English
Related papers

Related papers: WAIT: Protecting the Integrity of Web Applications…

200 papers

Transparency - the provision of information about what personal data is collected for which purposes, how long it is stored, or to which parties it is transferred - is one of the core privacy principles underlying regulations such as the…

Software Engineering · Computer Science 2022-09-26 Elias Grünewald , Paul Wille , Frank Pallas , Maria C. Borges , Max-R. Ulbricht

Android has always been about connectivity and providing great browsing experience. Web-based content can be embedded into the Android application using WebView. It is a User Interface component that displays webpages. It can either display…

Cryptography and Security · Computer Science 2014-11-13 A B Bhavani

Binary program analysis represents a fundamental pillar of modern system security. Fine-grained methodologies like dynamic taint analysis still suffer from deployment complexity and performance overhead despite significant progress.…

Software Engineering · Computer Science 2026-02-04 Zhangbo Long , Letian Sha , Jiaye Pan , Haiping Huang , Dongpeng Xu , Yifei Huang , Fu Xiao

We present a new and practical framework for security verification of secure architectures. Specifically, we break the verification task into external verification and internal verification. External verification considers the external…

Cryptography and Security · Computer Science 2018-07-06 Jakub Szefer , Tianwei Zhang , Ruby B. Lee

The Web public key infrastructure is essential to providing secure communication on the Internet today, and certificate authorities play a crucial role in this ecosystem by issuing certificates. These authorities may misissue certificates…

Cryptography and Security · Computer Science 2022-03-04 Sarah Meiklejohn , Joe DeBlasio , Devon O'Brien , Chris Thompson , Kevin Yeo , Emily Stark

Context: Most approaches to automated white-box testing consider the client side and the server side of a web application in isolation from each other. Such testers lack a whole-program perspective on the web application under test.…

Software Engineering · Computer Science 2021-03-05 Maarten Vandercammen , Laurent Christophe , Dario Di Nucci , Wolfgang De Meuter , Coen De Roover

Integrity and security of the data in database systems are typically maintained with access control policies and firewalls. However, insider attacks -- where someone with an intimate knowledge of the system and administrative privileges…

Databases · Computer Science 2019-02-19 Shubham S. Srivastava , Medha Atre , Shubham Sharma , Rahul Gupta , Sandeep K. Shukla

With the rapidly evolving next-generation systems-of-systems, we face new security, resilience, and operational assurance challenges. In the face of the increasing attack landscape, it is necessary to cater to efficient mechanisms to verify…

Cryptography and Security · Computer Science 2021-07-13 Heini Bergsson Debes , Thanassis Giannetsos , Ioannis Krontiris

This position paper argues that securing LLM agents requires first defining an end-to-end correctness property that specifies when an agent's execution faithfully reflects the user's intent. Modern LLM agents operate over an…

Cryptography and Security · Computer Science 2026-05-19 Wenjie Qu , Ming Xu , Peiran Wang , Shengfang Zhai , Jiaheng Zhang , Dawn Song

With web applications becoming a preferred method of presenting graphical user interfaces to users, software vulnerabilities affecting web applications are becoming more and more prevalent and devastating. Some of these vulnerabilities,…

Cryptography and Security · Computer Science 2019-08-14 Michael Flanders

Progressive Web Applications (PWAs) blend the advantages of web and native apps, offering features like offline access, push notifications, and installability. Beyond these, modern PWAs are increasingly granted system-level capabilities…

Cryptography and Security · Computer Science 2025-09-18 Mengxiao Wang , Guofei Gu

We study the role of coded side information in single-server Private Information Retrieval (PIR). An instance of the single-server PIR problem includes a server that stores a database of $K$ independently and uniformly distributed messages,…

Information Theory · Computer Science 2019-10-18 Anoosheh Heidarzadeh , Fatemeh Kazemi , Alex Sprintson

Fully Homomorphic Encryption (FHE) is seeing increasing real-world deployment to protect data in use by allowing computation over encrypted data. However, the same malleability that enables homomorphic computations also raises integrity…

Cryptography and Security · Computer Science 2023-02-14 Alexander Viand , Christian Knabenhans , Anwar Hithnawi

Cache template attacks demonstrated automated leakage of user input in shared libraries. However, for large binaries, the runtime is prohibitively high. Other automated approaches focused on cryptographic implementations and media software…

Cryptography and Security · Computer Science 2022-08-05 Martin Schwarzl , Erik Kraft , Daniel Gruss

In today's mobile application marketplace, the ability of consumers to make informed choices regarding their privacy is extremely limited. Consumers largely rely on privacy policies and app permission mechanisms, but these do an inadequate…

Computers and Society · Computer Science 2015-01-05 Steven C. Isley

Web3 applications require execution platforms that maintain confidentiality and integrity without relying on centralized trust authorities. While Trusted Execution Environments (TEEs) offer promising capabilities for confidential computing,…

Cryptography and Security · Computer Science 2025-09-16 Shunfan Zhou , Kevin Wang , Hang Yin

Software patching is a common method of removing vulnerabilities in software components to make IT systems more secure. However, there are many cases where software patching is not possible due to the critical nature of the application,…

Cryptography and Security · Computer Science 2021-06-03 Stjepan Groš , Ivan Kovačević , Ivan Dujmić , Matej Petrinović

The verification of security protocols is essential, in order to ensure the absence of potential attacks. However, verification results are only valid with respect to the assumptions under which the verification was performed. These…

Logic in Computer Science · Computer Science 2024-11-12 Nisansala P. Yatapanage , Cliff B. Jones

Nowadays, tiered architectures are widely accepted for constructing large scale information systems. In this context application servers often form the bottleneck for a system's efficiency. An application server exposes an object oriented…

Databases · Computer Science 2007-05-23 Daniel Pfeifer , Peter C. Lockemann

Website fingerprinting enables an attacker to infer which web page a client is browsing through encrypted or anonymized network connections. We present a new website fingerprinting technique based on random decision forests and evaluate…

Cryptography and Security · Computer Science 2016-02-22 Jamie Hayes , George Danezis