English
Related papers

Related papers: IssueGuard: Real-Time Secret Leak Prevention Tool …

200 papers

Cache side-channel attacks extract secrets by examining how victim software accesses cache. To date, practical attacks on cryptosystems and media libraries are demonstrated under different scenarios, inferring secret keys and reconstructing…

Cryptography and Security · Computer Science 2022-10-04 Yuanyuan Yuan , Zhibo Liu , Shuai Wang

Source code reviews are manual, time-consuming, and expensive. Human involvement should be focused on analyzing the most relevant aspects of the program, such as logic and maintainability, rather than amending style, syntax, or formatting…

Machine Learning · Computer Science 2019-04-02 Vadim Markovtsev , Waren Long , Hugo Mougard , Konstantin Slavnov , Egor Bulychev

Issue Tracking Systems (ITSs), such as GitHub and Jira, are popular tools that support Software Engineering (SE) organisations through the management of ``issues'', which represent different SE artefacts such as requirements, development…

Software Engineering · Computer Science 2025-07-10 Lloyd Montgomery

Memory disclosure attacks play an important role in the exploitation of memory corruption vulnerabilities. By analyzing recent research, we observe that bypasses of defensive solutions that enforce control-flow integrity or attempt to…

Cryptography and Security · Computer Science 2020-07-08 Robert Gawlik , Philipp Koppe , Benjamin Kollenda , Andre Pawlowski , Behrad Garmany , Thorsten Holz

As the number of web applications and API endpoints exposed to the Internet continues to grow, so does the number of exploitable vulnerabilities. Manually identifying such vulnerabilities is tedious. Meanwhile, static security scanners tend…

Cryptography and Security · Computer Science 2025-12-17 Felix Mächtle , Nils Loose , Tim Schulz , Florian Sieck , Jan-Niclas Serr , Ralf Möller , Thomas Eisenbarth

We consider secure multi-terminal source coding problems in the presence of a public helper. Two main scenarios are studied: 1) source coding with a helper where the coded side information from the helper is eavesdropped by an external…

Information Theory · Computer Science 2013-07-05 Kittipong Kittichokechai , Yeow-Khiang Chia , Tobias J. Oechtering , Mikael Skoglund , Tsachy Weissman

LLMs can generate factually incorrect statements even when provided access to reference documents. Such errors can be dangerous in high-stakes applications (e.g., document-grounded QA for healthcare or finance). We present GenAudit -- a…

Computation and Language · Computer Science 2025-01-22 Kundan Krishna , Sanjana Ramprasad , Prakhar Gupta , Byron C. Wallace , Zachary C. Lipton , Jeffrey P. Bigham

An important goal for programmers is to minimize cost of identifying and correcting defects in source code. Code review is commonly used for identifying programming defects. However, manual code review has some shortcomings: a) it is time…

Software Engineering · Computer Science 2018-09-13 Balwinder Sodhi , Shipra Sharma

Despite recent advances, Large Language Models (LLMs) still generate vulnerable code. Retrieval-Augmented Generation (RAG) has the potential to enhance LLMs for secure code generation by incorporating external security knowledge. However,…

Cryptography and Security · Computer Science 2026-03-17 Jiahao Shi , Tianyi Zhang

The increasing complexity of modern software systems exacerbates the prevalence of security vulnerabilities, posing risks of severe breaches and substantial economic loss. Consequently, robust code vulnerability detection is essential for…

Cryptography and Security · Computer Science 2025-10-09 Zhiyuan Wei , Xiaoxuan Yang , Jing Sun , Zijian Zhang

The inherent determinism of blockchain technology poses a significant challenge to generating secure random numbers within smart contracts, leading to exploitable vulnerabilities, particularly in decentralized finance (DeFi) ecosystems and…

Cryptography and Security · Computer Science 2025-10-22 Hadis Rezaei , Ahmed Afif Monrat , Karl Andersson , Francesco Flammini

Throughout 2021, GitGuardian's monitoring of public GitHub repositories revealed a two-fold increase in the number of secrets (database credentials, API keys, and other credentials) exposed compared to 2020, accumulating more than six…

Software Engineering · Computer Science 2023-01-31 Setu Kumar Basak , Lorenzo Neil , Bradley Reaves , Laurie Williams

A new MS Excel application has been developed which seeks to reduce the risks associated with the development, operation and auditing of Excel spreadsheets. FormulaDataSleuth provides a means of checking spreadsheet formulas and data as…

Human-Computer Interaction · Computer Science 2008-07-21 Bill Bekenn , Ray Hooper

Recent progress in video generative models has enabled the creation of high-quality videos from multimodal prompts that combine text and images. While these systems offer enhanced controllability, they also introduce new safety risks, as…

Computer Vision and Pattern Recognition · Computer Science 2025-11-27 Ruize Ma , Minghong Cai , Yilei Jiang , Jiaming Han , Yi Feng , Yingshui Tan , Xiaoyong Zhu , Bo Zhang , Bo Zheng , Xiangyu Yue

OpenClaw's ClawHub marketplace hosts tens of thousands of community-contributed agent skills (49,592 in our 2026-04-04 snapshot), and recent audits report that 13-26% contain security vulnerabilities. Regex scanners miss obfuscated…

Cryptography and Security · Computer Science 2026-05-27 Yinghan Hou , Zongyou Yang , Zaihu Pang , Xiujun Ma

Taint analysis is a security analysis technique used to track the flow of potentially dangerous data through an application and its dependent libraries. Investigating why certain unexpected flows appear and why expected flows are missing is…

Software Engineering · Computer Science 2025-12-05 Burak Yetiştiren , Hong Jin Kang , Miryung Kim

GitHub is one of the most widely used public code development platform. However, the code hosted publicly on the platform is vulnerable to commit spoofing that allows an adversary to introduce malicious code or commits into the repository…

Software Engineering · Computer Science 2025-04-29 Anupam Sharma , Sreyashi Karmakar , Gayatri Priyadarsini Kancherla , Abhishek Bichhawat

Collaborative content generation (CCG) enables collective creation of artifacts like scientific articles. Quality is a paramount concern in CCG, and a multitude of methods have been proposed to evaluate the quality of artifacts.…

Social and Information Networks · Computer Science 2025-07-29 Sadegh Sohani , Maliheh Shahryari , Salar Ghazi , Mohammad Allahbakhsh , Haleh Amintoosi , Boualem Benatallah

Static Application Security Testing tools help developers find security vulnerabilities before release, but they often produce many false positives. This increases manual review effort, reduces developer trust, and may cause real…

Cryptography and Security · Computer Science 2026-05-05 Mohd Ruhul Ameen , Md Takrim Ul Alam , Akif Islam

The widespread use of Large Language Models (LLMs) in text generation has raised increasing concerns about intellectual property disputes. Watermarking techniques, which embed meta information into AI-generated content (AIGC), have the…

Cryptography and Security · Computer Science 2026-04-15 Shangkun Che , Silin Du , Ge Gao