English
Related papers

Related papers: Mir: Automated Quantifiable Privilege Reduction Ag…

200 papers

Software libraries are central to the functionality, security, and maintainability of modern code. As developers increasingly turn to Large Language Models (LLMs) to assist with programming tasks, understanding how these models recommend…

Software Engineering · Computer Science 2025-08-08 Jasmine Latendresse , SayedHassan Khatoonabadi , Emad Shihab

Content moderation for large language models (LLMs) remains a significant challenge, requiring flexible and adaptable solutions that can quickly respond to emerging threats. This paper introduces Retrieval Augmented Rejection (RAR), a novel…

Information Retrieval · Computer Science 2025-05-21 Tommaso Mario Buonocore , Enea Parimbelli

Protected user-level libraries have been proposed as a way to allow mutually distrusting applications to safely share kernel-bypass services. In this paper, we identify and solve several previously unaddressed obstacles to realizing this…

Operating Systems · Computer Science 2025-09-04 Alan Beadle , Michael L. Scott , John Criswell

Android applications are executed on smartphones equipped with a variety of resources that must be properly accessed and controlled, otherwise the correctness of the executions and the stability of the entire environment might be negatively…

Software Engineering · Computer Science 2019-11-22 Oliviero Riganelli , Daniela Micucci , Leonardo Mariani

Despite its obvious benefits, the increased adoption of package managers to automate the reuse of libraries has opened the door to a new class of hazards: supply chain attacks. By injecting malicious code in one library, an attacker may…

Software Engineering · Computer Science 2021-11-08 Nicolas Harrand , Thomas Durieux , David Broman , Benoit Baudry

Designing Reinforcement Learning (RL) solutions for real-life problems remains a significant challenge. A major area of concern is safety. "Shielding" is a popular technique to enforce safety in RL by turning user-defined safety…

Machine Learning · Computer Science 2024-05-31 Alexander Politowicz , Sahisnu Mazumder , Bing Liu

Modern software systems heavily use C/C++ based libraries. Because of the weak memory model of C/C++, libraries may suffer from vulnerabilities which can expose the applications to potential attacks. For example, a very large number of…

Cryptography and Security · Computer Science 2019-02-19 Girish Mururu , Chris Porter , Prithayan Barua , Santosh Pande

In the current software development environment, third-party libraries play a crucial role. They provide developers with rich functionality and convenient solutions, speeding up the pace and efficiency of software development. However, with…

Software Engineering · Computer Science 2024-04-30 Jia Zeng , Dan Han , Yaling Zhu , Yangzhong Wang , Fangchen Weng

The migration process between different third-party libraries is hard, complex and error-prone. Typically, during a library migration, developers need to find methods in the new library that are most adequate in replacing the old methods of…

Software Engineering · Computer Science 2019-06-07 Hussein Alrubaye , Mohamed Wiem Mkaouer , Ali Ouni

DRAM scaling has exacerbated the RowHammer vulnerability. To counter this, JEDEC recently introduced Per Row Activation Counting (PRAC) with the Alert Back-Off protocol as an optional DDR5 feature. While promising, PRAC requires per-row…

Cryptography and Security · Computer Science 2026-05-19 Jeonghyun Woo , Junsu Kim , Aamer Jaleel , Prashant J. Nair

Third-party libraries are essential in software development as they prevent the need for developers to recreate existing functionalities. However, vulnerabilities within these libraries pose significant risks to dependent projects.…

Software Engineering · Computer Science 2025-04-01 Zirui Chen , Xing Hu , Puhua Sun , Xin Xia , Xiaohu Yang

Open-Source Projects and Libraries are being used in software development while also bearing multiple security vulnerabilities. This use of third party ecosystem creates a new kind of attack surface for a product in development. An…

Software Engineering · Computer Science 2018-08-15 Lorenzo Neil , Sudip Mittal , Anupam Joshi

Least privilege is a core security principle: grant each request only the minimum access needed to achieve its goal. Deployed language models almost never follow it, instead being exposed through a single API endpoint that serves all users…

Cryptography and Security · Computer Science 2026-03-05 Paulius Rauba , Dominykas Seputis , Patrikas Vanagas , Mihaela van der Schaar

As a mixed result of intensive dependency on third-party libraries, flexible mechanism to declare dependencies, and increased number of modules in a project, multiple versions of the same third-party library are directly depended in…

Software Engineering · Computer Science 2020-02-26 Kaifeng Huang , Bihuan Chen , Bowen Shi , Ying Wang , Congying Xu , Xin Peng

Software complexity has increased over the years. One common way to tackle this complexity during development is to encapsulate features into a shared library. This allows developers to reuse already implemented features instead of…

Cryptography and Security · Computer Science 2019-09-17 Nicolai Davidsson , Andre Pawlowski , Thorsten Holz

Large language models (LLMs) achieve impressive performance across diverse tasks yet remain vulnerable to jailbreak attacks that bypass safety mechanisms. We present RAID (Refusal-Aware and Integrated Decoding), a framework that…

Computation and Language · Computer Science 2025-12-23 Tuan T. Nguyen , John Le , Thai T. Vu , Willy Susilo , Heath Cooper

Traditional compilers, designed for optimizing low-level code, fall short when dealing with modern, computation-heavy applications like image processing, machine learning, or numerical simulations. Optimizations should understand the…

Programming Languages · Computer Science 2024-11-21 Roland Leißa , Marcel Ulrich , Joachim Meyer , Sebastian Hack

Coding agents are becoming increasingly capable of completing end-to-end software engineering workflows that previously required a human developer, including raising pull requests (PRs) to propose their changes. However, we still know…

Software Engineering · Computer Science 2026-01-28 Lukas Twist , Jie M. Zhang

Modern software projects use automated CI/CD pipelines to streamline their development, build, and deployment processes. GitHub Actions is a popular CI/CD platform that enables project maintainers to create custom workflows -- collections…

Cryptography and Security · Computer Science 2025-12-15 Mojtaba Moazen , Amir. M Ahmadian , Musard Balliu

Web applications remain the dominant attack surface in cybersecurity, where vulnerabilities such as SQL injection, XSS, and business logic flaws continue to cause significant data breaches. While penetration testing is effective for…

Cryptography and Security · Computer Science 2026-03-31 Tran Vy Khang , Nguyen Dang Nguyen Khang , Nghi Hoang Khoa , Do Thi Thu Hien , Van-Hau Pham , Phan The Duy