English
Related papers

Related papers: Time to Separate from StackOverflow and Match with…

200 papers

Previous research has shown that crypto APIs are hard for developers to understand and difficult for them to use. They consequently rely on unvalidated boilerplate code from online resources where security vulnerabilities are common. We…

Cryptography and Security · Computer Science 2019-08-06 Mohammadreza Hazhirpasand , Mohammad Ghafari , Stefan Krüger , Eric Bodden , Oscar Nierstrasz

Java platform and third-party libraries provide various security features to facilitate secure coding. However, misusing these features can cost tremendous time and effort of developers or cause security vulnerabilities in software. Prior…

Cryptography and Security · Computer Science 2017-09-29 Na Meng , Stefan Nagy , Daphne Yao , Wenjie Zhuang , Gustavo Arango Argoty

Prior research has shown that cryptography is hard to use for developers. We aim to understand what cryptography issues developers face in practice. We clustered 91954 cryptography-related questions on the Stack Overflow website, and…

Cryptography and Security · Computer Science 2021-08-17 Mohammadreza Hazhirpasand , Oscar Nierstrasz , Mohammadhossein Shabani , Mohammad Ghafari

Stack Overflow and other similar forums are used commonly by developers to seek answers for their software development as well as privacy-related concerns. Recently, ChatGPT has been used as an alternative to generate code or produce…

Software Engineering · Computer Science 2024-06-13 Zack Delile , Sean Radel , Joe Godinez , Garrett Engstrom , Theo Brucker , Kenzie Young , Sepideh Ghanavati

[Background] Previous research has shown that developers commonly misuse cryptography APIs. [Aim] We have conducted an exploratory study to find out how crypto APIs are used in open-source Java projects, what types of misuses exist, and why…

Cryptography and Security · Computer Science 2020-09-03 Mohammadreza Hazhirpasand , Mohammad Ghafari , Oscar Nierstrasz

The correct adoption of cryptography APIs is challenging for mainstream developers, often resulting in widespread API misuse. Meanwhile, cryptography misuse detectors have demonstrated inconsistent performance and remain largely…

Cryptography and Security · Computer Science 2024-09-11 Ehsan Firouzi , Mohammad Ghafari , Mike Ebrahimi

Cryptography misuses are prevalent in the wild. Crypto APIs are hard to use for developers, and static analysis tools do not detect every misuse. We developed SafEncrypt, an API that streamlines encryption tasks for Java developers. It is…

Cryptography and Security · Computer Science 2024-09-10 Ehsan Firouzi , Ammar Mansuri , Mohammad Ghafari , Maziar Kaveh

Sonatype's 2023 report found that 97% of developers and security leads integrate generative Artificial Intelligence (AI), particularly Large Language Models (LLMs), into their development process. Concerns about the security implications of…

Software Engineering · Computer Science 2025-07-24 Sivana Hamer , Marcelo d'Amorim , Laurie Williams

Recent studies have shown that developers have difficulties in using cryptographic APIs, which often led to security flaws. We are interested to tackle this matter by looking into what types of problems exist in various crypto libraries. We…

Cryptography and Security · Computer Science 2021-11-03 Mohammadreza Hazhirpasand , Oscar Nierstrasz , Mohammad Ghafari

We surveyed 97 developers who had used cryptography in open-source projects, in the hope of identifying developer security and cryptography practices. We asked them about individual and company-level practices, and divided respondents into…

Cryptography and Security · Computer Science 2021-10-01 Mohammadreza Hazhirpasand , Oscar Nierstrasz , Mohammad Ghafari

Previous studies have shown that cryptography is hard for developers to use and misusing cryptography leads to severe security vulnerabilities. We studied relevant vulnerability reports on the HackerOne bug bounty platform to understand…

Cryptography and Security · Computer Science 2021-11-09 Mohammadreza Hazhirpasand , Mohammad Ghafari

The increasing trend of using Large Language Models (LLMs) for code generation raises the question of their capability to generate trustworthy code. While many researchers are exploring the utility of code generation for uncovering software…

Cryptography and Security · Computer Science 2024-04-08 Zahra Mousavi , Chadni Islam , Kristen Moore , Alsharif Abuadbba , Muhammad Ali Babar

Given programming languages can provide different types and levels of security support, it is critically important to consider security aspects while selecting programming languages for developing software systems. Inadequate consideration…

Software Engineering · Computer Science 2021-11-29 Roland Croft , Yongzheng Xie , Mansooreh Zahedi , M. Ali Babar , Christoph Treude

Research has shown that cryptographic APIs are hard to use. Consequently, developers resort to using code examples available in online information sources that are often not secure. We have developed a web platform, named CryptoExplorer,…

Software Engineering · Computer Science 2020-01-06 Mohammadreza Hazhirpasand , Mohammad Ghafari , Oscar Nierstrasz

Upon release, ChatGPT3.5 shocked the software engineering community by its ability to generate answers to specialized questions about coding. Immediately, many educators wondered if it was possible to use the chatbot as a support tool that…

Computers and Society · Computer Science 2024-11-27 Yaiza Aragonés-Soria , Julia Kotovich , Chitsutha Soomlek , Manuel Oriol

Software engineers have historically relied on human-powered Q&A platforms like Stack Overflow (SO) as coding aids. With the rise of generative AI, developers have started to adopt AI chatbots, such as ChatGPT, in their software development…

Human-Computer Interaction · Computer Science 2025-02-24 Jiachen Li , Elizabeth Mynatt , Varun Mishra , Jonathan Bell

Social Coding Platforms (SCPs) like GitHub have become central to modern software engineering thanks to their collaborative and version-control features. Like in mainstream Online Social Networks (OSNs) such as Facebook, users of SCPs are…

Software Engineering · Computer Science 2023-03-06 Nicolás E. Díaz Ferreyra , Abdessamad Imine , Melina Vidoni , Riccardo Scandariato

Recently, the large language models (LLMs) have shown extraordinary ability in understanding natural language and generating programming code. It has been a common practice of software engineers to consult LLMs when encountering coding…

Computation and Language · Computer Science 2024-01-30 Li Zhong , Zilong Wang

The widespread adoption of conversational LLMs for software development has raised new security concerns regarding the safety of LLM-generated content. Our motivational study outlines ChatGPT's potential in volunteering context-specific…

Software Engineering · Computer Science 2025-04-07 Amirali Sajadi , Binh Le , Anh Nguyen , Kostadin Damevski , Preetha Chatterjee

Writing secure code is challenging and so it is expected that, following the release of code-generative AI tools, such as ChatGPT and GitHub Copilot, developers will use these tools to perform security tasks and use security APIs. However,…

Software Engineering · Computer Science 2024-07-09 Nikhil Patnaik , Joseph Hallett , Awais Rashid
‹ Prev 1 2 3 10 Next ›