中文
相关论文

相关论文: On Vulnerabilities, Constraints and Assumptions

200 篇论文

Qualifying and ranking threat degrees of vulnerabilities in cloud service are known to be full of challenges. Although there have been several efforts aiming to address this problem, most of them are too simple or cannot be applied into…

密码学与安全 · 计算机科学 2016-12-07 He Zhu

Many taxonomies exist to organize cybercrime incidents into ontological categories. We examine some of the taxonomies introduced in the literature; providing a framework, and analysis, of how best to leverage different taxonomy structures…

统计方法学 · 统计学 2025-08-15 Ryan Warnick

The Common Weakness Enumeration (CWE) is a prominent list of software weakness types. This list is used by vulnerability databases to describe the underlying security flaws within analyzed vulnerabilities. This linkage opens the possibility…

密码学与安全 · 计算机科学 2020-06-16 Peter Mell , Assane Gueye

Vulnerability detection plays a key role in secure software development. There are many different vulnerability detection tools and techniques to choose from, and insufficient information on which vulnerability detection techniques to use…

软件工程 · 计算机科学 2021-03-10 Sarah Elder

Empirical studies of research software are hard to compare because the literature operationalizes ``research software'' inconsistently. Motivated by the research software supply chain (RSSC) and its security risks, we introduce an…

Quantum computing introduces unfamiliar security vulnerabilities demanding customized threat models. Hardware and software Trojans pose serious concerns needing rethinking from classical paradigms. This paper develops the first structured…

密码学与安全 · 计算机科学 2023-09-21 Subrata Das , Swaroop Ghosh

The ability to analyze network threats is very important in security research. Traditional approaches, involving sandboxing technology are limited to simulating a single host, missing local network attacks. This issue is addressed by…

密码学与安全 · 计算机科学 2020-07-17 Francisc Moldovan , Ciprian Oprisa

The increasing scale and sophistication of cyberattacks has led to the adoption of machine learning based classification techniques, at the core of cybersecurity systems. These techniques promise scale and accuracy, which traditional rule…

机器学习 · 计算机科学 2018-03-28 Tegjyot Singh Sethi , Mehmed Kantardzic , Joung Woo Ryu

The delivery of key services in domains ranging from finance and manufacturing to healthcare and transportation is underpinned by a rapidly growing number of mission-critical enterprise applications. Ensuring the continuity of these complex…

分布式、并行与集群计算 · 计算机科学 2022-09-23 Premathas Somasekaram , Radu Calinescu , Rajkumar Buyya

Software Vulnerabilities (SVs) are increasing in complexity and scale, posing great security risks to many software systems. Given the limited resources in practice, SV assessment and prioritization help practitioners devise optimal SV…

软件工程 · 计算机科学 2023-01-09 Triet H. M. Le , Huaming Chen , M. Ali Babar

Most of the current software security analysis tools assess vulnerabilities in isolation. However, sophisticated software supply chain security threats often stem from cascaded vulnerability and security weakness chains that span dependent…

软件工程 · 计算机科学 2026-01-29 Laura Baird , Armin Moin

The thesis advances the field of software security by providing knowledge and automation support for software vulnerability assessment using data-driven approaches. Software vulnerability assessment provides important and multifaceted…

软件工程 · 计算机科学 2023-06-21 Triet H. M. Le

Requirements engineering is crucial to software development but lacks a precise definition of its fundamental concepts. Even the basic definitions in the literature and in industry standards are often vague and verbose. To remedy this…

软件工程 · 计算机科学 2019-07-12 Bertrand Meyer , Jean-Michel Bruel , Sophie Ebersold , Florian Galinier , Alexandr Naumchev

Our societies are increasingly dependent on services supplied by computers & their software. New technology only exacerbates this dependence by increasing the number, performance, and degree of autonomy and inter-connectivity of…

计算机与社会 · 计算机科学 2018-03-19 De Florio Vincenzo

Software security mainly studies vulnerability detection: is my code vulnerable today? This hinders risk estimation, so new approaches are emerging to forecast the occurrence of future vulnerabilities. While useful, these approaches are…

软件工程 · 计算机科学 2024-11-19 Carlos E. Budde , Ranindya Paramitha , Fabio Massacci

We present a taxonomy and an algebra for attack patterns on component-based operating systems. In a multilevel security scenario, where isolation of partitions containing data at different security classifications is the primary security…

密码学与安全 · 计算机科学 2014-03-06 Michael Hanspach , Jörg Keller

This chapter defines and presents different kinds of software ecosystems. The focus is on the development, tooling and analytics aspects of software ecosystems, i.e., communities of software developers and the interconnected software…

软件工程 · 计算机科学 2023-07-31 Tom Mens , Coen De Roover

Our decision-making processes are becoming more data driven, based on data from multiple sources, of different types, processed by a variety of technologies. As technology becomes more relevant for decision processes, the more likely they…

计算机与社会 · 计算机科学 2018-01-01 Tomasz Ostwald

Vulnerability management strategy, from both organizational and public policy perspectives, hinges on an understanding of the supply of undiscovered vulnerabilities. If the number of undiscovered vulnerabilities is small enough, then a…

密码学与安全 · 计算机科学 2023-04-20 Jonathan M Spring

The structures for the expression of fault-tolerance provisions into the application software are the central topic of this paper. Structuring techniques answer the questions "How to incorporate fault-tolerance in the application layer of a…

软件工程 · 计算机科学 2015-04-14 Vincenzo De Florio , Chris Blondia