English
Related papers

Related papers: Data-Driven Vulnerability Detection and Repair in …

200 papers

Open-source software supply chain security relies heavily on assessing affected versions of library vulnerabilities. While prior studies have leveraged exploits for verifying vulnerability affected versions, they point out a key limitation…

Software Engineering · Computer Science 2026-03-30 Zirui Chen , Qi Zhan , Jiayuan Zhou , Xing Hu , Xin Xia , Xiaohu Yang

In stream-based programming, data sources are abstracted as a stream of values that can be manipulated via callback functions. Stream-based programming is exploding in popularity, as it provides a powerful and expressive paradigm for…

Software Engineering · Computer Science 2018-08-10 Benno Stein , Lazaro Clapp , Manu Sridharan , Bor-Yuh Evan Chang

The Web is replete with tutorial-style content on how to accomplish programming tasks. Unfortunately, even top-ranked tutorials suffer from severe security vulnerabilities, such as cross-site scripting (XSS), and SQL injection (SQLi).…

Cryptography and Security · Computer Science 2017-04-11 Tommi Unruh , Bhargava Shastry , Malte Skoruppa , Federico Maggi , Konrad Rieck , Jean-Pierre Seifert , Fabian Yamaguchi

The correct use of cryptography is central to ensuring data security in modern software systems. Hence, several academic and commercial static analysis tools have been developed for detecting and mitigating crypto-API misuse. While…

Cryptography and Security · Computer Science 2026-02-05 Amit Seal Ami , Scott Marsden , Kevin Moran , Denys Poshyvanyk , Adwait Nadkarni

Understanding the correct API usage sequences is one of the most important tasks for programmers when they work with unfamiliar libraries. However, programmers often encounter obstacles to finding the appropriate information due to either…

Software Engineering · Computer Science 2022-05-04 James Martin , Jin L. C. Guo

It is challenging to verify that the planned security mechanisms are actually implemented in the software. In the context of model-based development, the implemented security mechanisms must capture all intended security properties that…

Software Engineering · Computer Science 2022-03-21 Katja Tuma , Sven Peldszus , Daniel Strüber , Riccardo Scandariato , Jan Jürjens

Software designers and developers are increasingly relying on application frameworks as first-class design concepts. They instantiate the services that frameworks provide to implement various architectural tactics and patterns. One of the…

Software Engineering · Computer Science 2021-05-18 Ali Shokri , Joanna C. S. Santos , Mehdi Mirakhorli

Software security vulnerabilities can lead to severe consequences, making early detection essential. Although code review serves as a critical defense mechanism against security flaws, relevant feedback remains scarce due to limited…

Software Engineering · Computer Science 2026-01-06 Zixiao Zhao , Yanjie Jiang , Hui Liu , Kui Liu , Lu Zhang

Modern web applications make extensive use of API calls to update the UI state in response to user events or server-side changes. For such applications, API-level testing can play an important role, in-between unit-level testing and…

Software Engineering · Computer Science 2023-05-25 Rahulkrishna Yandrapally , Saurabh Sinha , Rachel Tzoref-Brill , Ali Mesbah

Spear Phishing is a harmful cyber-attack facing business and individuals worldwide. Considerable research has been conducted recently into the use of Machine Learning (ML) techniques to detect spear-phishing emails. ML-based solutions may…

Cryptography and Security · Computer Science 2023-01-04 Keelan Evans , Alsharif Abuadbba , Tingmin Wu , Kristen Moore , Mohiuddin Ahmed , Ganna Pogrebna , Surya Nepal , Mike Johnstone

Application Programming Interfaces (APIs) are crucial to software development, enabling integration of existing systems with new applications by reusing tried and tested code, saving development time and increasing software safety. In…

Software Engineering · Computer Science 2026-04-10 Ponnampalam Pirapuraj , Tamal Mondal , Sharanya Gupta , Akash Lal , Somak Aditya , Jyothi Vedurada

With one of the largest available collection of reusable packages, the JavaScript runtime environment Node.js is one of the most popular programming application. With recent work showing evidence that known vulnerabilities are prevalent in…

Mobile apps provide various critical services, such as banking, communication, and healthcare. To this end, they have access to our personal information and have the ability to perform actions on our behalf. Hence, securing mobile apps is…

Software Engineering · Computer Science 2024-03-12 Joydeep Mitra , Venkatesh-Prasad Ranganath , Torben Amtoft , Mike Higgins

Modern web applications often resort to application development frameworks such as React, Vue.js, and Angular. While the frameworks facilitate the development of web applications with several useful components, they are inevitably…

Software Engineering · Computer Science 2023-08-17 Arooba Shahoor , Askar Yeltayuly Khamit , Jooyong Yi , Dongsun Kim

Cryptography misuses are prevalent in the wild. Crypto APIs are hard to use for developers, and static analysis tools do not detect every misuse. We developed SafEncrypt, an API that streamlines encryption tasks for Java developers. It is…

Cryptography and Security · Computer Science 2024-09-10 Ehsan Firouzi , Ammar Mansuri , Mohammad Ghafari , Maziar Kaveh

Application Programming Interface (API) Injection attacks refer to the unauthorized or malicious use of APIs, which are often exploited to gain access to sensitive data or manipulate online systems for illicit purposes. Identifying actors…

Cryptography and Security · Computer Science 2025-05-16 Udi Aharon , Ran Dubin , Amit Dvir , Chen Hajaj

Software vulnerabilities continue to be the primary cause of cyberattacks. It is crucial to identify vulnerabilities in applications' source code before attackers gain access to them and exploit any vulnerability they may contain.…

Software Engineering · Computer Science 2026-05-26 Jorge Martins , David Dantas , Rafael Ramires , Bernardo Ferreira , Ibéria Medeiros

Handling faults is a growing concern in HPC. In future exascale systems, it is projected that silent undetected errors will occur several times a day, increasing the occurrence of corrupted results. In this article, we propose SEDAR, which…

Distributed, Parallel, and Cluster Computing · Computer Science 2020-07-29 Diego Montezanti , Enzo Rucci , Armando De Giusti , Marcelo Naiouf , Dolores Rexachs , Emilio Luque

Nowadays, the correct use of cryptography libraries is essential to ensure the necessary information security in different kinds of applications. A common practice in software development is the use of static application security testing…

Software Engineering · Computer Science 2022-07-08 Markus Haug Ana Cristina Franco Da Silva , Stefan Wagner

Various studies have empirically shown that the majority of Java and Android apps misuse cryptographic libraries, causing devastating breaches of data security. Therefore, it is crucial to detect such misuses early in the development…

Software Engineering · Computer Science 2017-10-04 Stefan Krüger , Johannes Späth , Karim Ali , Eric Bodden , Mira Mezini