English
Related papers

Related papers: Automatic detection of access control vulnerabilit…

200 papers

Broken Object Level Authorization (BOLA) is consistently ranked the most critical API security vulnerability, yet the existing literature remains almost entirely conceptual. This paper presents one of the first large-scale empirical…

Cryptography and Security · Computer Science 2026-05-26 Bandana Kaur

APIs have become the prominent technology of choice for achieving inter-service communications. The growth of API deployments has driven the urgency in addressing its lack of security standards. API Security is a topic for concern given the…

Cryptography and Security · Computer Science 2024-06-05 Rami Haddad , Rim El Malki , Daniel Cozma

RESTful APIs facilitate data exchange between applications, but they also expose sensitive resources to potential exploitation. Broken Object Level Authorization (BOLA) is the top vulnerability in the OWASP API Security Top 10, exemplifies…

Cryptography and Security · Computer Science 2025-07-16 Anbin Wu , Zhiyong Feng , Ruitao Feng , Zhenchang Xing , Yang Liu

Currently, Application Programming Interfaces (APIs) are becoming increasingly popular to facilitate data transfer in a variety of mobile applications. These APIs often process sensitive user information through their endpoints, which are…

Cryptography and Security · Computer Science 2023-10-24 Nate Haris , Kendree Chen , Ann Song , Benjamin Pou

Application Programming Interface (API) Injection attacks refer to the unauthorized or malicious use of APIs, which are often exploited to gain access to sensitive data or manipulate online systems for illicit purposes. Identifying actors…

Cryptography and Security · Computer Science 2025-05-16 Udi Aharon , Ran Dubin , Amit Dvir , Chen Hajaj

Deep learning solutions for vulnerability detection proposed in academic research are not always accessible to developers, and their applicability in industrial settings is rarely addressed. Transferring such technologies from academia to…

Software Engineering · Computer Science 2025-11-25 Moritz Mock , Thomas Forrer , Barbara Russo

Vision-Language-Action (VLA) models have advanced robotic control by enabling end-to-end decision-making directly from multimodal inputs. However, their tightly coupled architectures expose novel security vulnerabilities. Unlike traditional…

Cryptography and Security · Computer Science 2025-05-23 Xueyang Zhou , Guiyao Tie , Guowen Zhang , Hechang Wang , Pan Zhou , Lichao Sun

Java platform provides various APIs to facilitate secure coding. However, correctly using security APIs is usually challenging for developers who lack cybersecurity training. Prior work shows that many developers misuse security APIs; such…

Cryptography and Security · Computer Science 2021-02-16 Ying Zhang , Mahir Kabir , Ya Xiao , Danfeng , Yao , Na Meng

AI agents increasingly require direct, structured access to application data and actions, but production deployments still struggle to express and verify the governance properties that matter in practice: least-privilege authorization,…

Cryptography and Security · Computer Science 2026-02-25 Genliang Zhu , Chu Wang , Ziyuan Wang , Zhida Li , Qiang Li

Static and dynamic binary analysis techniques are actively used to reverse engineer software's behavior and to detect its vulnerabilities, even when only the binary code is available for analysis. To avoid analysis errors due to misreading…

Cryptography and Security · Computer Science 2021-08-24 Sami Kairajärvi , Andrei Costin , Timo Hämäläinen

While the adoption of Service-Oriented Architectures (SOA) eases the implementation of features such as autonomous driving and over-the-air updates, it also increases the vehicle's exposure to attacks that may place road-users in harm. To…

Logic in Computer Science · Computer Science 2022-12-26 Yuri Gil Dantas , Simon Barner , Pei Ke , Vivek Nigam , Ulrich Schoepp

Isadora is a methodology for creating information flow specifications of hardware designs. The methodology combines information flow tracking and specification mining to produce a set of information flow properties that are suitable for use…

Cryptography and Security · Computer Science 2021-10-05 Calvin Deutschbein , Andres Meza , Francesco Restuccia , Ryan Kastner , Cynthia Sturton

Security Application Programming Interfaces (APIs) are crucial for ensuring software security. However, their misuse introduces vulnerabilities, potentially leading to severe data breaches and substantial financial loss. Complex API design,…

Cryptography and Security · Computer Science 2025-05-15 Zahra Mousavi , Chadni Islam , M. Ali Babar , Alsharif Abuadbba , Kristen Moore

Most IoT systems involve IoT devices, communication protocols, remote cloud, IoT applications, mobile apps, and the physical environment. However, existing IoT security analyses only focus on a subset of all the essential components, such…

Cryptography and Security · Computer Science 2022-02-08 Zheng Fang , Hao Fu , Tianbo Gu , Pengfei Hu , Jinyue Song , Trent Jaeger , Prasant Mohapatra

With the increasing frequency and sophistication of Distributed Denial of Service (DDoS) attacks, it has become critical to develop more efficient and interpretable detection methods. Traditional detection systems often struggle with…

Cryptography and Security · Computer Science 2025-11-07 Paul Badu Yakubu , Lesther Santana , Mohamed Rahouti , Yufeng Xin , Abdellah Chehri , Mohammed Aledhari

The current paper addresses relevant network security vulnerabilities introduced by network devices within the emerging paradigm of Internet of Things (IoT) as well as the urgent need to mitigate the negative effects of some types of…

Cryptography and Security · Computer Science 2021-04-16 Pedro Manso , Jose Moura , Carlos Serrao

Users interacting with a system through UI are typically obliged to perform their actions in a pre-determined order, to successfully achieve certain functional goals. However, such obligations are often not followed strictly by users, which…

Cryptography and Security · Computer Science 2021-11-03 Pengcheng Jiang , Kenji Tei

As object detection becomes integral to many safety-critical applications, understanding its vulnerabilities is essential. Backdoor attacks, in particular, pose a serious threat by implanting hidden triggers in victim models, which…

Cryptography and Security · Computer Science 2025-03-14 Jialin Lu , Junjie Shan , Ziqi Zhao , Ka-Ho Chow

As object detection becomes integral to many safety-critical applications, understanding its vulnerabilities is essential. Backdoor attacks, in particular, pose a serious threat by implanting hidden triggers in victim models, which…

Cryptography and Security · Computer Science 2025-03-17 Jialin Lu , Junjie Shan , Ziqi Zhao , Ka-Ho Chow

It is a challenging task to design a random access protocol that achieves the optimal throughput in multi-cell random access with decentralized transmission due to the difficulty of coordination. In this paper, we present a decentralized…

Information Theory · Computer Science 2020-06-16 Huifa Lin , Kwang Soon Kim , Won-Yong Shin
‹ Prev 1 2 3 10 Next ›