English
Related papers

Related papers: DevPhish: Exploring Social Engineering in Software…

200 papers

The digital economy runs on Open Source Software (OSS), with an estimated 90\% of modern applications containing open-source components. While this widespread adoption has revolutionized software development, it has also created critical…

Software Engineering · Computer Science 2025-04-25 Piotr Przymus , Thomas Durieux

Recent years have shown increased cyber attacks targeting less secure elements in the software supply chain and causing fatal damage to businesses and organizations. Past well-known examples of software supply chain attacks are the…

Cryptography and Security · Computer Science 2023-08-15 William Enck , Yasemin Acar , Michel Cukier , Alexandros Kapravelos , Christian Kästner , Laurie Williams

Today's digital ecosystem relies heavily on software supply chains, which enable developers to reuse code and ship software at scale. However, a single vulnerable component can jeopardize the entire supply chain. In recent years,…

Cryptography and Security · Computer Science 2026-05-29 Md Atiqur Rahman , Yasemin Acar , Michel Cucker , William Enck , Alexandros Kapravelos , Christian Kastner , Dominik Wermke , Laurie Williams

This paper attempts to strengthen the pursued research on social engineering (SE) threat identification, and control, by means of the author's illustrated classification, which includes attack types, determining the degree of possible harm…

Cryptography and Security · Computer Science 2019-02-25 V. Y. Sokolov , O. Y. Korzhenko

This research considers the impact of social engineering security attacks which are noted as taking opportunities for critically exploiting user awareness and behavior. The research proposes in this respect a managerial method in an attempt…

Cryptography and Security · Computer Science 2015-07-10 Tolga Mataracioglu , Sevgi Ozkan , Ray Hackney

In recent years, various software supply chain (SSC) attacks have posed significant risks to the global community. Severe consequences may arise if developers integrate insecure code snippets that are vulnerable to SSC attacks into their…

Cryptography and Security · Computer Science 2025-09-25 Xiaofan Li , Xing Gao

Software supply chains, while providing immense economic and software development value, are only as strong as their weakest link. Over the past several years, there has been an exponential increase in cyberattacks specifically targeting…

Recent years have shown increased cyber attacks targeting less secure elements in the software supply chain and causing fatal damage to businesses and organizations. Past well-known examples of software supply chain attacks are the…

Cryptography and Security · Computer Science 2023-08-01 Trevor Dunlap , Yasemin Acar , Michel Cucker , William Enck , Alexandros Kapravelos , Christian Kastner , Laurie Williams

With the wave of high-profile supply chain attacks targeting development and client organizations, supply chain security has recently become a focal point. As a result, there is an elevated discussion on securing the development environment…

Search Based Software Engineering (SBSE) is an emerging discipline that focuses on the application of search-based optimization techniques to software engineering problems. The capacity of SBSE techniques to tackle problems involving large…

Software Engineering · Computer Science 2014-06-12 Roberto E. Lopez-Herrejon , Javier Ferrer , Francisco Chicano , Lukas Linsbauer , Alexander Egyed , Enrique Alba

With the increasing reliance on software and automation nowadays, tight deadlines, limited resources, and prioritization of functionality over security can lead to insecure coding practices. When not handled properly, these constraints…

Software Engineering · Computer Science 2025-07-16 Chaima Boufaied , Taher Ghaleb , Zainab Masood

Recent years have shown increased cyber attacks targeting less secure elements in the software supply chain and causing fatal damage to businesses and organizations. Past well-known examples of software supply chain attacks are the…

Cryptography and Security · Computer Science 2023-07-31 Mindy Tran , Yasemin Acar , Michel Cucker , William Enck , Alexandros Kapravelos , Christian Kastner , Laurie Williams

Modern software supply chain attacks consist of introducing new, malicious capabilities into trusted third-party software components, in order to propagate to a victim through a package dependency chain. These attacks are especially…

Cryptography and Security · Computer Science 2025-05-21 Carmine Cesarano , Martin Monperrus , Roberto Natella

There are plenty of security software in market; each claiming the best, still we daily face problem of viruses and other malicious activities. If we know the basic working principal of such malware then we can very easily prevent most of…

Cryptography and Security · Computer Science 2011-01-20 Mosin Hasan , Nilesh Prajapati , Safvan Vohara

Using open-source dependencies is essential in modern software development. However, this practice implies significant trust in third-party code, while there is little support for developers to assess this trust. As a consequence, attacks…

Software Engineering · Computer Science 2025-09-08 Raphina Liu , Sofia Bobadilla , Benoit Baudry , Martin Monperrus

The software build process transforms source code into deployable artifacts, representing a critical yet vulnerable stage in software development. Build infrastructure security poses unique challenges: the complexity of multi-component…

Software engineers are responsible for developing, maintaining, and innovating software. To hire software engineers, organizations employ a tech hiring pipeline. This process typically consists of a series of steps to evaluate the extent to…

Software Engineering · Computer Science 2025-04-10 Chris Brown , Swanand Vaishampayan

Cyber attacks leveraging or targeting the software supply chain, such as the SolarWinds and the Log4j incidents, affected thousands of businesses and their customers, drawing attention from both industry and government stakeholders. To…

Cryptography and Security · Computer Science 2024-08-30 Nusrat Zahan , Yasemin Acar , Michel Cukier , William Enck , Christian Kästner , Alexandros Kapravelos , Dominik Wermke , Laurie Williams

To meet the ever-growing need for performance in silicon devices, SoC providers have been increasingly relying on software-hardware cooperation. By controlling hardware resources such as power or clock management from the software,…

Cryptography and Security · Computer Science 2021-11-03 Joseph Gravellier , Jean-Max Dutertre , Yannick Teglia , Philippe Loubet Moundi

Secure software engineering is a fundamental activity in modern software development. However, while the field of security research has been advancing quite fast, in practice, there is still a vast knowledge gap between the security experts…

Software Engineering · Computer Science 2021-04-09 Vivek Arora , Enrique Larios Vargas , Maurício Aniche , Arie van Deursen