English
Related papers

Related papers: $\mu$SE: Mutation-based Evaluation of Security-foc…

200 papers

Smart contracts are immutable, verifiable, and autonomous pieces of code that can be deployed and ran on blockchain networks like Ethereum. Due to the immutability nature of blockchain, no change is possible on a deployed smart contract or…

Software Engineering · Computer Science 2019-12-25 Erfan Andesta , Fathiyeh Faghih , Mahdi Fooladgar

Static analysis is sound in theory, but an implementation may unsoundly fail to analyze all of a program's code. Any such omission is a serious threat to the validity of the tool's output. Our work is the first to measure the prevalence of…

Software Engineering · Computer Science 2024-07-11 Jordan Samhi , René Just , Tegawendé F. Bissyandé , Michael D. Ernst , Jacques Klein

A common security architecture, called the permission-based security model (used e.g. in Android and Blackberry), entails intrinsic risks. For instance, applications can be granted more permissions than they actually need, what we call a…

Cryptography and Security · Computer Science 2013-03-21 Alexandre Bartel , Jacques Klein , Martin Monperrus , Yves Le Traon

Static analysis is widely used for software assurance. However, static analysis tools can report an overwhelming number of warnings, many of which are false positives. Applying static analysis to a new version, a large number of warnings…

Software Engineering · Computer Science 2023-05-05 Xiuyuan Guo , Ashwin Kallingal Joshy , Benjamin Steenhoek , Wei Le , Lori Flynn

Mobile malware has been growing in scale and complexity as smartphone usage continues to rise. Android has surpassed other mobile platforms as the most popular whilst also witnessing a dramatic increase in malware targeting the platform. A…

Cryptography and Security · Computer Science 2016-08-03 Suleiman Y. Yerima , Sakir Sezer , Gavin McWilliams , Igor Muttik

Mutation analysis measures test suite adequacy, the degree to which a test suite detects seeded faults: one test suite is better than another if it detects more mutants. Mutation analysis effectiveness rests on the assumption that mutants…

Software Engineering · Computer Science 2016-11-09 Miltiadis Allamanis , Earl T. Barr , René Just , Charles Sutton

Mutation testing is a powerful technique for assessing and improving test suite quality that artificially introduces bugs and checks whether the test suites catch them. However, it is also computationally expensive and thus does not scale…

Software Engineering · Computer Science 2023-09-06 Kush Jain , Uri Alon , Alex Groce , Claire Le Goues

Frequently advised secure development recommendations often fall short in practice for app developers. Tool-driven (e.g., using static analysis tools) approaches lack context and domain-specific requirements of an app being tested. App…

Software Engineering · Computer Science 2021-11-04 Muhammad Sajidur Rahman , Blas Kojusner , Ryon Kennedy , Prerit Pathak , Lin Qi , Byron Williams

For the dramatic increase of Android malware and low efficiency of manual check process, deep learning methods started to be an auxiliary means for Android malware detection these years. However, these models are highly dependent on the…

Cryptography and Security · Computer Science 2019-09-10 Ji Wang , Qi Jing , Jianbo Gao

LLM-based software engineering increasingly depends on executable, context-rich bug artifacts: paired correct and buggy code, methods under test (MUTs), documentation, and metadata. These artifacts support the training and evaluation of…

Software Engineering · Computer Science 2026-05-22 Tasfia Tasnim , Soneya Binta Hossain

Mutation analysis is a well-established technique for assessing test quality in the traditional software development paradigm by injecting artificial faults into programs. Its application to deep learning (DL) has expanded beyond classical…

Software Engineering · Computer Science 2025-12-19 Zaheed Ahmed , Philip Makedonski , Jens Grabowski

As the smartphone market leader, Android has been a prominent target for malware attacks. The number of malicious applications (apps) identified for it has increased continually over the past decade, creating an immense challenge for all…

Cryptography and Security · Computer Science 2023-06-13 Masoud Mehrabi Koushki , Ibrahim AbuAlhaol , Anandharaju Durai Raju , Yang Zhou , Ronnie Salvador Giagone , Huang Shengqiang

Static security analysis is a widely used technique for detecting software vulnerabilities across a wide range of weaknesses, application domains, and programming languages. While prior work surveyed static analyzes for specific weaknesses…

Cryptography and Security · Computer Science 2026-02-23 Kevin Hermann , Sven Peldszus , Thorsten Berger

In this paper, we present a comparative analysis of benign and malicious Android applications, based on static features. In particular, we focus our attention on the permissions requested by an application. We consider both binary…

Cryptography and Security · Computer Science 2019-04-02 Neeraj Chavan , Fabio Di Troia , Mark Stamp

Although the importance of using static analysis to detect taint-style vulnerabilities in Linux-based embedded firmware is widely recognized, existing approaches are plagued by three major limitations. (a) Approaches based on symbolic…

Cryptography and Security · Computer Science 2021-09-28 Kai Cheng , Tao Liu , Le Guan , Peng Liu , Hong Li , Hongsong Zhu , Limin Sun

The prevalence of security vulnerabilities has prompted companies to adopt static application security testing (SAST) tools for vulnerability detection. Nevertheless, these tools frequently exhibit usability limitations, as their generic…

Web applications are distributed applications, they are programs that run on more than one computer and communicate through a network or server. This very distributed nature of web applications, combined with the scale and sheer complexity…

Cryptography and Security · Computer Science 2022-10-17 Akash Nagaraj , Bishesh Sinha , Mukund Sood , Yash Mathur , Sanchika Gupta , Dinkar Sitaram

Android Apps are frequently updated, every couple of weeks, to keep up with changing user, hardware and business demands. Correctness of App updates is checked through extensive testing. Recent research has proposed tools for automated GUI…

Software Engineering · Computer Science 2020-11-25 Chao Peng , Ajitha Rajan

Mobile phones have developed into complex platforms with large numbers of installed applications and a wide range of sensitive data. Application security policies limit the permissions of each installed application. As applications may…

Cryptography and Security · Computer Science 2012-05-01 Steffen Bartsch , Karsten Sohr , Michaela Bunke , Oliver Hofrichter , Bernhard Berger

Like many desktop operating systems in the 1990s, Android is now in the process of including support for multi-user scenarios. Because these scenarios introduce new threats to the system, we should have an understanding of how well the…

Cryptography and Security · Computer Science 2014-10-29 Paul Ratazzi , Yousra Aafer , Amit Ahlawat , Hao Hao , Yifei Wang , Wenliang Du
‹ Prev 1 3 4 5 6 7 10 Next ›