English
Related papers

Related papers: $\mu$SE: Mutation-based Evaluation of Security-foc…

200 papers

A common security architecture is based on the protection of certain resources by permission checks (used e.g., in Android and Blackberry). It has some limitations, for instance, when applications are granted more permissions than they…

Software Engineering · Computer Science 2023-05-05 Alexandre Bartel , Jacques Klein , Martin Monperrus , Yves Le Traon

Many Android applications collect data from users. When they do, they must protect this collected data according to the current legal frameworks. Such data protection has become even more important since the European Union rolled out the…

Software Engineering · Computer Science 2023-03-20 Mugdha Khedkar

Modern software systems evolve rapidly under CI/CD practices, where tests are critical for quality. However, substantial code changes often render existing test cases obsolete, causing pipeline disruptions, reduced productivity, and…

Software Engineering · Computer Science 2026-05-20 Dawei Tian , Jiakun Liu , Yun Peng , Yichen Zhang , Jianlei Chi , Jun Sun , Xiaohong Su

We report the findings of a reimplementation of 18 foundational studies in feature-based machine learning for Android malware detection, published during the period 2013-2023. These studies are reevaluated on a level playing field using a…

Machine Learning · Computer Science 2026-01-22 Ali Muzaffar , Hani Ragab Hassen , Hind Zantout , Michael A Lones

Mutation analysis has many applications, such as assessing the quality of test cases, fault localization, test input generation, security analysis, etc. Such applications involve running test suite against a large number of program mutants…

Software Engineering · Computer Science 2021-02-24 Ali Ghanbari , Andrian Marcus

Mutation testing is used to evaluate the effectiveness of test suites. In recent years, a promising variation called extreme mutation testing emerged that is computationally less expensive. It identifies methods where their functionality…

Software Engineering · Computer Science 2022-04-15 Maik Betka , Stefan Wagner

Android, the most popular mobile OS, has around 78% of the mobile market share. Due to its popularity, it attracts many malware attacks. In fact, people have discovered around one million new malware samples per quarter, and it was reported…

Cryptography and Security · Computer Science 2016-12-13 Mingshen Sun , Xiaolei Li , John C. S. Lui , Richard T. B. Ma , Zhenkai Liang

Recent research demonstrated that mutation-based fault localization techniques are relatively accurate and practical. However, these methods have never been compared and have only been assessed with simple hand-seeded faults. Therefore,…

Software Engineering · Computer Science 2016-07-20 Thierry Titcheu Chekam , Mike Papadakis , Yves Le Traon

Just like other software, spreadsheets can contain significant faults. Static analysis is an accepted and well-established technique in software engineering known for its capability to discover faults. In recent years, a growing number of…

Software Engineering · Computer Science 2014-01-30 Daniel Kulesz , Jan-Peter Ostberg

Mutation testing is an established fault-based testing technique. It operates by seeding faults into the programs under test and asking developers to write tests that reveal these faults. These tests have the potential to reveal a large…

Software Engineering · Computer Science 2023-01-10 Ahmed Khanfir , Renzo Degiovanni , Mike Papadakis , Yves Le Traon

Static Analysis (SA) tools are used to identify potential weaknesses in code and fix them in advance, while the code is being developed. In legacy codebases with high complexity, these rules-based static analysis tools generally report a…

This study examines machine learning techniques like Decision Trees, Support Vector Machines, Logistic Regression, Neural Networks, and ensemble methods to detect Android malware. The study evaluates these models on a dataset of Android…

Cryptography and Security · Computer Science 2025-11-04 Hasan Abdulla

Static Application Security Testing (SAST) is a popular quality assurance technique in software engineering. However, integrating SAST tools into industry-level product development and security assessment poses various technical and…

Software Engineering · Computer Science 2021-03-25 Anh Nguyen-Duc , Manh Viet Do , Quan Luong Hong , Kiem Nguyen Khac

Malware analysis and detection techniques have been evolving during the last decade as a reflection to development of different malware techniques to evade network-based and host-based security protections. The fast growth in variety and…

Cryptography and Security · Computer Science 2018-08-06 Andrii Shalaginov , Sergii Banin , Ali Dehghantanha , Katrin Franke

STANSE is a free (available under the GPLv2 license) modular framework for finding bugs in C programs using static analysis. Its two main design goals are 1) ability to process large software projects like the Linux kernel and 2)…

Software Engineering · Computer Science 2012-02-06 Jan Obdržálek , Jiří Slabý , Marek Trtík

Background. Developers use Automated Static Analysis Tools (ASATs) to control for potential quality issues in source code, including defects and technical debt. Tool vendors have devised quite a number of tools, which makes it harder for…

Software Engineering · Computer Science 2021-01-25 Valentina Lenarduzzi , Savanna Lujan , Nyyti Saarimaki , Fabio Palomba

Traditionally, mutation testing generates an abundance of small deviations of a program, called mutants. At industrial systems the scale and size of Facebook's, doing this is infeasible. We should not create mutants that the test suite…

Software Engineering · Computer Science 2021-01-28 Moritz Beller , Chu-Pan Wong , Johannes Bader , Andrew Scott , Mateusz Machalica , Satish Chandra , Erik Meijer

Software code complexity is a well-studied property to determine software component health. However, the existing code complexity metrics do not directly take into account the fault-proneness aspect of the code. We propose a metric called…

Software Engineering · Computer Science 2021-04-27 Ali Parsai , Serge Demeyer

Mutation testing is the state-of-the-art technique for assessing the fault detection capacity of a test suite. Unfortunately, a full mutation analysis is often prohibitively expensive. The CppCheck project for instance, demands a build time…

Software Engineering · Computer Science 2022-11-01 Sten Vercammen , Serge Demeyer , Markus Borg , Niklas Pettersson , Görel Hedin

In verification-aware languages, such as Dafny, despite their critical role, specifications are as prone to error as implementations. Flaws in specifications can result in formally verified programs that deviate from the intended behavior.…

Software Engineering · Computer Science 2026-04-14 Isabel Amaral , Alexandra Mendes , José Campos