English
Related papers

Related papers: Operational Runtime Behavior Mining for Open-Sourc…

200 papers

Open-source software serves as a foundation for the internet and the cyber supply chain, but its exploitation is becoming increasingly prevalent. While advances in vulnerability detection for OSS have been significant, prior research has…

Cryptography and Security · Computer Science 2024-12-02 Zhuoran Tan , Christos Anagnosstopoulos , Jeremy Singer

Open-source software (OSS) is a critical part of the software supply chain. Recent social engineering attacks against OSS development teams have enabled attackers to become code contributors and later inject malicious code or…

Software Engineering · Computer Science 2021-07-05 Luiz Giovanini , Daniela Oliveira , Huascar Sanchez , Deborah Shands

Most of the current software security analysis tools assess vulnerabilities in isolation. However, sophisticated software supply chain security threats often stem from cascaded vulnerability and security weakness chains that span dependent…

Software Engineering · Computer Science 2026-01-29 Laura Baird , Armin Moin

Open-source software (OSS) dependencies introduce systemic risks that are difficult to manage at scale. Existing Software Composition Analysis (SCA) and reachability tools generate severe alert fatigue by treating risk as an intrinsic…

Software Engineering · Computer Science 2026-05-04 Henry Ruckman-Utting , Vrushal Nedungadi , Taiga Okuma , LeTian Wang , Stephen Ehebald , Mohammad A. Tayebi

Audit trails are evidential indications of activities performers in any logs. Modern reactive systems such as transaction processing systems, management information systems, decision support systems and even executive management systems log…

Software Engineering · Computer Science 2023-08-02 Patrick Mukala

Agile and DevOps are widely adopted by the industry. Hence, integrating security activities with industrial practices, such as continuous integration (CI) pipelines, is necessary to detect security flaws and adhere to regulators' demands…

Software Engineering · Computer Science 2024-01-17 Florian Angermeir , Markus Voggenreiter , Fabiola Moyón , Daniel Mendez

The increasingly sophisticated environment in which attackers operate makes software security an even greater challenge in open-source projects, where malicious packages are prevalent. Static analysis tools, such as Malcontent, are highly…

Cryptography and Security · Computer Science 2026-01-27 Duc-Ly Vu , Thanh-Cong Nguyen , Minh-Khanh Vu , Ngoc-Thanh Nguyen , Kim-Anh Do Thi

It is hard to operate and debug systems like OpenStack that integrate many independently developed modules with multiple levels of abstractions. A major challenge is to navigate through the complex dependencies and relationships of the…

Distributed, Parallel, and Cluster Computing · Computer Science 2016-06-21 Yong Xiang , Hu Li , Sen Wang , Wei Xu

Runtime verification or runtime monitoring equips safety-critical cyber-physical systems to augment design assurance measures and ensure operational safety and security. Cyber-physical systems have interaction failures, attack surfaces, and…

Software Engineering · Computer Science 2022-06-23 Smitha Gautham , Georgios Bakirtzis , Alexander Will , Athira V. Jayakumar , Carl R. Elks

Empirical studies of research software are hard to compare because the literature operationalizes ``research software'' inconsistently. Motivated by the research software supply chain (RSSC) and its security risks, we introduce an…

Software Engineering · Computer Science 2026-04-15 Kelechi G. Kalu , Soham Rattan , Taylor R. Schorlemmer , George K. Thiruvathukal , Jeffrey C. Carver , James C. Davis

Open Source Software (OSS) projects follow diverse lifecycle trajectories shaped by evolving patterns of contribution, coordination, and community engagement. Understanding these trajectories is essential for stakeholders seeking to assess…

Software Engineering · Computer Science 2026-02-16 S M Rakib Ul Karim , Wenyi Lu , Enock Kasaadha , Sean Goggins

The use of free and open source software (FOSS) components in all software systems is estimated to be above 90%. With such high usage and because of the heterogeneity of FOSS tools, repositories, developers and ecosystem, the level of…

Cryptography and Security · Computer Science 2023-11-21 Luıs Soeiro , Thomas Robert , Stefano Zacchiroli

Open-Source Projects and Libraries are being used in software development while also bearing multiple security vulnerabilities. This use of third party ecosystem creates a new kind of attack surface for a product in development. An…

Software Engineering · Computer Science 2018-08-15 Lorenzo Neil , Sudip Mittal , Anupam Joshi

In modern software development workflows, the open-source software supply chain contributes significantly to efficient and convenient engineering practices. With increasing system complexity, using open-source software as third-party…

Software Engineering · Computer Science 2025-11-18 Zihe Yan , Kai Luo , Haoyu Yang , Yang Yu , Zhuosheng Zhang , Guancheng Li

Offline runtime verification involves the static analysis of executions of a system against a specification. For distributed systems, it is generally not possible to characterize executions in the form of global traces, given the absence of…

Software Engineering · Computer Science 2024-03-06 Erwan Mahe , Boutheina Bannour , Christophe Gaston , Arnault Lapitre , Pascale Le Gall

Software supply chain security compromises often stem from cascaded interactions of vulnerabilities, for example, between multiple vulnerable components. Yet, Software Bill of Materials (SBOM)-based pipelines for security analysis typically…

Software Engineering · Computer Science 2026-04-08 Laura Baird , Armin Moin

The software product is a source of cyber-attacks that target organizations by using their software supply chain as a distribution vector. As the reliance of software projects on open-source or proprietary modules is increasing drastically,…

Cryptography and Security · Computer Science 2023-05-24 Betul Gokkaya , Leonardo Aniello , Basel Halak

Operation technology networks, i.e. hard- and software used for monitoring and controlling physical/industrial processes, have been considered immune to cyber attacks for a long time. A recent increase of attacks in these networks proves…

Cryptography and Security · Computer Science 2021-11-09 Anna-Pia Lohfink , Simon D. Duque Anton , Hans Dieter Schotten , Heike Leitte , Christoph Garth

Due to the diversity and implicit redundancy in terms of processing units and compute kernels, off-the-shelf heterogeneous systems offer the opportunity to detect and tolerate faults during task execution in hardware as well as in software.…

Operating Systems · Computer Science 2014-05-14 Mario Kicherer , Wolfgang Karl

Process Mining is a famous technique which is frequently applied to Software Development Processes, while being neglected in Human-Computer Interaction (HCI) recommendation applications. Organizations usually train employees to interact…

Human-Computer Interaction · Computer Science 2019-05-17 Julian Theis , Houshang Darabi
‹ Prev 1 2 3 10 Next ›