English
Related papers

Related papers: Cargo Ecosystem Dependency-Vulnerability Knowledge…

200 papers

The study of network robustness is a critical tool in the characterization and sense making of complex interconnected systems such as infrastructure, communication and social networks. While significant research has been conducted in all of…

Social and Information Networks · Computer Science 2022-03-31 Scott Freitas , Diyi Yang , Srijan Kumar , Hanghang Tong , Duen Horng Chau

Cascading failure is a potentially devastating process that spreads on real-world complex networks and can impact the integrity of wide-ranging infrastructures, natural systems, and societal cohesiveness. One of the essential features that…

In finance, leverage is the ratio between assets borrowed from others and one's own assets. A matching situation is present in software: by using free open-source software (FOSS) libraries a developer leverages on other people's code to…

Software Engineering · Computer Science 2021-03-08 Fabio Massacci , Ivan Pashchenko

The increased penetration of electrical vehicles (EVs) in the distribution system creates a power system with many small moving batteries. With better charging technologies and market structures, the opportunity of using EVs for reliability…

Systems and Control · Electrical Eng. & Systems 2023-02-21 Stine Fleischer Myhre , Olav Bjarte Fosso , Oddbjørn Gjerde , Poul Einar Heegaard

The increasing need for reducing greenhouse gas emissions and the drive for green cities have promoted the use of electric vehicles due to their environmental benefits. In fact, countries have set their own targets and are offering…

Systems and Control · Electrical Eng. & Systems 2022-07-21 Mohammad Ali Sayed , Ribal Atallah , Chadi Assi , Mourad Debbabi

The interest in autonomous vehicles (AVs) for critical missions, including transportation, rescue, surveillance, reconnaissance, and mapping, is growing rapidly due to their significant safety and mobility benefits. AVs consist of complex…

Cryptography and Security · Computer Science 2025-09-23 Md Wasiul Haque , Md Erfan , Sagar Dasgupta , Md Rayhanur Rahman , Mizanur Rahman

Software supply chain security compromises often stem from cascaded interactions of vulnerabilities, for example, between multiple vulnerable components. Yet, Software Bill of Materials (SBOM)-based pipelines for security analysis typically…

Software Engineering · Computer Science 2026-04-08 Laura Baird , Armin Moin

Background: The Node Package Manager (npm) ecosystem plays a vital role in modern software development by providing a vast repository of packages and tools that developers can use to implement their software systems. However, recent…

Software Engineering · Computer Science 2026-01-29 Anthony Peruma , Truman Choy , Gerald Lee , Italo De Oliveira Santos

This paper is motivated by two applications, namely i) generalizations of cuckoo hashing, a computationally simple approach to assigning keys to objects, and ii) load balancing in content distribution networks, where one is interested in…

Probability · Mathematics 2012-07-09 Mathieu Leconte , Marc Lelarge , Laurent Massoulié

Although LLMs have shown promising potential in vulnerability detection, this study reveals their limitations in distinguishing between vulnerable and similar-but-benign patched code (only 0.06 - 0.14 accuracy). It shows that LLMs struggle…

Software Engineering · Computer Science 2025-06-18 Xueying Du , Geng Zheng , Kaixin Wang , Yi Zou , Yujia Wang , Wentai Deng , Jiayi Feng , Mingwei Liu , Bihuan Chen , Xin Peng , Tao Ma , Yiling Lou

With 5394 security certificates of IT products and systems, the Common Criteria for Information Technology Security Evaluation have bred an ecosystem entangled with various kind of relations between the certified products. Yet, the…

Cryptography and Security · Computer Science 2024-08-20 Adam Janovsky , Łukasz Chmielewski , Petr Svenda , Jan Jancar , Vashek Matyas

Cargo, the software packaging manager of Rust, provides a yank mechanism to support release-level deprecation, which can prevent packages from depending on yanked releases. Most prior studies focused on code-level (i.e., deprecated APIs)…

Software Engineering · Computer Science 2022-03-21 Hao Li , Filipe R. Cogo , Cor-Paul Bezemer

Background: Widespread use of third-party libraries makes ecosystems like Node Package Manager (npm) critical to modern software development. However, this interconnected chain of dependencies also creates challenges: bugs in one library…

Software Engineering · Computer Science 2025-11-10 Mohammadreza Saeidi , Ethan Thoma , Raula Gaikovina Kula , Gema Rodríguez-Pérez

An approach is developed for analyzing computer networks to identify systems and accounts that are at particular risk of compromise by an adversary seeking to move laterally through the network via authentication. The dynamics of the…

Cryptography and Security · Computer Science 2019-08-27 Brian A. Powell

In a network, a local disturbance can propagate and eventually cause a substantial part of the system to fail, in cascade events that are easy to conceptualize but extraordinarily difficult to predict. Here, we develop a statistical…

Physics and Society · Physics 2017-02-07 Yang Yang , Takashi Nishikawa , Adilson E. Motter

The popularity of JavaScript has lead to a large ecosystem of third-party packages available via the npm software package registry. The open nature of npm has boosted its growth, providing over 800,000 free and reusable software packages.…

Cryptography and Security · Computer Science 2019-06-10 Markus Zimmermann , Cristian-Alexandru Staicu , Cam Tenny , Michael Pradel

Vulnerabilities from third-party libraries (TPLs) have been unveiled to threaten the Maven ecosystem. Despite patches being released promptly after vulnerabilities are disclosed, the libraries and applications in the community still use the…

Software Engineering · Computer Science 2023-08-08 Lyuye Zhang , Chengwei Liu , Sen Chen , Zhengzi Xu , Lingling Fan , Lida Zhao , Yiran Zhang , Yang Liu

The problem of reliability of a large distributed system is analyzed via a new mathematical model. A typical framework is a system where a set of files are duplicated on several data servers. When one of these servers breaks down, all…

Probability · Mathematics 2017-06-05 Reza Aghajani , Philippe Robert , Wen Sun

There is an increasing trend to mine vulnerabilities from software repositories and use machine learning techniques to automatically detect software vulnerabilities. A fundamental but unresolved research question is: how do different…

Software Engineering · Computer Science 2024-06-07 Esma Mouine , Yan Liu , Lu Xiao , Rick Kazman , Xiao Wang

Throughout computer history, it has been repeatedly demonstrated that critical software vulnerabilities can significantly affect the components involved. In the Free/Libre and Open Source Software (FLOSS) ecosystem, most software is…

Software Engineering · Computer Science 2025-02-13 Stefan Tatschner , Michael P. Heinl , Nicole Pappler , Tobias Specht , Sven Plaga , Thomas Newe
‹ Prev 1 3 4 5 6 7 10 Next ›