English
Related papers

Related papers: Web Application Weakness Ontology Based on Vulnera…

200 papers

Web applications are relied upon by many for the services they provide. It is essential that applications implement appropriate security measures to prevent security incidents. Currently, web applications focus resources towards the…

Cryptography and Security · Computer Science 2019-02-18 Calum C. Hall , Lynsay A. Shepherd , Natalie Coull

Much of the current software depends on open-source components, which in turn have complex dependencies on other open-source libraries. Vulnerabilities in open source therefore have potentially huge impacts. The goal of this work is to get…

Software Engineering · Computer Science 2023-05-10 Tobias Dam , Sebastian Neumaier

Widespread deployment of the Internet enabled building of an emerging IT delivery model, i.e., cloud computing. Albeit cloud computing-based services have rapidly developed, their security aspects are still at the initial stage of…

Cryptography and Security · Computer Science 2014-05-26 Takeshi Takahashi , Youki Kadobayashi , Hiroyuki Fujiwara

Defects in requirements specifications can have severe consequences during the software development lifecycle. Some of them may result in poor product quality and/or time and budget overruns due to incorrect or missing quality…

Software Engineering · Computer Science 2020-09-09 Hugo Villamizar , Marcos Kalinowski , Alessandro Garcia , Daniel Mendez Fernández

Software Vulnerabilities (SVs) are increasing in complexity and scale, posing great security risks to many software systems. Given the limited resources in practice, SV assessment and prioritization help practitioners devise optimal SV…

Software Engineering · Computer Science 2023-01-09 Triet H. M. Le , Huaming Chen , M. Ali Babar

The Common Weakness Enumeration (CWE) is a prominent list of software weakness types. This list is used by vulnerability databases to describe the underlying security flaws within analyzed vulnerabilities. This linkage opens the possibility…

Cryptography and Security · Computer Science 2020-06-16 Peter Mell , Assane Gueye

Web attacks, i.e. attacks exclusively using the HTTP protocol, are rapidly becoming one of the fundamental threats for information systems connected to the Internet. When the attacks suffered by web servers through the years are analyzed,…

Cryptography and Security · Computer Science 2007-05-23 Gonzalo Alvarez , Slobodan Petrovic

Web applications are becoming truly pervasive in all kinds of business models and organizations. Today, most critical systems such as those related to health care, banking, or even emergency response, are relying on these applications. They…

Cryptography and Security · Computer Science 2009-06-01 Joaquin Garcia-Alfaro , Guillermo Navarro-Arribas

All computer programs have flaws, some of which can be exploited to gain unauthorized access to computer systems. We conducted a field study on publicly reported vulnerabilities affecting three open source software projects in widespread…

Software Engineering · Computer Science 2019-12-05 Raul Barbosa , Frederico Cerveira , Luis Goncalo , Henrique Madeira

Despite various approaches being employed to detect vulnerabilities, the number of reported vulnerabilities shows an upward trend over the years. This suggests the problems are not caught before the code is released, which could be caused…

Cryptography and Security · Computer Science 2025-02-14 Karl Tamberg , Hayretdin Bahsi

Obtaining an implementation of a data warehouse is a complex task that forces designers to acquire wide knowledge of the domain, thus requiring a high level of expertise and becoming it a prone-to-fail task. Based on our experience, we have…

Databases · Computer Science 2011-06-03 Jesús Pardillo , Jose-Norberto Mazón

In the highly interconnected digital landscape of today, safeguarding complex infrastructures against cyber threats has become increasingly challenging due to the exponential growth in the number and complexity of vulnerabilities. Resource…

Cryptography and Security · Computer Science 2025-02-18 Yuning Jiang , Nay Oo , Qiaoran Meng , Hoon Wei Lim , Biplab Sikdar

PHP is one of the most commonly used languages to develop web sites because of its simplicity, easy to learn and it can be easily embedded with any of the databases. A web developer with his basic knowledge developing an application without…

Cryptography and Security · Computer Science 2015-06-17 C. Sireesha , G. Jyostna , P. Raghu Varan , P. R. L. Eswari

Open-source software (OSS) has become increasingly more popular across different domains. However, this rapid development and widespread adoption come with a security cost. The growing complexity and openness of OSS ecosystems have led to…

Cryptography and Security · Computer Science 2025-06-17 Seyed Ali Akhavani , Behzad Ousat , Amin Kharraz

This paper is based on and advocates the trend in software engineering of extending the use of software patterns as means of structuring solutions to software development problems (be they motivated by best practice or by company interests…

Software Engineering · Computer Science 2007-05-23 Jean-Marc Rosengard , Marian Ursu

A precise vulnerability discovery model (VDM) will provide a useful insight to assess software security, and could be a good prediction instrument for both software vendors and users to understand security trends and plan ahead patching…

Cryptography and Security · Computer Science 2018-08-30 Viet Hung Nguyen , Fabio Massacci

Software vulnerabilities have a large negative impact on the software systems that we depend on daily. Reports on software vulnerabilities always paint a grim picture, with some reports showing that 83% of organizations depend on vulnerable…

Software Engineering · Computer Science 2020-09-22 Mahmoud Alfadel , Diego Elias Costa , Mouafak Mokhallalati , Emad Shihab , Bram Adams

Mainstream software applications and tools are the configurable platforms with an enormous number of parameters along with their values. Certain settings and possible interactions between these parameters may harden (or soften) the security…

Software Engineering · Computer Science 2020-06-17 Shuvalaxmi Dass , Akbar Siami Namin

Software vulnerabilities in source code pose serious cybersecurity risks, prompting a shift from traditional detection methods (e.g., static analysis, rule-based matching) to AI-driven approaches. This study presents a systematic review of…

Software Engineering · Computer Science 2025-06-13 Samiha Shimmi , Hamed Okhravi , Mona Rahimi

Defects in requirements specifications can have severe consequences during the software development lifecycle. Some of them result in overall project failure due to incorrect or missing quality characteristics such as security. There are…

Software Engineering · Computer Science 2019-06-28 H. Villamizar , A. A. Neto , M. Kalinowski , A. Garcia , D. Mendez Fernández