中文
相关论文

相关论文: Compile-time Security Analysis and Optimization of…

200 篇论文

We propose a new formal criterion for evaluating secure compilation schemes for unsafe languages, expressing end-to-end security guarantees for software components that may become compromised after encountering undefined behavior---for…

We propose a new formal criterion for secure compilation, providing strong security guarantees for components written in unsafe, low-level languages with C-style undefined behavior. Our criterion goes beyond recent proposals, which protect…

Memory corruption vulnerabilities are endemic to unsafe languages, such as C, and they can even be found in safe languages that themselves are implemented in unsafe languages or linked with libraries implemented in unsafe languages. Robust…

密码学与安全 · 计算机科学 2018-02-06 Ana Nora Evans

The security of AI-generated code remains a major obstacle to its widespread adoption. Although code generation models achieve strong performance on functional benchmarks, their outputs frequently contain bugs and security weaknesses that…

软件工程 · 计算机科学 2026-05-08 Ali Soltanian Fard Jahromi , Amjed Tahir , Peng Liang , Foutse Khomh

When implementing secure software, developers must ensure certain requirements, such as the erasure of secret data after its use and execution in real time. Such requirements are not explicitly captured by the C language and could…

密码学与安全 · 计算机科学 2019-07-08 A. P. Shivarpatna Venkatesh , A. Bhat Handadi , M. Mory

Secure compilation prevents all low-level attacks on compiled code and allows for sound reasoning about security in the source language. In this work we propose a new attacker model for secure compilation that extends the well-known notion…

Large language models (LLMs) are widely used in software development. However, the code generated by LLMs often contains vulnerabilities. Several secure code generation methods have been proposed to address this issue, but their current…

密码学与安全 · 计算机科学 2025-11-14 Shih-Chieh Dai , Jun Xu , Guanhong Tao

Artificial Intelligence (AI)-driven code generation tools are increasingly used throughout the software development lifecycle to accelerate coding tasks. However, the security of AI-generated code using Large Language Models (LLMs) remains…

密码学与安全 · 计算机科学 2026-03-10 Mohammed Kharma , Soohyeon Choi , Mohammed AlKhanafseh , David Mohaisen

Automation of code reviews using AI models has garnered substantial attention in the software engineering community as a strategy to reduce the cost and effort associated with traditional peer review processes. These models are typically…

Secure compilers generate compiled code that withstands many target-level attacks such as alteration of control flow, data leaks or memory corruption. Many existing secure compilers are proven to be fully abstract, meaning that they reflect…

编程语言 · 计算机科学 2020-11-30 Marco Patrignani , Deepak Garg

Security vulnerabilities present in a code that has been written in diverse programming languages are among the most critical yet complicated aspects of source code to detect. Static analysis tools based on rule-based patterns usually do…

密码学与安全 · 计算机科学 2025-08-19 Hael Abdulhakim Ali Humran , Ferdi Sonmez

Information protection is becoming a focal point for designing, creating and implementing software applications within highly integrated technology environments. The use of a safe coding technique in the software development process is…

Secure compilation studies compilers that generate target-level components that are as secure as their source-level counterparts. Full abstraction is the most widely-proven property when defining a secure compiler. A compiler is modular if…

编程语言 · 计算机科学 2016-04-19 Marco Patrignani , Dominique Devriese , Frank Piessens

AI coding assistants are now central to professional software development, yet their impact on how developers think about and practice security remains poorly understood. While prior work has documented vulnerability rates in AI-generated…

Web applications continue to be a favorite target for hackers due to a combination of wide adoption and rapid deployment cycles, which often lead to the introduction of high impact vulnerabilities. Static analysis tools are important to…

密码学与安全 · 计算机科学 2022-01-19 Ibéria Medeiros , Nuno Neves , Miguel Correia

Context. Developing secure and reliable software remains a key challenge in software engineering (SE). The ever-evolving technological landscape offers both opportunities and threats, creating a dynamic space where chaos and order compete.…

软件工程 · 计算机科学 2025-01-10 Matteo Esposito

Advances in AI-generated content have led to wide adoption of large language models, diffusion-based visual generators, and synthetic audio tools. However, these developments raise critical concerns about misinformation, copyright…

计算与语言 · 计算机科学 2025-09-30 Lele Cao

Recent trends in the software development practices (Agile, DevOps, CI) have shortened the development life-cycle causing the need for efficient security-by-design approaches. In this context, software architectures are analyzed for…

软件工程 · 计算机科学 2019-06-06 Katja Tuma , Danial Hosseini , Kyriakos Malamas , Riccardo Scandariato

Developers rely on constant-time programming to prevent timing side-channel attacks. But these efforts can be undone by compilers, whose optimizations may silently reintroduce leaks. While recent works have measured the extent of such…

密码学与安全 · 计算机科学 2025-07-09 Antoine Geimer , Clementine Maurice

The correctness of the Solidity compiler is crucial for ensuring the security of smart contracts. However, the implementation complexity of its type system often introduces elusive defects. This paper presents the first systematic empirical…

软件工程 · 计算机科学 2025-12-23 Lantian Li , Yue Pan , Dan Wang , Jingwen Wu , Zhongxing Yu
‹ 上一页 1 2 3 10 下一页 ›