English
Related papers

Related papers: WebSpec: Towards Machine-Checked Analysis of Brows…

200 papers

Automated verification has become an essential part in the security evaluation of cryptographic protocols. In this context privacy-type properties are often modelled by indistinguishability statements, expressed as behavioural equivalences…

Cryptography and Security · Computer Science 2024-08-07 Vincent Cheval , Steve Kremer , Itsaka Rakotonirina

Virtual integration techniques focus on building architectural models of systems that can be analyzed early in the design cycle to try to lower cost, reduce risk, and improve quality of complex embedded systems. Given appropriate…

Software Engineering · Computer Science 2015-11-18 Andreas Katis , Andrew Gacek , Michael W. Whalen

It is challenging to verify that the planned security mechanisms are actually implemented in the software. In the context of model-based development, the implemented security mechanisms must capture all intended security properties that…

Software Engineering · Computer Science 2022-03-21 Katja Tuma , Sven Peldszus , Daniel Strüber , Riccardo Scandariato , Jan Jürjens

Modern web applications are dominated by HTTP/HTTPS messages that consist of one or more headers, where most of the exploits and payloads can be injected by attackers. According to the OWASP, the 80 percent of the web attacks are done…

Cryptography and Security · Computer Science 2020-11-09 Tikam Alma , Manik Lal Das

The increasing deployment of large language models (LLMs) in the cybersecurity domain underscores the need for effective model selection and evaluation. However, traditional evaluation methods often overlook specific cybersecurity knowledge…

Cryptography and Security · Computer Science 2025-04-17 Dawei Wang , Geng Zhou , Xianglong Li , Yu Bai , Li Chen , Ting Qin , Jian Sun , Dan Li

Although there have been many solutions applied, the safety challenges related to the password security mechanism are not reduced. The reason for this is that while the means and tools to support password attacks are becoming more and more…

Cryptography and Security · Computer Science 2019-12-05 Nguyen Hong Son , Ha Thanh Dung

Cybersecurity demands rigorous and scalable techniques to ensure system correctness, robustness, and resilience against evolving threats. Automated reasoning, encompassing formal logic, theorem proving, model checking, and symbolic…

Cryptography and Security · Computer Science 2025-05-14 Sarah Veronica

This study empirically validates automated logical specification methods for behavioural models, focusing on their robustness, scalability, and reproducibility. By the systematic reproduction and extension of prior results, we confirm key…

Software Engineering · Computer Science 2025-05-26 Radoslaw Klimek , Jakub Semczyszyn

Smart contracts are prone to various vulnerabilities, leading to substantial financial losses over time. Current analysis tools mainly target vulnerabilities with fixed control or data-flow patterns, such as re-entrancy and integer…

Cryptography and Security · Computer Science 2024-05-07 Yuqiang Sun , Daoyuan Wu , Yue Xue , Han Liu , Haijun Wang , Zhengzi Xu , Xiaofei Xie , Yang Liu

WebAssembly is an instruction set architecture and binary format standard, designed for secure execution by an interpreter. Previous work has shown that WebAssembly is vulnerable to buffer overflow due to the lack of effective protection…

Cryptography and Security · Computer Science 2024-10-24 Quentin Michaud , Yohan Pipereau , Olivier Levillain , Dhouha Ayed

The emergence of AI-driven web automation through Large Language Models (LLMs) offers unprecedented opportunities for optimizing digital workflows. However, deploying such systems within industry's real-world environments presents four core…

Software Engineering · Computer Science 2025-08-26 Ankur Tomar , Hengyue Liang , Indranil Bhattacharya , Natalia Larios , Francesco Carbone

Malicious websites and phishing URLs pose an ever-increasing cybersecurity risk, with phishing attacks growing by 40% in a single year. Traditional detection approaches rely on machine learning classifiers or rule-based scanners operating…

Cryptography and Security · Computer Science 2025-06-05 Avihay Cohen

Browser fingerprinting is a stateless identification technique based on browser properties. Together, they form an identifier that can be collected without users' notice and has been studied to be unique and stable. As this technique relies…

Cryptography and Security · Computer Science 2021-03-02 Antonin Durey , Pierre Laperdrix , Walter Rudametkin , Romain Rouvoy

The complexity of software in embedded systems has increased significantly over the last years so that software verification now plays an important role in ensuring the overall product quality. In this context, SAT-based bounded model…

Software Engineering · Computer Science 2009-11-20 Lucas Cordeiro , Bernd Fischer , Joao Marques-Silva

The increasing complexity of cyberphysical power systems leads to larger attack surfaces to be exploited by malicious actors and a higher risk of faults through misconfiguration. We propose to meet those risks with a declarative approach to…

Cryptography and Security · Computer Science 2025-06-17 Alexander Geiger , Immanuel Hacker , Ömer Sen , Andreas Ulbig

This paper proposes a novel visual model for web applications security monitoring. Although an automated intrusion detection system can shield a web application from common attacks, it usually cannot detect more complicated break-ins. So, a…

Cryptography and Security · Computer Science 2019-04-09 Tran Tri Dang , Tran Khanh Dang

Identifying vulnerabilities in source code is crucial, especially in critical software components. Existing methods such as static analysis, dynamic analysis, formal verification, and recently Large Language Models are widely used to detect…

Modern processors employ different prediction mechanisms to speculate over different kinds of instructions. Attackers can exploit these prediction mechanisms simultaneously in order to trigger leaks about speculatively-accessed data. Thus,…

Cryptography and Security · Computer Science 2022-09-05 Xaver Fabian , Marco Guarnieri , Marco Patrignani

Quantum error correction (QEC) is fundamental for suppressing noise in quantum hardware and enabling fault-tolerant quantum computation. In this paper, we propose an efficient verification framework for QEC programs. We define an assertion…

Programming Languages · Computer Science 2025-10-30 Qifan Huang , Li Zhou , Wang Fang , Mengyu Zhao , Mingsheng Ying

Browser fingerprinting defenses have historically focused on detecting JavaScript(JS)-based tracking techniques. However, the widespread adoption of WebAssembly (WASM) introduces a potential blind spot, as adversaries can convert JS to…