English
Related papers

Related papers: CamBench -- Cryptographic API Misuse Detection Too…

200 papers

Several studies showed that misuses of cryptographic APIs are common in real-world code (e.g., Apache projects and Android apps). There exist several open-sourced and commercial security tools that automatically screen Java programs to…

Cryptography and Security · Computer Science 2021-12-09 Sharmin Afrose , Ya Xiao , Sazzadur Rahaman , Barton P. Miller , Danfeng , Yao

The correct adoption of cryptography APIs is challenging for mainstream developers, often resulting in widespread API misuse. Meanwhile, cryptography misuse detectors have demonstrated inconsistent performance and remain largely…

Cryptography and Security · Computer Science 2024-09-11 Ehsan Firouzi , Mohammad Ghafari , Mike Ebrahimi

Application Programming Interfaces (APIs) often have usage constraints, such as restrictions on call order or call conditions. API misuses, i.e., violations of these constraints, may lead to software crashes, bugs, and vulnerabilities.…

Software Engineering · Computer Science 2018-03-14 Sven Amann , Hoan Anh Nguyen , Sarah Nadi , Tien N. Nguyen , Mira Mezini

The advent of quantum computing poses a significant challenge as it has the potential to break certain cryptographic algorithms, necessitating a proactive approach to identify and modernize cryptographic code. Identifying these…

Cryptography and Security · Computer Science 2025-03-26 Micha Moffie , Omer Boehm , Anatoly Koyfman , Eyal Bin , Efrayim Sztokman , Sukanta Bhattacharjee , Meghnath Saha , James McGugan

A critical yet frequently overlooked challenge in the field of deepfake detection is the lack of a standardized, unified, comprehensive benchmark. This issue leads to unfair performance comparisons and potentially misleading results.…

Computer Vision and Pattern Recognition · Computer Science 2023-10-31 Zhiyuan Yan , Yong Zhang , Xinhang Yuan , Siwei Lyu , Baoyuan Wu

Lack of experience, inadequate documentation, and sub-optimal API design frequently cause developers to make mistakes when re-using third-party implementations. Such API misuses can result in unintended behavior, performance losses, or…

Software Engineering · Computer Science 2021-07-13 Sebastian Nielebock , Robert Heumüller , Kevin Michael Schott , Frank Ortmeier

Cryptographic API misuse represents a critical vulnerability class that undermines the security foundations of modern software. Yet, it remains largely unexplored in Go despite its dominance in security-critical infrastructure. This paper…

Cryptography and Security · Computer Science 2026-04-28 Vivi Andersson , Martin Monperrus

Security Application Programming Interfaces (APIs) are crucial for ensuring software security. However, their misuse introduces vulnerabilities, potentially leading to severe data breaches and substantial financial loss. Complex API design,…

Cryptography and Security · Computer Science 2025-05-15 Zahra Mousavi , Chadni Islam , M. Ali Babar , Alsharif Abuadbba , Kristen Moore

The correct use of cryptography is central to ensuring data security in modern software systems. Hence, several academic and commercial static analysis tools have been developed for detecting and mitigating crypto-API misuse. While…

Cryptography and Security · Computer Science 2026-02-05 Amit Seal Ami , Scott Marsden , Kevin Moran , Denys Poshyvanyk , Adwait Nadkarni

Obtaining standardized crowdsourced benchmark of computational methods is a major issue in data science communities. Dedicated frameworks enabling fair benchmarking in a unified environment are yet to be developed. Here we introduce…

Machine Learning · Computer Science 2022-06-28 Zhen Xu , Sergio Escalera , Isabelle Guyon , Adrien Pavão , Magali Richard , Wei-Wei Tu , Quanming Yao , Huan Zhao

APIs are essential ingredients for developing complex software systems. However, they are difficult to learn and to use. Thus, developers may misuse them, which results in various types of issues. In this paper, we explore the use of a…

Software Engineering · Computer Science 2020-12-29 Maxime Gallais-Jimenez , Hoan A. Nguyen , Mohamed Aymen Saied , Tien N. Nguyen , Houari Sahraoui

Benchmarking involves designing scientific test methods, tools, and frameworks to quantitatively and comparably assess specific performance indicators of certain test subjects. With the development of artificial intelligence, AI…

Software Engineering · Computer Science 2023-11-28 Fenglin Bi , Fanyu Han , Shengyu Zhao , Jinlu Li , Yanbin Zhang , Wei Wang

API misuse introduces security vulnerabilities, system failures, and increases maintenance costs, all of which remain critical challenges in software development. Existing detection approaches rely on static analysis or machine…

Software Engineering · Computer Science 2025-09-23 Saikat Mondal , Chanchal K. Roy , Hong Wang , Juan Arguello , Samantha Mathan

Application Programming Interfaces (APIs) are crucial to software development, enabling integration of existing systems with new applications by reusing tried and tested code, saving development time and increasing software safety. In…

Software Engineering · Computer Science 2026-04-10 Ponnampalam Pirapuraj , Tamal Mondal , Sharanya Gupta , Akash Lal , Somak Aditya , Jyothi Vedurada

[Background] Previous research has shown that developers commonly misuse cryptography APIs. [Aim] We have conducted an exploratory study to find out how crypto APIs are used in open-source Java projects, what types of misuses exist, and why…

Cryptography and Security · Computer Science 2020-09-03 Mohammadreza Hazhirpasand , Mohammad Ghafari , Oscar Nierstrasz

In recent years, various benchmark suites have been developed to evaluate the efficacy of Android security analysis tools. The choice of such benchmark suites used in tool evaluations is often based on the availability and popularity of…

Software Engineering · Computer Science 2020-02-05 Joydeep Mitra , Venkatesh-Prasad Ranganath , Aditya Narkar

The prevalence of cryptographic API misuse (CAM) is compromising the effectiveness of cryptography and in turn the security of modern systems and applications. Despite extensive efforts to develop CAM detection tools, these tools typically…

Cryptography and Security · Computer Science 2025-09-16 Yang Zhang , Wenyi Ouyang , Yi Zhang , Liang Cheng , Chen Wu , Wenxin Hu

The Model Context Protocol (MCP) is rapidly emerging as the middleware for LLM-based applications, offering a standardized interface for tool integration. However, its built-in security mechanisms are minimal: while schemas and declarations…

Cryptography and Security · Computer Science 2025-12-04 Biwei Yan , Yue Zhang , Minghui Xu , Hao Wu , Yechao Zhang , Kun Li , Guoming Zhang , Xiuzhen Cheng

Application Programming Interfaces (APIs), which encapsulate the implementation of specific functions as interfaces, greatly improve the efficiency of modern software development. As numbers of APIs spring up nowadays, developers can hardly…

Software Engineering · Computer Science 2021-12-24 Yun Peng , Shuqing Li , Wenwei Gu , Yichen Li , Wenxuan Wang , Cuiyun Gao , Michael Lyu

Combinatorial testing is a widely adopted technique for efficiently detecting faults in software. The quality of combinatorial test generators plays a crucial role in achieving effective test coverage. Evaluating combinatorial test…

Software Engineering · Computer Science 2023-12-19 Andrea Bombarda , Angelo Gargantini
‹ Prev 1 2 3 10 Next ›