matteo Marini , Federico Palmaro

We systematize software side-channel attacks with a focus on vulnerabilities and countermeasures in the cryptographic implementations. Particularly, we survey past research literature to categorize vulnerable implementations, and identify…

Cryptography and Security · Computer Science 2019-12-13 Tianwei Zhang , Jun Jiang , Yinqian Zhang

Recent years have witnessed the emerging trend of extensions in modern Integrated Development Environments (IDEs) like Visual Studio Code (VSCode) that significantly enhance developer productivity. Especially, popular AI coding assistants…

Cryptography and Security · Computer Science 2024-12-30 Yue Liu , Chakkrit Tantithamthavorn , Li Li

Mobile applications (apps) have become an essential part of everyday life, offering convenient access to services such as banking, healthcare, and shopping. With these apps handling sensitive personal and financial data, ensuring their…

Cryptography and Security · Computer Science 2024-08-20 Anthony Peruma , Timothy Huo , Ana Catarina Araújo , Jake Imanaka , Rick Kazman

The static properties of code repositories, e.g., lines of code, dependents, dependencies, etc. can be readily scraped from code hosting platforms such as GitHub, and from package management systems such as npm for JavaScript; Although no…

Software Engineering · Computer Science 2022-03-31 Ellen Arteca , Alexi Turcotte

Context: Scientific open-source software (SciOSS) plays a foundational role in research and engineering, yet its long-term sustainability has often been overlooked and remains a significant concern. Objective: This study investigates the…

Software Engineering · Computer Science 2026-05-06 Sheikh Md. Mushfiqur Rahman , Gregory R. Watson , Nasir U. Eisty

Log4j has become a widely adopted logging library for Java programs due to its long history and high reliability. Its widespread use is notable not only because of its maturity but also due to the complexity and depth of its features, which…

Linux containers have risen in popularity in the last few years, making their way to commercial IT service offerings (such as PaaS), application deployments, and Continuous Delivery/Integration pipelines within various development teams.…

Cryptography and Security · Computer Science 2020-08-12 Samuel P. Mullinix , Erikton Konomi , Renee Davis Townsend , Reza M. Parizi