English
Related papers

Related papers: DevPhish: Exploring Social Engineering in Software…

200 papers

Social engineering through social media channels targeting organizational employees is emerging as one of the most challenging information security threats. Social engineering defies traditional security efforts due to the method of attack…

Cryptography and Security · Computer Science 2020-05-11 Heidi Wilcox , Maumita Bhattacharya

We provide an overview of the software engineering efforts and their impact in QMCPACK, a production-level ab-initio Quantum Monte Carlo open-source code targeting high-performance computing (HPC) systems. Aspects included are: (i)…

Cyber adversaries have increasingly leveraged social engineering attacks to breach large organizations and threaten the well-being of today's online users. One clever technique, the "watering hole" attack, compromises a legitimate website…

Cryptography and Security · Computer Science 2020-02-19 Zheyuan Ryan Shi , Aaron Schlenker , Brian Hay , Daniel Bittleston , Siyu Gao , Emily Peterson , John Trezza , Fei Fang

The intersection between security and continuous software engineering has been of great interest since the early years of the agile development movement, and it remains relevant as software development processes are more frequently guided…

Software Engineering · Computer Science 2024-01-15 Fabiola Moyón , Florian Angermeir , Daniel Mendez

Modern processors are highly optimized systems where every single cycle of computation time matters. Many optimizations depend on the data that is being processed. Software-based microarchitectural attacks exploit effects of these…

Cryptography and Security · Computer Science 2017-06-20 Daniel Gruss

Cyberattacks are becoming increasingly frequent and sophisticated, often exploiting the software supply chain (SSC) as an attack vector. Attack graphs provide a detailed representation of the sequence of events and vulnerabilities that…

Cryptography and Security · Computer Science 2025-11-17 Luıs Soeiro , Thomas Robert , Stefano Zacchiroli

Social engineering (SE) aims at deceiving users into performing actions that may compromise their security and privacy. These threats exploit weaknesses in human's decision making processes by using tactics such as pretext, baiting,…

Cryptography and Security · Computer Science 2024-01-12 Irfan Ozen , Karthika Subramani , Phani Vadrevu , Roberto Perdisci

Package managers have become a vital part of the modern software development process. They allow developers to reuse third-party code, share their own code, minimize their codebase, and simplify the build process. However, recent reports…

Cryptography and Security · Computer Science 2020-12-03 Ruian Duan , Omar Alrawi , Ranjita Pai Kasturi , Ryan Elder , Brendan Saltaformaggio , Wenke Lee

The SolarWinds attack, which exploited weaknesses in a software update mechanism, highlights the critical need for organizations to have better visibility into their software dependencies and potential vulnerabilities associated with them.…

Cryptography and Security · Computer Science 2025-04-23 Can Ozkan , Xinhai Zou , Dave Singelee

Power side-channel (PSC) attacks are widely used in embedded microcontrollers, particularly in cryptographic applications, to extract sensitive information. However, expanding the applications of PSC attacks to broader security contexts in…

Cryptography and Security · Computer Science 2025-01-09 Pouya Narimani , Meng Wang , Ulysse Planta , Ali Abbasi

In the last decade, a lot of effort has been put into securing software application during development in the software industry. Software security is a research field in this area which looks at how security can be weaved into software at…

Cryptography and Security · Computer Science 2014-01-27 Adetunji Adebiyi , Chris Imafidon

Social engineering scams (SES) has been existed since the adoption of the telecommunications by humankind. An earlier version of the scams include leveraging premium phone service to charge the consumers and service providers but not…

Computers and Society · Computer Science 2021-10-14 Rajasekhar Chaganti , Bharat Bhushan , Anand Nayyar , Azrour Mourade

Supply chain security has become a very important vector to consider when defending against adversary attacks. Due to this, more and more developers are keen on improving their supply chains to make them more robust against future threats.…

Cryptography and Security · Computer Science 2024-05-15 Greg Tystahl , Yasemin Acar , Michel Cukier , William Enck , Christian Kastner , Alexandros Kapravelos , Dominik Wermke , Laurie Williams

Open-Source Projects and Libraries are being used in software development while also bearing multiple security vulnerabilities. This use of third party ecosystem creates a new kind of attack surface for a product in development. An…

Software Engineering · Computer Science 2018-08-15 Lorenzo Neil , Sudip Mittal , Anupam Joshi

We systematize software side-channel attacks with a focus on vulnerabilities and countermeasures in the cryptographic implementations. Particularly, we survey past research literature to categorize vulnerable implementations, and identify…

Cryptography and Security · Computer Science 2019-12-13 Tianwei Zhang , Jun Jiang , Yinqian Zhang

A Software Bill of Materials (SBoM) is a detailed inventory of all components, libraries, and modules in a software artifact, providing traceability throughout the software supply chain. With the increasing popularity of JavaScript in…

Software Engineering · Computer Science 2024-08-30 Leo Song , Steven H. H. Ding , Yuan Tian , Li Tao Li , Philippe Charland , Andrew Walenstein

Supply chain security is extremely important for modern applications running at scale in the cloud. In fact, they involve a large number of heterogeneous microservices that also include third-party software. As a result, security…

Cryptography and Security · Computer Science 2025-10-08 Jacopo Bufalino , Mario Di Francesco , Agathe Blaise , Stefano Secci

In this research paper of secure software systems, authors have discussed what the proper development process is when it comes to creating a secure software, which will be suited for developers and relevent stakeholders alike. Secure…

Software Engineering · Computer Science 2021-01-01 Muhammad Danish Roshaidie , William Pang Han Liang , Calvin Goh Kai Jun , Kok Hong Yew , Fatima-tuz-Zahra

Research shows that phishing emails often utilize persuasion techniques, such as social proof, liking, consistency, authority, scarcity, and reciprocity to gain trust to obtain sensitive information or maliciously infect devices. The link…

Cryptography and Security · Computer Science 2024-12-25 Kalam Khadka , Abu Barkat Ullah , Wanli Ma , Elisa Martinez Marroquin

Supply chain security has become a very important vector to consider when defending against adversary attacks. Due to this, more and more developers are keen on improving their supply chains to make them more robust against future threats.…

Cryptography and Security · Computer Science 2025-04-02 Courtney Miller , William Enck , Yasemin Acar , Michel Cukier , Alexandros Kapravelos , Christian Kastner , Dominik Wermke , Laurie Williams