English
Related papers

Related papers: VET: Identifying and Avoiding UI Exploration Tarpi…

200 papers

Due to the wide adoption of IoT/CPS systems, embedded devices(IoT frontends) become increasingly connected and mission-critical, which in turn has attracted advanced attacks (e.g., control-flow hijacks and data-only attacks). Unfortunately,…

Cryptography and Security · Computer Science 2019-10-02 Zhichuang Sun , Bo Feng , Long Lu , Somesh Jha

Many IoT devices are vulnerable to attacks due to flawed security designs and lacking mechanisms for firmware updates or patches to eliminate the security vulnerabilities. Device-type identification combined with data from vulnerability…

Networking and Internet Architecture · Computer Science 2021-02-17 Jakob Greis , Artem Yushchenko , Daniel Vogel , Michael Meier , Volker Steinhage

This paper presents the Userspace Integrity Measurement Toolkit (USIM Toolkit), a set of integrity measurement collection tools capable of detecting advanced malware threats, such as memory-only implants, that evade many traditional…

Cryptography and Security · Computer Science 2019-05-01 J. Aaron Pendergrass , Nathan Hull , John Clemens , Sarah Helble , Mark Thober , Kathleen McGill , Machon Gregory , Peter Loscocco

Automatic generators of GUI tests often fail to generate semantically relevant test cases, and thus miss important test scenarios. To address this issue, test adaptation techniques can be used to automatically generate semantically…

Software Engineering · Computer Science 2026-01-12 Leonardo Mariani , Mauro Pezzè , Valerio Terragni , Daniele Zuddas

Currently, Application Programming Interfaces (APIs) are becoming increasingly popular to facilitate data transfer in a variety of mobile applications. These APIs often process sensitive user information through their endpoints, which are…

Cryptography and Security · Computer Science 2023-10-24 Nate Haris , Kendree Chen , Ann Song , Benjamin Pou

Recent years have seen smart contracts are getting increasingly popular in building trustworthy decentralized applications. Previous research has proposed static and dynamic techniques to detect vulnerabilities in smart contracts. These…

Software Engineering · Computer Science 2022-07-06 Jiaming Ye , Mingliang Ma , Yun Lin , Lei Ma , Yinxing Xue , Jianjun Zhao

Mobile apps are indispensable for people's daily life. Complementing with automated GUI testing, manual testing is the last line of defence for app quality. However, the repeated actions and easily missing of functionalities make manual…

Software Engineering · Computer Science 2022-01-31 Zhe Liu , Chunyang Chen , Junjie Wang , Yuekai Huang , Jun Hu , Qing Wang

Touch interfaces are replacing physical buttons, dials, and switches in the new generation of cars, aircraft, and vessels. However, vehicle vibrations and accelerations perturb finger movements and cause erroneous touchscreen inputs by…

Systems and Control · Electrical Eng. & Systems 2025-08-22 Daan M. Pool , Yasemin Vardar

Despite recent advancements in torque-controlled tactile robots, integrating them into manufacturing settings remains challenging, particularly in complex environments. Simplifying robotic skill programming for non-experts is crucial for…

Robotics · Computer Science 2024-08-27 Kübra Karacan , Anran Zhang , Hamid Sadeghian , Fan Wu , Sami Haddadin

The integration of open-source third-party library dependencies in Java development introduces significant security risks when these libraries contain known vulnerabilities. Existing Software Composition Analysis (SCA) tools struggle to…

Software Engineering · Computer Science 2025-07-25 Wang Lingxiang , Quanzhi Fu , Wenjia Song , Gelei Deng , Yi Liu , Dan Williams , Ying Zhang

Modern firms face a flood of dense, unstructured reports. Turning these documents into usable insights takes heavy effort and is far from agile when quick answers are needed. VTS-AI tackles this gap. It integrates Visual Thinking…

Software Engineering · Computer Science 2025-07-02 Sun Ding , Ude Enebeli , Atilhan , Manay , Ryan Pua , Kamal Kotak

For better or worse, JavaScript is the cornerstone of modern Web. Prototype-based languages like JavaScript are susceptible to prototype pollution vulnerabilities, enabling an attacker to inject arbitrary properties into an object's…

Cryptography and Security · Computer Science 2023-11-08 Mikhail Shcherbakov , Paul Moosbrugger , Musard Balliu

We introduce FRONTMATTER: a tool to automatically mine both user interface models and behavior of Android apps at a large scale with high precision. Given an app, FRONTMATTER statically extracts all declared screens, the user interface…

Software Engineering · Computer Science 2021-05-10 Konstantin Kuznetsov , Chen Fu , Song Gao , David N. Jansen , Lijun Zhang , Andreas Zeller

Secure installation of Internet of Things (IoT) devices requires configuring access control correctly for each device. In order to enable correct configuration the Manufacturer Usage Description (MUD) has been developed by Internet…

Cryptography and Security · Computer Science 2021-12-07 Vafa Andalibi , Jayati Dev , DongInn Kim , Eliot Lear , L. Jean Camp

Android User Interface (UI) testing is a critical research area due to the ubiquity of apps and the challenges faced by developers. Record and replay (R&R) tools facilitate manual and automated UI testing by recording UI actions to execute…

Software Engineering · Computer Science 2025-04-30 Zihe Song , S M Hasan Mansur , Ravishka Rathnasuriya , Yumna Fatima , Wei Yang , Kevin Moran , Wing Lam

Manual testing, as a complement to automated GUI testing, is the last line of defense for app quality especially in spotting usability and accessibility issues. However, the repeated actions and easy missing of some functionalities make…

Software Engineering · Computer Science 2022-05-30 Zhe Liu , Chunyang Chen , Junjie Wang , Yuhui Su , Qing Wang

Evasion techniques allow malicious code to never be observed. This impacts significantly the detection capabilities of tools that rely on either dynamic or static analysis, as they never get to process the malicious code. The dynamic nature…

Cryptography and Security · Computer Science 2024-05-24 Nikolaos Pantelaios , Alexandros Kapravelos

Software testing is a critical activity to ensure that software complies with its specification. However, current software testing activities tend not to be completely effective when applied in specific software domains in Virtual Reality…

Software Engineering · Computer Science 2020-09-21 Stevao A. Andrade , Fatima L. S. Nunes , Marcio E. Delamaro

Problem: We address the challenge in responsible computing where an exploitable mobile app is misused by one app user (an abuser) against another user or bystander (victim). We introduce the idea of a misuse audit of apps as a way of…

Cryptography and Security · Computer Science 2024-11-11 Vaibhav Garg , Hui Guo , Nirav Ajmeri , Saikath Bhattacharya , Munindar P. Singh

In this paper, we introduce a lightweight permission enforcement approach - Tap-Wave-Rub (TWR) - for smartphone malware prevention. TWR is based on simple human gestures that are very quick and intuitive but less likely to be exhibited in…

Cryptography and Security · Computer Science 2013-02-19 Haoyu Li , Di Ma , Nitesh Saxena , Babins Shrestha , Yan Zhu