English
Related papers

Related papers: WebSpec: Towards Machine-Checked Analysis of Brows…

200 papers

Traditional security scanners fail when facing new attack patterns they haven't seen before. They rely on fixed rules and predetermined signatures, making them blind to novel threats. We present a fundamentally different approach: instead…

Cryptography and Security · Computer Science 2025-11-21 Ayush Chaudhary

The Check tools automate formal memory consistency model and security verification of processors by analyzing abstract models of microarchitectures, called $\mu$SPEC models. Despite the efficacy of this approach, a verification gap between…

Cryptography and Security · Computer Science 2024-10-01 Yao Hsiao , Nikos Nikoleris , Artem Khyzha , Dominic P. Mulligan , Gustavo Petri , Christopher W. Fletcher , Caroline Trippel

Recent years have seen significant advances in using formal verification to check hardware security properties. Of particular practical interest are checking confidentiality and integrity of secrets, by checking that there is no information…

Cryptography and Security · Computer Science 2026-01-30 Qinhan Tan , Akash Gaonkar , Yu-Wei Fan , Aarti Gupta , Sharad Malik

Microarchitectural security verification of software has seen the emergence of two broad classes of approaches. The first is based on semantic security properties (e.g., non-interference) which are verified for a given program and a…

Cryptography and Security · Computer Science 2024-06-11 Adwait Godbole , Yatin A. Manerkar , Sanjit A. Seshia

Modern software relies on a multitude of automated testing and quality assurance tools to prevent errors, bugs and potential vulnerabilities. This study sets out to provide a head-to-head, quantitative and qualitative evaluation of six…

Software Engineering · Computer Science 2025-08-07 Damian Gnieciak , Tomasz Szandala

As Web sites are now ordinary products, it is necessary to explicit the notion of quality of a Web site. The quality of a site may be linked to the easiness of accessibility and also to other criteria such as the fact that the site is up to…

Information Retrieval · Computer Science 2007-05-23 Thierry Despeyroux

Webshell, as the "culprit" behind numerous network attacks, is one of the research hotspots in the field of cybersecurity. However, the complexity, stealthiness, and confusing nature of webshells pose significant challenges to the…

Cryptography and Security · Computer Science 2024-05-02 Mingrui Ma , Lansheng Han , Chunjie Zhou

Our goal is to provide different semiring-based formal tools for the specification of security requirements: we quantitatively enhance the open-system approach, according to which a system is partially specified. Therefore, we suppose the…

Logic in Computer Science · Computer Science 2015-09-30 Fabio Martinelli , Ilaria Matteucci , Francesco Santini

Due to the growing number of cyber attacks against computer systems, we need to pay special attention to the security of our software systems. In order to maximize the effectiveness, excluding the human component from this process would be…

Cryptography and Security · Computer Science 2021-05-18 Tamás Viszkok , Péter Hegedűs , Rudolf Ferenc

WebShell attacks - where adversaries implant malicious scripts on web servers - remain a persistent threat. Prior machine-learning and deep-learning detectors typically depend on task-specific supervision and can be brittle under data…

Cryptography and Security · Computer Science 2026-02-13 Feijiang Han , Jiaming Zhang , Chuyi Deng , Jianheng Tang , Yunhuai Liu

The most common attacks against web sessions are reviewed in this paper, for example, some attacks against web browsers' honest users attempting to create session with trusted web browser application legally. We have assessed with four…

Software Engineering · Computer Science 2023-10-18 Md. Imtiaz Habib , Abdullah Al Maruf , Md. Jobair Ahmed Nabil

Specification-based regression testing of web services is an important activity which verifies the quality of web services. A major problem in web services is that only provider has the source code and both user and broker only have the XML…

Software Engineering · Computer Science 2015-06-04 Tehreem Masood , Aamer Nadeem , Gang-soo Lee

The Internet, as it stands today, is highly vulnerable to attacks. However, little has been done to understand and verify the formal security guarantees of proposed secure inter-domain routing protocols, such as Secure BGP (S-BGP). In this…

Logic in Computer Science · Computer Science 2017-01-11 Chen Chen , Limin Jia , Hao Xu , Cheng Luo , Wenchao Zhou , Boon Thau Loo

The use of passwords and the need to protect passwords are not going away. The majority of websites that require authentication continue to support password authentication. Even high-security applications such as Internet Banking portals,…

Networking and Internet Architecture · Computer Science 2020-11-13 Teik Guan Tan , Pawel Szalachowski , Jianying Zhou

As more and more monitoring systems have been deployed to smart cities, there comes a higher demand for converting new human-specified requirements to machine-understandable formal specifications automatically. However, these human-specific…

Artificial Intelligence · Computer Science 2022-06-16 Zirong Chen , Isaac Li , Haoxiang Zhang , Sarah Preum , John Stankovic , Meiyi Ma

Web-TLR is a Web verification engine that is based on the well-established Rewriting Logic--Maude/LTLR tandem for Web system specification and model-checking. In Web-TLR, Web applications are expressed as rewrite theories that can be…

Logic in Computer Science · Computer Science 2011-08-12 María Alpuente , Demis Ballis , Javier Espert , Francisco Frechina , Daniel Romero

It is now well-admitted that formal methods are helpful for many issues raised in the Web service area. In this paper we present a framework for the design and verification of WSs using process algebras and their tools. We define a two-way…

Artificial Intelligence · Computer Science 2007-05-23 Andrea Ferrara

Law-enforcement investigations aimed at preventing attacks by violent extremists have become increasingly important for public safety. The problem is exacerbated by the massive data volumes that need to be scanned to identify complex…

Social and Information Networks · Computer Science 2023-10-31 Shashika R. Muramudalige , Benjamin W. K. Hung , Rosanne Libretti , Jytte Klausen , Anura P. Jayasumana

We propose a security verification framework for cryptographic protocols using machine learning. In recent years, as cryptographic protocols have become more complex, research on automatic verification techniques has been focused on. The…

Cryptography and Security · Computer Science 2023-04-27 Kentaro Ohno , Misato Nakabayashi

With the increasing concern for security in the network, many approaches are laid out that try to protect the network from unauthorised access. New methods have been adopted in order to find the potential discrepancies that may damage the…

Cryptography and Security · Computer Science 2014-03-28 Sheetal Bairwa , Bhawna Mewara , Jyoti Gajrani