English
Related papers

Related papers: Structuring a Comprehensive Software Security Cour…

200 papers

The constant changes in the software industry, practices, and methodologies impose challenges to teaching and learning current software engineering concepts and skills. DevOps is particularly challenging because it covers technical…

Software Engineering · Computer Science 2021-02-15 Isaque Alves , Carla Rocha

The Department of Homeland Security in the United States estimates that 90% of software vulnerabilities can be traced back to defects in design and software coding. The financial impact of these vulnerabilities has been shown to exceed 380…

Software Engineering · Computer Science 2021-02-11 Tiago Espinha Gasiba , Ulrike Lechner , Maria Pinto-Albuquerque , Daniel Mendez

The inclusion of internship courses in Software Engineering (SE) programs is essential for closing knowledge gaps and improving graduates' readiness for the software industry. Our study focuses on year-long internships at RMIT University…

Software Engineering · Computer Science 2026-03-24 Golnoush Abaei , Mojtaba Shahin , Maria Spichkova

This paper is an introductory discussion on the cause of open source software vulnerabilities, their importance in the cybersecurity ecosystem, and a selection of detection methods. A recent application security report showed 44% of…

Cryptography and Security · Computer Science 2022-03-31 Stuart Millar

The Common Vulnerability Scoring System (CVSS) is a popular method for evaluating the severity of vulnerabilities in vulnerability management. In the evaluation process, a numeric score between 0 and 10 is calculated, 10 being the most…

Cryptography and Security · Computer Science 2024-05-09 Julia Wunder , Andreas Kurtz , Christian Eichenmüller , Freya Gassmann , Zinaida Benenson

The OWASP Top 10 is a list that is published by the Open Web Application Security Project (OWASP). The general purpose is to serve as a watchlist for bugs to avoid while writing code. This paper compares how many of those weakness as…

Cryptography and Security · Computer Science 2024-02-13 Parth Sane

Recent trends in the software development practices (Agile, DevOps, CI) have shortened the development life-cycle causing the need for efficient security-by-design approaches. In this context, software architectures are analyzed for…

Software Engineering · Computer Science 2019-06-06 Katja Tuma , Danial Hosseini , Kyriakos Malamas , Riccardo Scandariato

Due to the ever-increasing security breaches, practitioners are motivated to produce more secure software. In the United States, the White House Office released a memorandum on Executive Order (EO) 14028 that mandates organizations provide…

Cryptography and Security · Computer Science 2023-06-16 Nusrat Zahan , Shohanuzzaman Shohan , Dan Harris , Laurie Williams

Context: With the rising complexity and scale of software systems, there is an ever-increasing demand for sophisticated and cost-effective software testing. To meet such a demand, there is a need for a highly-skilled software testing…

Software Engineering · Computer Science 2020-03-10 Vahid Garousi , Austen Rainer , Per Lauvås , Andrea Arcuri

Cross Site Scripting (XSS) is one of the most critical vulnerabilities exist in web applications. XSS can be prevented by encoding untrusted data that are loaded into browser content of web applications. Security Application Programming…

Cryptography and Security · Computer Science 2018-10-03 Chamila Wijayarathna , Nalin Asanka Gamagedara Arachchilage

Software security requirements have been traditionally considered as a non-functional attribute of the software. However, as more software started to provide services online, existing mechanisms of using firewalls and other hardware to…

Software Engineering · Computer Science 2023-10-24 Asif Imran

Security testing verifies that the data and the resources of software systems are protected from attackers. Unfortunately, it suffers from the oracle problem, which refers to the challenge, given an input for a system, of distinguishing…

Software Engineering · Computer Science 2019-12-12 Phu X. Mai , Fabrizio Pastore , Arda Goknil , Lionel Briand

This article puts forward the use of mutual information values to replicate the expertise of security professionals in selecting features for detecting web attacks. The goal is to enhance the effectiveness of web application firewalls…

Cryptography and Security · Computer Science 2024-07-29 Amanda Riverol , Gustavo Betarte , Rodrigo Martínez , Álvaro Pardo

Identifying security issues early is encouraged to reduce the latent negative impacts on software systems. Code review is a widely-used method that allows developers to manually inspect modified code, catching security issues during a…

Software Engineering · Computer Science 2024-05-10 Wachiraphan Charoenwet , Patanamon Thongtanunam , Van-Thuan Pham , Christoph Treude

In its Vision and Strategy for Software for Science, Engineering, and Education the NSF states that it will invest in activities that: "Recognize that software strategies must include the secure and reliable deployment and operation of…

Cryptography and Security · Computer Science 2013-09-09 Randy Heiland , Betsy Thomas , Von Welch , Craig Jackson

Software containers are widely adopted for developing and deploying software applications. Despite their popularity, major security concerns arise during container development and deployment. Software Engineering (SE) research literature…

Software Engineering · Computer Science 2025-12-16 Maha Sroor , Teerath Das , Rahul Mohanani , Tommi Mikkonen

Critical software systems face stringent requirements in safety, security, and reliability due to the circumstances surrounding their operation. Safety and security have progressively gained importance over the years due to the integration…

Software Engineering · Computer Science 2015-12-16 Julio Escribano-Barreno , Marisol García-Valls

The damage caused by cybercrime makes the development of secure software inevitable. Although many tools and frameworks exist to support the development of secure software, statistics on cybercrime show no improvement in recent years. To…

Software Engineering · Computer Science 2025-12-09 Alex R. Mattukat , Timo Langstrof , Horst Lichter

Software vulnerabilities remain a significant risk factor in achieving security objectives within software development organizations. This is especially true where either proprietary or open-source software (OSS) is included in the…

Software Engineering · Computer Science 2025-09-23 James J. Cusick

Secure software engineering is crucial but can be time-consuming; therefore, methods that could expedite the identification of software weaknesses without reducing the process efficacy would benefit the software engineering industry and…

Software Engineering · Computer Science 2023-08-11 Mounika Vanamala , Sean Loesch , Alexander Caravella