English
Related papers

Related papers: Cerberus: Query-driven Scalable Vulnerability Dete…

200 papers

Modern blockchain, such as Ethereum, supports the deployment and execution of so-called smart contracts, autonomous digital programs with significant value of cryptocurrency. Executing smart contracts requires gas costs paid by users, which…

Emerging Technologies · Computer Science 2024-06-25 Majd Soud , Waltteri Nuutinen , Grischa Liebel

The modernization of existing and new nuclear power plants with digital instrumentation and control systems (DI&C) is a recent and highly trending topic. However, there lacks strong consensus on best-estimate reliability methodologies by…

Software Engineering · Computer Science 2022-05-25 Edward Chen , Han Bao , Tate Shorthill , Carl Elks , Athira Varma Jayakumar , Nam Dinh

Open-source libraries are widely used by software developers to speed up the development of products, however, they can introduce security vulnerabilities, leading to incidents like Log4Shell. With the expanding usage of open-source…

The continuous rise in the adoption of emerging technologies such as Internet of Things (IoT) by businesses has brought unprecedented opportunities for innovation and growth. However, due to the distinct characteristics of these emerging…

Cryptography and Security · Computer Science 2023-11-21 Oghenetejiri Okporokpo , Funminiyi Olajide , Nemitari Ajienka , Xiaoqi Ma

Vyper has been proposed as a new high-level language for Ethereum smart contract development due to numerous security vulnerabilities and attacks witnessed on contracts written in Solidity since the system's inception. Vyper aims to address…

Cryptography and Security · Computer Science 2020-06-16 Mudabbir Kaleem , Anastasia Mavridou , Aron Laszka

In this paper a new Web-based File Hosting Service with Object Oriented Logic in Cloud Computing called Pirus was developed. The service will be used by the academic community of the University of Piraeus giving users the ability to…

Software Engineering · Computer Science 2017-06-16 Dimitrios Kallergis , Konstantinos Chimos , Vizikidis Stefanos , Theodoros Karvounidis , Christos Douligeris

Smart contracts underpin high-value ecosystems such as decentralized finance (DeFi), yet recurring vulnerabilities continue to cause losses worth billions of dollars. Although numerous security analyzers that detect such flaws exist,…

Cryptography and Security · Computer Science 2026-03-03 Tamer Abdelaziz , Salma Alsaghir , Karim Ali

Open-source software supply chain security relies heavily on assessing affected versions of library vulnerabilities. While prior studies have leveraged exploits for verifying vulnerability affected versions, they point out a key limitation…

Software Engineering · Computer Science 2026-03-30 Zirui Chen , Qi Zhan , Jiayuan Zhou , Xing Hu , Xin Xia , Xiaohu Yang

Recently, cybersecurity becomes more and more important due to the rapid development of Internet. However, existing methods are in reality highly sensitive to attacks and are far more vulnerable than expected, as they are lack of trustable…

Cryptography and Security · Computer Science 2018-11-28 Yu Han , Zhongru Wang , Qiang Ruan , Binxing Fang

Security testing verifies that the data and the resources of software systems are protected from attackers. Unfortunately, it suffers from the oracle problem, which refers to the challenge, given an input for a system, of distinguishing…

Software Engineering · Computer Science 2019-12-12 Phu X. Mai , Fabrizio Pastore , Arda Goknil , Lionel Briand

Sensitive information leakage in code repositories has emerged as a critical security challenge. Traditional detection methods that rely on regular expressions, fingerprint features, and high-entropy calculations often suffer from high…

Cryptography and Security · Computer Science 2025-12-10 Bin Wang , Hui Li , Liyang Zhang , Qijia Zhuang , Ao Yang , Dong Zhang , Xijun Luo , Bing Lin

Software developers share programming solutions in Q&A sites like Stack Overflow. The reuse of crowd-sourced code snippets can facilitate rapid prototyping. However, recent research shows that the shared code snippets may be of low quality…

Software Engineering · Computer Science 2021-01-21 Morteza Verdi , Ashkan Sami , Jafar Akhondali , Foutse Khomh , Gias Uddin , Alireza Karami Motlagh

Large language models (LLMs) can detect software vulnerabilities, but how do they actually identify vulnerable code? We address this question using mechanistic interpretability; analyzing the internal computations of a neural network to…

Cryptography and Security · Computer Science 2026-05-29 Syafiq Al Atiiq , Chun Zhou , Christian Gehrmann

Software vulnerabilities pose critical security and risk concerns for many software systems. Many techniques have been proposed to effectively assess and prioritize these vulnerabilities before they cause serious consequences. To evaluate…

Cryptography and Security · Computer Science 2024-09-25 Bonan Ruan , Jiahao Liu , Weibo Zhao , Zhenkai Liang

The number of people accessing online services is increasing day by day, and with new users, comes a greater need for effective and responsive cyber-security. Our goal in this study was to find out if there are common patterns within the…

Cryptography and Security · Computer Science 2024-05-15 Gábor Antal , Balázs Mosolygó , Norbert Vándor , Péter Hegedüs

OAuth 2.0 is the industry-standard protocol for authorization. It facilitates secure service provisioning, as well as secure interoperability among diverse stakeholders. All OAuth 2.0 protocol flows result in the creation of an access…

Cryptography and Security · Computer Science 2020-01-29 Nikos Fotiou , Iakovos Pittaras , Vasilios A. Siris , Spyros Voulgaris , George C. Polyzos

We propose and release a new vulnerable source code dataset. We curate the dataset by crawling security issue websites, extracting vulnerability-fixing commits and source codes from the corresponding projects. Our new dataset contains…

Cryptography and Security · Computer Science 2023-08-10 Yizheng Chen , Zhoujie Ding , Lamya Alowain , Xinyun Chen , David Wagner

In this study, we evaluated the capability of Large Language Models (LLMs), particularly OpenAI's GPT-4, in detecting software vulnerabilities, comparing their performance against traditional static code analyzers like Snyk and Fortify. Our…

Software Engineering · Computer Science 2023-08-22 David Noever

Context: Security Vulnerabilities (SVs) pose many serious threats to software systems. Developers usually seek solutions to addressing these SVs on developer Question and Answer (Q&A) websites. However, there is still little known about…

Software Engineering · Computer Science 2021-09-10 Triet H. M. Le , Roland Croft , David Hin , M. Ali Babar

Our work explores the utilization of deep learning, specifically leveraging the CodeBERT model, to enhance code security testing for Python applications by detecting SQL injection vulnerabilities. Unlike traditional security testing methods…

Cryptography and Security · Computer Science 2025-08-29 Guan-Yan Yang , Yi-Heng Ko , Farn Wang , Kuo-Hui Yeh , Haw-Shiang Chang , Hsueh-Yi Chen