English
Related papers

Related papers: Making Secure Software Insecure without Changing I…

200 papers

Java platform provides various APIs to facilitate secure coding. However, correctly using security APIs is usually challenging for developers who lack cybersecurity training. Prior work shows that many developers misuse security APIs; such…

Cryptography and Security · Computer Science 2021-02-16 Ying Zhang , Mahir Kabir , Ya Xiao , Danfeng , Yao , Na Meng

A decade after its first release, the Go programming language has become a major programming language in the development landscape. While praised for its clean syntax and C-like performance, Go also contains a strong static type-system that…

Software Engineering · Computer Science 2021-10-12 Diego Elias Costa , Suhaib Mujahid , Rabe Abdalkareem , Emad Shihab

[Background] Previous research has shown that developers commonly misuse cryptography APIs. [Aim] We have conducted an exploratory study to find out how crypto APIs are used in open-source Java projects, what types of misuses exist, and why…

Cryptography and Security · Computer Science 2020-09-03 Mohammadreza Hazhirpasand , Mohammad Ghafari , Oscar Nierstrasz

To meet the ever-growing need for performance in silicon devices, SoC providers have been increasingly relying on software-hardware cooperation. By controlling hardware resources such as power or clock management from the software,…

Cryptography and Security · Computer Science 2021-11-03 Joseph Gravellier , Jean-Max Dutertre , Yannick Teglia , Philippe Loubet Moundi

Developing autonomous driving (AD) systems is challenging due to the complexity of the systems and the need to assure their safe and reliable operation. The widely adopted approach of DevOps seems promising to support the continuous…

Software Engineering · Computer Science 2025-06-30 Ali Nouri , Beatriz Cabrero-Daniel , Fredrik Törner , Christian Berger

Open-source software (OSS) has become increasingly more popular across different domains. However, this rapid development and widespread adoption come with a security cost. The growing complexity and openness of OSS ecosystems have led to…

Cryptography and Security · Computer Science 2025-06-17 Seyed Ali Akhavani , Behzad Ousat , Amin Kharraz

Previous studies have shown that cryptography is hard for developers to use and misusing cryptography leads to severe security vulnerabilities. We studied relevant vulnerability reports on the HackerOne bug bounty platform to understand…

Cryptography and Security · Computer Science 2021-11-09 Mohammadreza Hazhirpasand , Mohammad Ghafari

Software Defined Networking (SDN) is a network paradigm shift that facilitates comprehensive network programmability to cope with emerging new technologies such as cloud computing and big data. SDN facilitates simplified and centralized…

Cryptography and Security · Computer Science 2020-02-04 Sarwan Ali , Maria Khalid Alvi , Safi Faizullah , Muhammad Asad Khan , Abdullah Alshanqiti , Imdadullah Khan

There are different requirements on cybersecurity of industrial control systems and information technology systems. This fact exacerbates the global issue of hiring cybersecurity employees with relevant skills. In this paper, we present…

Cryptography and Security · Computer Science 2020-04-27 Pavel Čeleda , Jan Vykopal , Valdemar Švábenský , Karel Slavíček

Applications running in Trusted Execution Environments (TEEs) commonly use untrusted external services such as host File System. Adversaries may maliciously alter the normal service behavior to trigger subtle application bugs that would…

Cryptography and Security · Computer Science 2022-11-15 Meni Orenbach , Bar Raveh , Alon Berkenstadt , Yan Michalevsky , Shachar Itzhaky , Mark Silberstein

Security remains a critical challenge in modern web applications, where threats such as unauthorized access, data breaches, and injection attacks continue to undermine trust and reliability. Traditional Object-Oriented Programming (OOP)…

Software Engineering · Computer Science 2025-09-10 Mterorga Ukor

Quantum computing is emerging as a significant threat to information protected by widely used cryptographic systems. Cryptographic methods, once deemed secure for decades, are now at risk of being compromised, posing a massive threat to the…

Data leaks and breaches are on the rise. They result in huge losses of money for businesses like the movie industry, as well as a loss of user privacy for businesses dealing with user data like the pharmaceutical industry. Preventing data…

Cryptography and Security · Computer Science 2020-12-14 Loïc Miller , Pascal Mérindol , Antoine Gallais , Cristel Pelsser

More and more industrial devices are connected to IP-based networks, as this is essential for the success of Industry 4.0. However, this interconnection also results in an increased attack surface for various network-based attacks. One of…

Cryptography and Security · Computer Science 2020-07-20 Florian Fischer , Matthias Niedermaier , Thomas Hanka , Peter Knauer , Dominik Merli

Open source C code underpins society's computing infrastructure. Decades of work has helped harden C code against attackers, but C projects do not consist of only C code. C projects also contain build system code for automating development…

Software Engineering · Computer Science 2026-01-15 Brent Pappas , Paul Gazzillo

Software containers are widely adopted for developing and deploying software applications. Despite their popularity, major security concerns arise during container development and deployment. Software Engineering (SE) research literature…

Software Engineering · Computer Science 2025-12-16 Maha Sroor , Teerath Das , Rahul Mohanani , Tommi Mikkonen

Threat emulators are tools or sets of scripts that emulate cyber attacks or malicious behavior. They can be used to create and launch single procedure attacks and multi-step attacks; the resulting attacks may be known or unknown cyber…

Cryptography and Security · Computer Science 2020-10-05 Polina Zilberman , Rami Puzis , Sunders Bruskin , Shai Shwarz , Yuval Elovici

The management of security credentials (e.g., passwords, secret keys) for computational science workflows is a burden for scientists and information security officers. Problems with credentials (e.g., expiration, privilege mismatch) cause…

Distributed, Parallel, and Cluster Computing · Computer Science 2018-07-13 Alex Withers , Brian Bockelman , Derek Weitzel , Duncan Brown , Jeff Gaynor , Jim Basney , Todd Tannenbaum , Zach Miller

Several studies showed that misuses of cryptographic APIs are common in real-world code (e.g., Apache projects and Android apps). There exist several open-sourced and commercial security tools that automatically screen Java programs to…

Cryptography and Security · Computer Science 2021-12-09 Sharmin Afrose , Ya Xiao , Sazzadur Rahaman , Barton P. Miller , Danfeng , Yao

As the use of Voice Processing Systems (VPS) continues to become more prevalent in our daily lives through the increased reliance on applications such as commercial voice recognition devices as well as major text-to-speech software, the…

Cryptography and Security · Computer Science 2021-12-28 Robert Chang , Logan Kuo , Arthur Liu , Nader Sehatbakhsh