English
Related papers

Related papers: Mir: Automated Quantifiable Privilege Reduction Ag…

200 papers

Third-party libraries are crucial to the development of software projects. To get suitable libraries, developers need to search through millions of libraries by filtering, evaluating, and comparing. The vast number of libraries places a…

Software Engineering · Computer Science 2020-05-26 Zhensu Sun , Yan Liu , Ziming Cheng , Chen Yang , Pengyu Che

Developers rely on the static safety guarantees of the Rust programming language to write secure and performant applications. However, Rust is frequently used to interoperate with other languages which allow design patterns that conflict…

Software Engineering · Computer Science 2026-01-12 Ian McCormack , Joshua Sunshine , Jonathan Aldrich

Modern software systems are increasingly dependent on third-party libraries. It is widely recognized that using mature and well-tested third-party libraries can improve developers' productivity, reduce time-to-market, and produce more…

Software Engineering · Computer Science 2016-12-07 Mohamed Aymen Saied , Ali Ouni , Houari Sahraoui , Raula Gaikovina Kula , Katsuro Inoue , David Lo

Evaluation and alignment pipelines for large language models increasingly rely on LLM-based judges, whose behavior is guided by natural-language rubrics and validated on benchmarks. We identify a previously under-recognized vulnerability in…

Cryptography and Security · Computer Science 2026-02-17 Ruomeng Ding , Yifei Pang , He Sun , Yizhong Wang , Zhiwei Steven Wu , Zhun Deng

Many programs involves operations and logic manipulating user privileges, which is essential for the security of an organization. Therefore, one common malicious goal of attackers is to obtain or escalate the privileges, causing privilege…

Cryptography and Security · Computer Science 2024-07-10 Haizhou Wang , Zhilong Wang , Peng Liu

Software libraries implement APIs that deliver reusable functionalities. To correctly use these functionalities, software applications must satisfy certain correctness policies, for instance policies about the order some API methods can be…

Software Engineering · Computer Science 2020-10-14 Oliviero Riganelli , Daniela Micucci , Leonardo Mariani

Private information retrieval (PIR) protocols ensure that a user can download a file from a database without revealing any information on the identity of the requested file to the servers storing the database. While existing protocols…

Information Theory · Computer Science 2021-11-03 Hsuan-Yin Lin , Siddhartha Kumar , Eirik Rosnes , Alexandre Graell i Amat , Eitan Yaakobi

Web developers routinely rely on third-party Java-Script libraries such as jQuery to enhance the functionality of their sites. However, if not properly maintained, such dependencies can create attack vectors allowing a site to be…

Cryptography and Security · Computer Science 2020-02-17 Tobias Lauinger , Abdelberi Chaabane , Sajjad Arshad , William Robertson , Christo Wilson , Engin Kirda

Process malleability has proved to have a highly positive impact on the resource utilization and global productivity in data centers compared with the conventional static resource allocation policy. However, the non-negligible additional…

Distributed, Parallel, and Cluster Computing · Computer Science 2026-04-30 Sergio Iserte , Rafael Mayo , Enrique S. Quintana-Ortí , Antonio J. Peña

Modern software design practice implies widespread use in the development of ready-made components, usually designed as external libraries. The undoubted advantages of reusing third-party code can be offset by integration errors that appear…

Software Engineering · Computer Science 2022-02-09 Vladislav Feofilaktov , Vladimir Itsykson

Third-party library reuse has become common practice in contemporary software development, as it includes several benefits for developers. Library dependencies are constantly evolving, with newly added features and patches that fix bugs in…

Software Engineering · Computer Science 2017-09-15 Raula Gaikovina Kula , Daniel M. German , Ali Ouni , Takashi Ishio , Katsuro Inoue

An inherent security limitation with the classic multithreaded programming model is that all the threads share the same address space and, therefore, are implicitly assumed to be mutually trusted. This assumption, however, does not take…

Operating Systems · Computer Science 2013-05-22 Jun Wang , Xi Xiong , Peng Liu

Motivated by recent interest in federated submodel learning, this work explores the fundamental problem of privately reading from and writing to a database comprised of $K$ files (submodels) that are stored across $N$ distributed servers…

Information Theory · Computer Science 2021-03-23 Zhuqing Jia , Syed A. Jafar

Layer-7 (L7) proxies are critical to modern cloud-native systems, yet their performance is increasingly bottlenecked by copying entire payloads across the kernel-user boundary. Existing approaches reduce this overhead but typically…

Networking and Internet Architecture · Computer Science 2026-05-01 Kairui Zhou , Shengkai Lin , Wei Zhang , Shizhen Zhao

With the rapid growth of software, using third-party libraries (TPLs) has become increasingly popular. The prosperity of the library usage has provided the software engineers with handful of methods to facilitate and boost the program…

Software Engineering · Computer Science 2022-04-19 Can Yang , Zhengzi Xu , Hongxu Chen , Yang Liu , Xiaorui Gong , Baoxu Liu

As coding agents gain access to shells, repositories, and user files, least-privilege authorization becomes a prerequisite for safe deployment: an agent should receive enough authority to complete the task, without unnecessary authority…

Cryptography and Security · Computer Science 2026-05-18 Zheng Yan , Jingxiang Weng , Charles Chen , Dengyun Peng , Ethan Qin , Jiannan Guan , Jinhao Liu , Qiming Yu , Yixin Yuan , Fanqing Meng , Carl Che , Mengkang Hu

Large language models (LLMs) are increasingly deployed in enterprise settings where they handle sensitive documents and user context, raising acute concerns over security and controllability. Conventional access control regulates whether…

Cryptography and Security · Computer Science 2026-05-12 Pengcheng Sun , Lan Zhang , Zhaopeng Zhang , Jiewei Lai , Chen Tang

The Android framework provides a rich set of APIs that can be exploited by developers to build their apps. However, the rapid evolution of these APIs jointly with the specific characteristics of the lifecycle of the Android components…

Software Engineering · Computer Science 2022-02-25 Oliviero Riganelli , Ionut Daniel Fagadau , Daniela Micucci , Leonardo Mariani

Multi-agent reinforcement learning (MARL) research is inherently computationally expensive and it is often difficult to obtain a sufficient number of experiment samples to test hypotheses and make robust statistical claims. Furthermore,…

QDax is an open-source library with a streamlined and modular API for Quality-Diversity (QD) optimization algorithms in Jax. The library serves as a versatile tool for optimization purposes, ranging from black-box optimization to continuous…

‹ Prev 1 2 3 10 Next ›