English
Related papers

Related papers: SBOM.EXE: Countering Dynamic Code Injection based …

200 papers

Exceptions are a commodity hardware functionality which is central to multi-tasking OSes as well as event-driven user applications. Normally, the OS assists the user application by lifting the semantics of exceptions received from hardware…

Cryptography and Security · Computer Science 2021-10-14 Jinhua Cui , Jason Zhijingcheng Yu , Shweta Shinde , Prateek Saxena , Zhiping Cai

Malicious software threats and their detection have been gaining importance as a subdomain of information security due to the expansion of ICT applications in daily settings. A major challenge in designing and developing anti-malware…

Cryptography and Security · Computer Science 2021-01-15 Cengiz Acarturk , Melih Sirlanci , Pinar Gurkan Balikcioglu , Deniz Demirci , Nazenin Sahin , Ozge Acar Kucuk

Open source C code underpins society's computing infrastructure. Decades of work has helped harden C code against attackers, but C projects do not consist of only C code. C projects also contain build system code for automating development…

Software Engineering · Computer Science 2026-01-15 Brent Pappas , Paul Gazzillo

The use of unsafe programming languages still remains one of the major root causes of software vulnerabilities. Although well-known defenses that detect and mitigate memory-safety related issues exist, they don't address the challenge of…

Cryptography and Security · Computer Science 2023-04-24 Merve Gülmez , Thomas Nyman , Christoph Baumann , Jan Tobias Mühlberg

Nowadays, an increasing number of applications uses deserialization. This technique, based on rebuilding the instance of objects from serialized byte streams, can be dangerous since it can open the application to attacks such as remote code…

Cryptography and Security · Computer Science 2022-08-18 Imen Sayar , Alexandre Bartel , Eric Bodden , Yves Le Traon

Software vulnerabilities continue to be the primary cause of cyberattacks. It is crucial to identify vulnerabilities in applications' source code before attackers gain access to them and exploit any vulnerability they may contain.…

Software Engineering · Computer Science 2026-05-26 Jorge Martins , David Dantas , Rafael Ramires , Bernardo Ferreira , Ibéria Medeiros

Identifying the impact scope and scale is critical for software supply chain vulnerability assessment. However, existing studies face substantial limitations. First, prior studies either work at coarse package-level granularity, producing…

Software Engineering · Computer Science 2025-10-10 Bonan Ruan , Zhiwei Lin , Jiahao Liu , Chuqi Zhang , Kaihang Ji , Zhenkai Liang

We introduce a scalable, modular, and sound approach for automatically constructing formal security specifications for Java bytecode programs in the form of method summaries. A summary provides an abstract representation of a method's…

Cryptography and Security · Computer Science 2025-12-24 Narges Khakpour , Nicolas Berthier

Open-source software (OSS) is a critical part of the software supply chain. Recent social engineering attacks against OSS development teams have enabled attackers to become code contributors and later inject malicious code or…

Software Engineering · Computer Science 2021-07-05 Luiz Giovanini , Daniela Oliveira , Huascar Sanchez , Deborah Shands

Widespread use of memory unsafe programming languages (e.g., C and C++) leaves many systems vulnerable to memory corruption attacks. A variety of defenses have been proposed to mitigate attacks that exploit memory errors to hijack the…

Cryptography and Security · Computer Science 2018-03-13 Thomas Nyman , Ghada Dessouky , Shaza Zeitouni , Aaro Lehikoinen , Andrew Paverd , N. Asokan , Ahmad-Reza Sadeghi

When large language model (LLM) systems interact with external data to perform complex tasks, a new attack, namely prompt injection, becomes a significant threat. By injecting instructions into the data accessed by the system, the attacker…

Cryptography and Security · Computer Science 2025-08-26 Sizhe Chen , Yizhu Wang , Nicholas Carlini , Chawin Sitawarin , David Wagner

Context: In C, low-level errors, such as buffer overflow and use-after-free, are a major problem, as they cause security vulnerabilities and hard-to-find bugs. C lacks automatic checks, and programmers cannot apply defensive programming…

Programming Languages · Computer Science 2017-12-05 Manuel Rigger , Rene Mayrhofer , Roland Schatz , Matthias Grimmer , Hanspeter Mössenböck

Conventional approaches for ensuring the security of application software at run-time, through monitoring, either produce (high rates of) false alarms (e.g. intrusion detection systems) or limit application performance (e.g. run-time…

Cryptography and Security · Computer Science 2016-01-19 Muhammad Taimoor Khan , Dimitrios Serpanos , Howard Shrobe

A major part of debugging, testing, and analyzing a complex software system is understanding what is happening within the system at run-time. Some developers advocate running within a debugger to better understand the system at this level.…

Software Engineering · Computer Science 2007-05-23 Joseph R. Kiniry

The proliferation of Internet of Things (IoT) devices has introduced significant security challenges, primarily due to the opacity of firmware components and the complexity of supply chain dependencies. IoT firmware frequently relies on…

Cryptography and Security · Computer Science 2026-01-06 Abdurrahman Tolay

The software supply chain attacks are becoming more and more focused on trusted development and delivery procedures, so the conventional post-build integrity mechanisms cannot be used anymore. The available frameworks like SLSA, SBOM and in…

Cryptography and Security · Computer Science 2025-12-30 Toqeer Ali Syed , Mohammad Riyaz Belgaum , Salman Jan , Asadullah Abdullah Khan , Saad Said Alqahtani

The liberalization of software licensing has led to unprecedented re-use of software. Alongside drastically increasing productivity and arguably quality of derivative works, it has also introduced multiple attack vectors. The management of…

Software Engineering · Computer Science 2023-02-20 Aarnav M. Bos

The rapid proliferation of the Internet of Things (IoT) continues to expose critical security vulnerabilities, necessitating the development of efficient and robust intrusion detection systems (IDS). Machine learning-based intrusion…

Cryptography and Security · Computer Science 2025-09-11 Jing Chen , Onat Gungor , Zhengli Shang , Tajana Rosing

In this work we present the Secure Machine, SeM for short, a CPU architecture extension for secure computing. SeM uses a small amount of in-chip additional hardware that monitors key communication channels inside the CPU chip, and only acts…

Cryptography and Security · Computer Science 2018-03-13 Ofir Shwartz , Yitzhak Birk

The increasing development speed via Agile may introduce overlooked security steps in the process, with an example being the Iowa Caucus application. Verifying the protection of confidential information such as social security numbers…

Cryptography and Security · Computer Science 2022-01-20 Miles Frantz
‹ Prev 1 4 5 6 7 8 10 Next ›