English
Related papers

Related papers: Making Secure Software Insecure without Changing I…

200 papers

Open Source Software (OSS) security and resilience are worldwide phenomena hampering economic and technological innovation. OSS vulnerabilities can cause unauthorized access, data breaches, network disruptions, and privacy violations,…

Software Engineering · Computer Science 2024-01-17 Nafis Tanveer Islam , Gonzalo De La Torre Parra , Dylan Manual , Murtuza Jadliwala , Peyman Najafirad

Cybersecurity research increasingly depends on reproducible evidence, such as traffic traces, logs, and labeled datasets, yet most public datasets remain static and offer limited support for controlled re-execution and traceability,…

Cryptography and Security · Computer Science 2026-04-07 Leonardo Bitzki , Diego Kreutz , Tiago Heinrich , Douglas Fideles , Leandro Bertholdo , Silvio Quincozes , Angelo Diniz

In systems owned by normal end-users, many times security attacks are mounted by sneaking in malicious applications or exploiting existing software vulnerabilities through security non-conforming actions of users. Virtualization approaches…

Cryptography and Security · Computer Science 2022-11-07 Vinayak Trivedi , Tushar Gurjar , Sumaiya Shaikh , Saketh Maddamsetty , Debadatta Mishra

In our digital world, access to personal and public data has become an item of concern, with challenging security and privacy aspects. Modern information systems are heterogeneous in nature and have an inherent security vulnerability, which…

Cryptography and Security · Computer Science 2024-01-18 MN Ramahlosi , Y Madani , A Akanbi

This paper presents C8s, a confidential computing architecture for Kubernetes that provides cryptographically rooted confidentiality, integrity, and verifiability guarantees for Kubernetes clusters from infrastructure operators. These…

Cryptography and Security · Computer Science 2026-05-01 Amean Asad , Patrick McClurg , João Andrade

Secure by Design has become the mainstream development approach ensuring that software systems are not vulnerable to cyberattacks. Architectural security controls need to be carefully monitored over the software development life cycle to…

Software Engineering · Computer Science 2023-07-13 Ahmet Okutan , Ali Shokri , Viktoria Koscinski , Mohamad Fazelinia , Mehdi Mirakhorli

Research has shown that cryptographic APIs are hard to use. Consequently, developers resort to using code examples available in online information sources that are often not secure. We have developed a web platform, named CryptoExplorer,…

Software Engineering · Computer Science 2020-01-06 Mohammadreza Hazhirpasand , Mohammad Ghafari , Oscar Nierstrasz

When implementing secure software, developers must ensure certain requirements, such as the erasure of secret data after its use and execution in real time. Such requirements are not explicitly captured by the C language and could…

Cryptography and Security · Computer Science 2019-07-08 A. P. Shivarpatna Venkatesh , A. Bhat Handadi , M. Mory

Spring security is tremendously popular among practitioners for its ease of use to secure enterprise applications. In this paper, we study the application framework misconfiguration vulnerabilities in the light of Spring security, which is…

Cryptography and Security · Computer Science 2020-07-29 Mazharul Islam , Sazzadur Rahaman , Na Meng , Behnaz Hassanshahi , Padmanabhan Krishnan , Danfeng , Yao

Many systems today rely heavily on virtual private network (VPN) technology to connect networks and protect their services on the Internet. While prior studies compare the performance of different implementations, they do not consider…

Cryptography and Security · Computer Science 2022-06-15 Fabio Streun , Joel Wanner , Adrian Perrig

Secure coding is a critical yet often overlooked practice in software development. Despite extensive awareness efforts, real-world adoption remains inconsistent due to organizational, educational, and technical barriers. This paper provides…

Software Engineering · Computer Science 2025-10-02 Kiana Kiashemshaki , Mohammad Jalili Torkamani , Negin Mahmoudi

The global interest in quantum networks stems from the security guaranteed by the laws of physics. Deploying quantum networks means facing the challenges of scaling up the physical hardware and, more importantly, of scaling up all other…

Software security requirements have been traditionally considered as a non-functional attribute of the software. However, as more software started to provide services online, existing mechanisms of using firewalls and other hardware to…

Software Engineering · Computer Science 2023-10-24 Asif Imran

The advent of distributed computing systems will offer great flexibility for application workloads, while also imposing more attention to security, where the future advent and adoption of quantum technology can introduce new security…

Networking and Internet Architecture · Computer Science 2024-05-28 Claudio Cicconetti , Dario Sabella , Pietro Noviello , Gennaro Davide Paduanelli

Software-Defined Networking (SDN) has transformed network architectures by decoupling the control and data-planes, enabling fine-grained control over packet processing and forwarding. P4, a language designed for programming data-plane…

Cryptography and Security · Computer Science 2025-05-15 Anoud Alshnakat , Amir M. Ahmadian , Musard Balliu , Roberto Guanciale , Mads Dam

This paper presents an approach to provide strong assurance of the secure execution of distributed event-driven applications on shared infrastructures, while relying on a small Trusted Computing Base. We build upon and extend security…

Cryptography and Security · Computer Science 2023-06-30 Gianluca Scopelliti , Sepideh Pouyanrad , Job Noorman , Fritz Alder , Christoph Baumann , Frank Piessens , Jan Tobias Mühlberg

In recent months there has been an increase in the popularity and public awareness of secure, cloudless file transfer systems. The aim of these services is to facilitate the secure transfer of files in a peer-to- peer (P2P) fashion over the…

Cryptography and Security · Computer Science 2015-10-05 Jason Farina , Mark Scanlon , Stephen Kohlmann , Nhien-An Le Khac , M-Tahar Kechadi

LLM-based coding agents extend their capabilities via third-party agent skills distributed through open marketplaces without mandatory security review. Unlike traditional packages, these skills are executed as operational directives with…

Cryptography and Security · Computer Science 2026-04-06 Yubin Qu , Yi Liu , Tongcheng Geng , Gelei Deng , Yuekang Li , Leo Yu Zhang , Ying Zhang , Lei Ma

The rise of AI has transformed the software and hardware landscape, enabling powerful capabilities through specialized infrastructures, large-scale data storage, and advanced hardware. However, these innovations introduce unique attack…

Cryptography and Security · Computer Science 2025-08-29 Michael R Smith , Joe Ingram

The internet landscape is growing and at the same time becoming more heterogeneous. Services are performed via computers and networks, critical data is stored digitally. This enables freedom for the user, and flexibility for operators. Data…

Cryptography and Security · Computer Science 2020-12-17 Simon D Duque Anton , Daniel Fraunholz , Daniel Schneider