English
Related papers

Related papers: WebSpec: Towards Machine-Checked Analysis of Brows…

200 papers

Security Application Programming Interfaces (APIs) are crucial for ensuring software security. However, their misuse introduces vulnerabilities, potentially leading to severe data breaches and substantial financial loss. Complex API design,…

Cryptography and Security · Computer Science 2025-05-15 Zahra Mousavi , Chadni Islam , M. Ali Babar , Alsharif Abuadbba , Kristen Moore

Automated browsers are widely used to study the web at scale. Their premise is that they measure what regular browsers would encounter on the web. In practice, deviations due to detection of automation have been found. To what extent…

Cryptography and Security · Computer Science 2022-05-19 Benjamin Krumnow , Hugo Jonker , Stefan Karsch

The Domain Name System Security Extensions (DNSSEC) are critical for preventing DNS spoofing, yet its specifications contain ambiguities and vulnerabilities that elude traditional "break-and-fix" approaches. A holistic, foundational…

Cryptography and Security · Computer Science 2025-12-15 Qifan Zhang , Zilin Shen , Imtiaz Karim , Elisa Bertino , Zhou Li

Automatic security protocol analysis is currently feasible only for small protocols. Since larger protocols quite often are composed of many small protocols, compositional analysis is an attractive, but non-trivial approach. We have…

Cryptography and Security · Computer Science 2007-05-23 Suzana Andova , Cas Cremers , Kristian Gjosteen , Sjouke Mauw , Stig F. Mjolsnes , Sasa Radomirovic

We introduce 'FactCheck Editor', an advanced text editor designed to automate fact-checking and correct factual inaccuracies. Given the widespread issue of misinformation, often a result of unintentional mistakes by content creators, our…

Computation and Language · Computer Science 2024-05-01 Vinay Setty

Static analysis has established itself as a weapon of choice for detecting security vulnerabilities. Taint analysis in particular is a very general and powerful technique, where security policies are expressed in terms of forbidden flows,…

Cryptography and Security · Computer Science 2021-11-19 Saikat Dutta , Diego Garbervetsky , Shuvendu Lahiri , Max Schäfer

The increased use of large language models (LLMs) across a variety of real-world applications calls for mechanisms to verify the factual accuracy of their outputs. Difficulties lie in assessing the factuality of free-form responses in open…

Computation and Language · Computer Science 2025-10-30 Yuxia Wang , Minghan Wang , Hasan Iqbal , Georgi Georgiev , Jiahui Geng , Preslav Nakov

Built on top of UDP, the relatively new QUIC protocol serves as the baseline for modern web protocol stacks. Equipped with a rich feature set, the protocol is defined by a 151 pages strong IETF standard complemented by several additional…

Cryptography and Security · Computer Science 2023-07-03 Stefan Tatschner , Sebastian N. Peters , David Emeis , John Morris , Thomas Newe

Neural networks are increasingly deployed in real-world safety-critical domains such as autonomous driving, aircraft collision avoidance, and malware detection. However, these networks have been shown to often mispredict on inputs with…

Machine Learning · Computer Science 2018-11-09 Shiqi Wang , Kexin Pei , Justin Whitehouse , Junfeng Yang , Suman Jana

The rapid evolution of Web UI incurs time and effort in UI test maintenance. Prior techniques in Web UI test repair focus on locating the target elements on the new Webpage that match the old ones so that the corresponding broken statements…

Software Engineering · Computer Science 2025-01-23 Zhuolin Xu , Qiushi Li , Shin Hwei Tan

Following QUIC protocol ratification on May 2021, the third major version of the Hypertext Transfer Protocol, namely HTTP/3, was published around one year later in RFC 9114. In light of these consequential advancements, the current work…

Cryptography and Security · Computer Science 2022-12-13 Efstratios Chatzoglou , Vasileios Kouliaridis , Georgios Kambourakis , Georgios Karopoulos , Stefanos Gritzalis

This paper introduces an innovative approach that combines Large Language Models (LLMs) with Formal Verification strategies for automatic software vulnerability repair. Initially, we employ Bounded Model Checking (BMC) to identify…

Software Engineering · Computer Science 2024-07-01 Norbert Tihanyi , Ridhi Jain , Yiannis Charalambous , Mohamed Amine Ferrag , Youcheng Sun , Lucas C. Cordeiro

The paper analyses current versions of top three used Internet browsers and compare their security levels to a research done in 2006. The security is measured by analyzing how user data is stored. Data recorded during different browsing…

Cryptography and Security · Computer Science 2011-12-30 Catalin Boja

WebAssembly is a new binary instruction format that allows targeted compiled code written in high-level languages to be executed with near-native speed by the browser's JavaScript engine. However, given that WebAssembly binaries can be…

Cryptography and Security · Computer Science 2022-04-28 Tiago Brito , Pedro Lopes , Nuno Santos , José Fragoso Santos

We present the first mechanized, succinct, practical, complete, and proven-faithful semantics for a modern regular expression language with backtracking semantics. We ensure its faithfulness by proving it equivalent to a preexisting…

Programming Languages · Computer Science 2026-04-08 Aurèle Barrière , Victor Deng , Clément Pit-Claudel

The increasing complexity and scale of modern digital environments have exposed significant gaps in traditional cybersecurity penetration testing methods, which are often time-consuming, labor-intensive, and unable to rapidly adapt to…

Cryptography and Security · Computer Science 2024-09-09 Ibrahim Alshehri , Adnan Alshehri , Abdulrahman Almalki , Majed Bamardouf , Alaqsa Akbar

The ever increasing complexity of hardware platforms poses a challenge to systems programmers. Correctly programming a multitude of components, providing functionality and security, is difficult: semantics of individual units are described…

Cryptography and Security · Computer Science 2026-04-21 Ben Fiedler , Samuel Gruetter , Timothy Roscoe

Computer-based systems have solved several domain problems, including industrial, military, education, and wearable. Nevertheless, such arrangements need high-quality software to guarantee security and safety as both are mandatory for…

Software vulnerabilities are a fundamental cause of cyber attacks. Effectively identifying these vulnerabilities is essential for robust cybersecurity, yet it remains a complex and challenging task. In this paper, we present SafePyScript, a…

Software Engineering · Computer Science 2024-11-04 Talaya Farasat , Atiqullah Ahmadzai , Aleena Elsa George , Sayed Alisina Qaderi , Dusan Dordevic , Joachim Posegga

Software security is becoming a high priority for both large companies and start-ups alike due to the increasing potential for harm that vulnerabilities and breaches carry with them. However, attaining robust security assurance while…

Software Engineering · Computer Science 2019-08-06 David N. Palacio , Daniel McCrystal , Kevin Moran , Carlos Bernal-Cárdenas , Denys Poshyvanyk , Chris Shenefiel