[HTML][HTML] Just-in-time software vulnerability detection: Are we there yet?
Background: Software vulnerabilities are weaknesses in source code that might be exploited
to cause harm or loss. Previous work has proposed a number of automated machine …
to cause harm or loss. Previous work has proposed a number of automated machine …
Asleep at the keyboard? assessing the security of github copilot's code contributions
There is burgeoning interest in designing AI-based systems to assist humans in designing
computing systems, including tools that automatically generate computer code. The most …
computing systems, including tools that automatically generate computer code. The most …
Examining zero-shot vulnerability repair with large language models
Human developers can produce code with cybersecurity bugs. Can emerging 'smart'code
completion tools help repair those bugs? In this work, we examine the use of large language …
completion tools help repair those bugs? In this work, we examine the use of large language …
Space odyssey: An experimental software security analysis of satellites
J Willbold, M Schloegel, M Vögele… - … IEEE Symposium on …, 2023 - ieeexplore.ieee.org
Satellites are an essential aspect of our modern society and have contributed significantly to
the way we live today, most notable through modern telecommunications, global positioning …
the way we live today, most notable through modern telecommunications, global positioning …
MiniTracker: Large-Scale Sensitive Information Tracking in Mini Apps
W Li, B Yang, H Ye, L Xiang, Q Tao… - … on Dependable and …, 2023 - ieeexplore.ieee.org
Running on host mobile applications, mini apps have gained increasing popularity these
days for its convenience in installation and usage. However, being easy to use allows mini …
days for its convenience in installation and usage. However, being easy to use allows mini …
[HTML][HTML] Devaic: A tool for security assessment of ai-generated code
Context: AI code generators are revolutionizing code writing and software development, but
their training on large datasets, including potentially untrusted source code, raises security …
their training on large datasets, including potentially untrusted source code, raises security …
Using Semgrep OSS to Find OWASP Top 10 Weaknesses in PHP Applications: A Case Study
L Kree, R Helmke, E Winter - … Conference on Detection of Intrusions and …, 2024 - Springer
Given PHP's continuous success, it remains an important task to ensure security in its
applications. While code reviews are a common measure to catch bugs during development …
applications. While code reviews are a common measure to catch bugs during development …
Adopting Trusted Types in ProductionWeb Frameworks to Prevent DOM-Based Cross-Site Scripting: A Case Study
P Wang, BÁ Guðmundsson… - 2021 IEEE European …, 2021 - ieeexplore.ieee.org
Cross-site scripting (XSS) is a common security vulnerability found in web applications.
DOM-based XSS, one of the variants, is becoming particularly more prevalent with the boom …
DOM-based XSS, one of the variants, is becoming particularly more prevalent with the boom …
A socio-technical perspective on software vulnerabilities: A causal analysis
Context: Software development organizations are composed of people working together
towards a common goal. These people are connected in networks. The effectiveness of …
towards a common goal. These people are connected in networks. The effectiveness of …
A Mixed-Methods Study of Open-Source Software Maintainers On Vulnerability Management and Platform Security Features
In open-source software (OSS), software vulnerabilities have significantly increased.
Although researchers have investigated the perspectives of vulnerability reporters and OSS …
Although researchers have investigated the perspectives of vulnerability reporters and OSS …