English
Related papers

Related papers: On Vulnerabilities, Constraints and Assumptions

200 papers

Qualifying and ranking threat degrees of vulnerabilities in cloud service are known to be full of challenges. Although there have been several efforts aiming to address this problem, most of them are too simple or cannot be applied into…

Cryptography and Security · Computer Science 2016-12-07 He Zhu

Many taxonomies exist to organize cybercrime incidents into ontological categories. We examine some of the taxonomies introduced in the literature; providing a framework, and analysis, of how best to leverage different taxonomy structures…

Methodology · Statistics 2025-08-15 Ryan Warnick

The Common Weakness Enumeration (CWE) is a prominent list of software weakness types. This list is used by vulnerability databases to describe the underlying security flaws within analyzed vulnerabilities. This linkage opens the possibility…

Cryptography and Security · Computer Science 2020-06-16 Peter Mell , Assane Gueye

Vulnerability detection plays a key role in secure software development. There are many different vulnerability detection tools and techniques to choose from, and insufficient information on which vulnerability detection techniques to use…

Software Engineering · Computer Science 2021-03-10 Sarah Elder

Empirical studies of research software are hard to compare because the literature operationalizes ``research software'' inconsistently. Motivated by the research software supply chain (RSSC) and its security risks, we introduce an…

Software Engineering · Computer Science 2026-04-15 Kelechi G. Kalu , Soham Rattan , Taylor R. Schorlemmer , George K. Thiruvathukal , Jeffrey C. Carver , James C. Davis

Quantum computing introduces unfamiliar security vulnerabilities demanding customized threat models. Hardware and software Trojans pose serious concerns needing rethinking from classical paradigms. This paper develops the first structured…

Cryptography and Security · Computer Science 2023-09-21 Subrata Das , Swaroop Ghosh

The ability to analyze network threats is very important in security research. Traditional approaches, involving sandboxing technology are limited to simulating a single host, missing local network attacks. This issue is addressed by…

Cryptography and Security · Computer Science 2020-07-17 Francisc Moldovan , Ciprian Oprisa

The increasing scale and sophistication of cyberattacks has led to the adoption of machine learning based classification techniques, at the core of cybersecurity systems. These techniques promise scale and accuracy, which traditional rule…

Machine Learning · Computer Science 2018-03-28 Tegjyot Singh Sethi , Mehmed Kantardzic , Joung Woo Ryu

The delivery of key services in domains ranging from finance and manufacturing to healthcare and transportation is underpinned by a rapidly growing number of mission-critical enterprise applications. Ensuring the continuity of these complex…

Distributed, Parallel, and Cluster Computing · Computer Science 2022-09-23 Premathas Somasekaram , Radu Calinescu , Rajkumar Buyya

Software Vulnerabilities (SVs) are increasing in complexity and scale, posing great security risks to many software systems. Given the limited resources in practice, SV assessment and prioritization help practitioners devise optimal SV…

Software Engineering · Computer Science 2023-01-09 Triet H. M. Le , Huaming Chen , M. Ali Babar

Most of the current software security analysis tools assess vulnerabilities in isolation. However, sophisticated software supply chain security threats often stem from cascaded vulnerability and security weakness chains that span dependent…

Software Engineering · Computer Science 2026-01-29 Laura Baird , Armin Moin

The thesis advances the field of software security by providing knowledge and automation support for software vulnerability assessment using data-driven approaches. Software vulnerability assessment provides important and multifaceted…

Software Engineering · Computer Science 2023-06-21 Triet H. M. Le

Requirements engineering is crucial to software development but lacks a precise definition of its fundamental concepts. Even the basic definitions in the literature and in industry standards are often vague and verbose. To remedy this…

Software Engineering · Computer Science 2019-07-12 Bertrand Meyer , Jean-Michel Bruel , Sophie Ebersold , Florian Galinier , Alexandr Naumchev

Our societies are increasingly dependent on services supplied by computers & their software. New technology only exacerbates this dependence by increasing the number, performance, and degree of autonomy and inter-connectivity of…

Computers and Society · Computer Science 2018-03-19 De Florio Vincenzo

Software security mainly studies vulnerability detection: is my code vulnerable today? This hinders risk estimation, so new approaches are emerging to forecast the occurrence of future vulnerabilities. While useful, these approaches are…

Software Engineering · Computer Science 2024-11-19 Carlos E. Budde , Ranindya Paramitha , Fabio Massacci

We present a taxonomy and an algebra for attack patterns on component-based operating systems. In a multilevel security scenario, where isolation of partitions containing data at different security classifications is the primary security…

Cryptography and Security · Computer Science 2014-03-06 Michael Hanspach , Jörg Keller

This chapter defines and presents different kinds of software ecosystems. The focus is on the development, tooling and analytics aspects of software ecosystems, i.e., communities of software developers and the interconnected software…

Software Engineering · Computer Science 2023-07-31 Tom Mens , Coen De Roover

Our decision-making processes are becoming more data driven, based on data from multiple sources, of different types, processed by a variety of technologies. As technology becomes more relevant for decision processes, the more likely they…

Computers and Society · Computer Science 2018-01-01 Tomasz Ostwald

Vulnerability management strategy, from both organizational and public policy perspectives, hinges on an understanding of the supply of undiscovered vulnerabilities. If the number of undiscovered vulnerabilities is small enough, then a…

Cryptography and Security · Computer Science 2023-04-20 Jonathan M Spring

The structures for the expression of fault-tolerance provisions into the application software are the central topic of this paper. Structuring techniques answer the questions "How to incorporate fault-tolerance in the application layer of a…

Software Engineering · Computer Science 2015-04-14 Vincenzo De Florio , Chris Blondia