:: Library Catalog

Cover Image

Saved in:

Bibliographic Details
Main Authors:	Rahman, Imranur, Paramitha, Ranidya, Plate, Henrik, Wermke, Dominik, Williams, Laurie
Format:	Preprint
Published:	2024
Subjects:	Cryptography and Security Software Engineering
Online Access:	https://arxiv.org/abs/2408.02846
Tags:	Add Tag No Tags, Be the first to tag this record!

Similar Items

How Quickly Do Development Teams Update Their Vulnerable Dependencies?
by: Rahman, Imranur, et al.
Published: (2024)

Beyond Metadata: Code-centric and Usage-based Analysis of Known Vulnerabilities in Open-source Software
by: Ponta, Serena E., et al.
Published: (2018)

Impact assessment for vulnerabilities in open-source software libraries
by: Plate, Henrik, et al.
Published: (2015)

Generating API Parameter Security Rules with LLM for API Misuse Detection
by: Liu, Jinghua, et al.
Published: (2024)

From Struggle to Simplicity with a Usable and Secure API for Encryption in Java
by: Firouzi, Ehsan, et al.
Published: (2024)

Comparing Effectiveness and Efficiency of Interactive Application Security Testing (IAST) and Runtime Application Self-Protection (RASP) Tools in a Large Java-based System
by: Seth, Aishwarya, et al.
Published: (2023)

S3C2 Summit 2024-09: Industry Secure Software Supply Chain Summit
by: Rahman, Imranur, et al.
Published: (2025)

Toward Automated Security Risk Detection in Large Software Using Call Graph Analysis
by: Pecka, Nicholas, et al.
Published: (2025)

GraphQLer: Enhancing GraphQL Security with Context-Aware API Testing
by: Tsai, Omar, et al.
Published: (2025)

A Manually-Curated Dataset of Fixes to Vulnerabilities of Open-Source Software
by: Ponta, Serena E., et al.
Published: (2019)

An Empirical Study of Vulnerable Package Dependencies in LLM Repositories
by: Liu, Shuhan, et al.
Published: (2025)

Securing the Software Package Supply Chain for Critical Systems
by: Murali, Ritwik, et al.
Published: (2025)

R+R: Reassessing Java Security API Misuse in Current LLMs: A Replication on JCA and JSSE APIs with External Security Knowledge
by: Lu, Tianhe, et al.
Published: (2026)

The Popularity Hypothesis in Software Security: A Large-Scale Replication with PHP Packages
by: Ruohonen, Jukka, et al.
Published: (2025)

Mind the Gap: Evaluating LLMs for High-Level Malicious Package Detection vs. Fine-Grained Indicator Identification
by: Ryan, Ahmed, et al.
Published: (2026)

RiskHarvester: A Risk-based Tool to Prioritize Secret Removal Efforts in Software Artifacts
by: Basak, Setu Kumar, et al.
Published: (2025)

Insecure Ingredients? Exploring Dependency Update Patterns of Bundled JavaScript Packages on the Web
by: Swierzy, Ben, et al.
Published: (2025)

Trusting code in the wild: Exploring contributor reputation measures to review dependencies in the Rust ecosystem
by: Hamer, Sivana, et al.
Published: (2024)

Your ATs to Ts: MITRE ATT&CK Attack Technique to P-SSCRM Task Mapping
by: Hamer, Sivana, et al.
Published: (2025)

Mutation-based Evaluation of Cryptographic API Misuse Detectors
by: Ami, Amit Seal, et al.
Published: (2021)

Classport: Designing Runtime Dependency Introspection for Java
by: Cofano, Serena, et al.
Published: (2025)

Software Supply Chain Smells: Lightweight Analysis for Secure Dependency Management
by: Schmid, Larissa, et al.
Published: (2026)

Closing the Chain: How to reduce your risk of being SolarWinds, Log4j, or XZ Utils
by: Hamer, Sivana, et al.
Published: (2025)

Using AI Assistants in Software Development: A Qualitative Study on Security Practices and Concerns
by: Klemmer, Jan H., et al.
Published: (2024)

When Specifications Meet Reality: Uncovering API Inconsistencies in Ethereum Infrastructure
by: Ma, Jie, et al.
Published: (2026)

Assumptions to Evidence: Evaluating Security Practices Adoption and Their Impact on Outcomes in the npm Ecosystem
by: Zahan, Nusrat, et al.
Published: (2025)

AssetHarvester: A Static Analysis Tool for Detecting Secret-Asset Pairs in Software Artifacts
by: Basak, Setu Kumar, et al.
Published: (2024)

Enhancing REST API Fuzzing with Access Policy Violation Checks and Injection Attacks
by: Sahin, Omur, et al.
Published: (2026)

ConfuGuard: Using Metadata to Detect Active and Stealthy Package Confusion Attacks Accurately and at Scale
by: Jiang, Wenxin, et al.
Published: (2025)

Just another copy and paste? Comparing the security vulnerabilities of ChatGPT generated code and StackOverflow answers
by: Hamer, Sivana, et al.
Published: (2024)

BacAlarm: Mining and Simulating Composite API Traffic to Prevent Broken Access Control Violations
by: Yang, Yanjing, et al.
Published: (2025)

Does the Vulnerability Threaten Our Projects? Automated Vulnerable API Detection for Third-Party Libraries
by: Zhang, Fangyuan, et al.
Published: (2024)

Can I Check What I Designed? Mapping Security Design DSLs to Code Analyzers
by: Peldszus, Sven, et al.
Published: (2026)

Profile of Vulnerability Remediations in Dependencies Using Graph Analysis
by: Vera, Fernando, et al.
Published: (2024)

SAVANT: Vulnerability Detection in Application Dependencies through Semantic-Guided Reachability Analysis
by: Lingxiang, Wang, et al.
Published: (2025)

A Static Analysis of Popular C Packages in Linux
by: Ruohonen, Jukka, et al.
Published: (2024)

An Analysis of Malicious Packages in Open-Source Software in the Wild
by: Zhou, Xiaoyan, et al.
Published: (2024)

Broken Quantum: A Systematic Formal Verification Study of Security Vulnerabilities Across the Open-Source Quantum Computing Simulator Ecosystem
by: Blain, Dominik
Published: (2026)

SAGA: Detecting Security Vulnerabilities Using Static Aspect Analysis
by: Marquer, Yoann, et al.
Published: (2026)

Using LLMs for Security Advisory Investigations: How Far Are We?
by: Abdullah, Bayu Fedra, et al.
Published: (2025)