English
Related papers

Related papers: What's in a Package? Getting Visibility Into Depen…

200 papers

Reusable software components, typically distributed as packages, are a central paradigm of modern software development. The JavaScript ecosystem serves as a prime example, offering millions of packages with their use being promoted as…

Software Engineering · Computer Science 2026-01-26 Ben Swierzy , Marc Ohm , Michael Meier

Protocol detection is the process of determining the application layer protocol in the context of network security monitoring, which requires a timely and precise decision to enable protocol-specific deep packet inspection. This task has…

Networking and Internet Architecture · Computer Science 2019-12-10 Jan Grashöfer , Christian Titze , Hannes Hartenstein

Blindspots in APIs can cause software engineers to introduce vulnerabilities, but such blindspots are, unfortunately, common. We study the effect APIs with blindspots have on developers in two languages by replicating an 109-developer,…

Software Engineering · Computer Science 2021-03-11 Yuriy Brun , Tian Lin , Jessie Elise Somerville , Elisha Myers , Natalie C. Ebner

Due to Android's open source feature and low barriers to entry for developers, millions of developers and third-party organizations have been attracted into the Android ecosystem. However, over 90 percent of mobile malware are found…

Cryptography and Security · Computer Science 2019-06-26 Bin Zhao

Web communication has become an indispensable characteristic of mobile apps. However, it is not clear what data the apps transmit, to whom, and what consequences such transmissions have. We analyzed the web communications found in mobile…

Cryptography and Security · Computer Science 2020-06-03 Pascal Gadient , Mohammad Ghafari , Marc-Andrea Tarnutzer , Oscar Nierstrasz

The stack-based access control mechanism plays a fundamental role in the security architecture of Java and Microsoft CLR (common language runtime). It is enforced at runtime by inspecting methods in the current call stack for granted…

Cryptography and Security · Computer Science 2013-10-15 Xin Li , Hua Vy Le Thanh

This paper examines software vulnerabilities in common Python packages used particularly for web development. The empirical dataset is based on the PyPI package repository and the so-called Safety DB used to track vulnerabilities in…

Software Engineering · Computer Science 2019-03-12 Jukka Ruohonen

Nowadays, invoking third party code increasingly involves calling web services via their web APIs, as opposed to the more traditional scenario of downloading a library and invoking the library's API. However, there are also new challenges…

Software Engineering · Computer Science 2017-05-19 Erik Wittern , Annie Ying , Yunhui Zheng , Jim A. Laredo , Julian Dolby , Christopher C. Young , Aleksander A. Slominski

Open source software ecosystems consist of thousands of interdependent libraries, which users can combine to great effect. Recent work has pointed out two kinds of risks in these systems: that technical problems like bugs and…

Software Engineering · Computer Science 2022-05-11 William Schueller , Johannes Wachs

The Model Context Protocol (MCP) has emerged as a widely adopted mechanism for connecting large language models to external tools and resources. While MCP promises seamless extensibility and rich integrations, it also introduces a…

Cryptography and Security · Computer Science 2025-07-10 Zhihao Li , Kun Li , Boyang Ma , Minghui Xu , Yue Zhang , Xiuzhen Cheng

Developers are increasingly using services such as Dependabot to automate dependency updates. However, recent research has shown that developers perceive such services as unreliable, as they heavily rely on test coverage to detect conflicts…

Software Engineering · Computer Science 2021-09-27 Joseph Hejderup , Georgios Gousios

APIs (Application Programming Interfaces) or Web Services are the foundational building blocks that enable interconnected systems. However this proliferation of APIs has also introduced security challenges that require systematic and…

Cryptography and Security · Computer Science 2025-07-24 Senthilkumar Gopal

Dependency analysis is a technique to identify and determine data dependencies between service protocols. Protocols evolving concurrently in the service composition need to impose an order in their execution if there exist data…

Software Engineering · Computer Science 2010-07-30 Javier Cubo , Ernesto Pimentel , Gwen Salaün , Carlos Canal

Traditionally, software APIs (application programming interfaces) have been viewed from a technical perspective, as a means to separate implementation from functional calls, and as a way to define a contract of software functionality. The…

Software Engineering · Computer Science 2019-11-05 Jennifer Horkoff , Juho Lindman , Imed Hammouda , Eric Knauss

Defects in requirements specifications can have severe consequences during the software development lifecycle. Some of them may result in poor product quality and/or time and budget overruns due to incorrect or missing quality…

Software Engineering · Computer Science 2020-09-09 Hugo Villamizar , Marcos Kalinowski , Alessandro Garcia , Daniel Mendez Fernández

The OSGi Platform finds a growing interest in two different applications domains: embedded systems, and applications servers. However, the security properties of this platform are hardly studied, which is likely to hinder its use in…

Cryptography and Security · Computer Science 2011-11-10 Pierre Parrend , Stéphane Frénot

Package managers are legion. Every programming language and operating system has its own solution, each with subtly different semantics for dependency resolution. This fragmentation prevents multilingual projects from expressing precise…

Programming Languages · Computer Science 2026-02-24 Ryan Gibb , Patrick Ferris , David Allsopp , Thomas Gazagnaire , Anil Madhavapeddy

Dependency management in modern software development poses many challenges for developers who wish to stay up to date with the latest features and fixes whilst ensuring backwards compatibility. Project maintainers have opted for varied, and…

Software Engineering · Computer Science 2021-10-19 Abbas Javan Jafari , Diego Elias Costa , Rabe Abdalkareem , Emad Shihab , Nikolaos Tsantalis

Developers rely on third-party library Application Programming Interfaces (APIs) when developing software. However, libraries typically come with assumptions and API usage constraints, whose violation results in API misuse. API misuses may…

Software Engineering · Computer Science 2026-04-17 Akalanka Galappaththi , Sarah Nadi , Christoph Treude

Choosing authentication schemes for a specific purpose is challenging for service providers, developers, and researchers. Previous ratings of technical and objective aspects showed that available schemes all have strengths and limitations.…

Human-Computer Interaction · Computer Science 2022-09-29 Verena Zimmermann , Paul Gerber , Alina Stöver
‹ Prev 1 3 4 5 6 7 10 Next ›