You are not your developer, either: A research agenda for usable security and privacy research beyond end users
While researchers have developed many tools, techniques, and protocols for improving
software security, exploits and breaches are only becoming more frequent. Some of this gap …
software security, exploits and breaches are only becoming more frequent. Some of this gap …
Stack overflow considered harmful? the impact of copy&paste on android application security
Online programming discussion platforms such as Stack Overflow serve as a rich source of
information for software developers. Available information include vibrant discussions and …
information for software developers. Available information include vibrant discussions and …
You get where you're looking for: The impact of information sources on code security
Vulnerabilities in Android code--including but not limited to insecure data storage,
unprotected inter-component communication, broken TLS implementations, and violations of …
unprotected inter-component communication, broken TLS implementations, and violations of …
Keeping authorities" honest or bust" with decentralized witness cosigning
E Syta, I Tamas, D Visher, DI Wolinsky… - … IEEE Symposium on …, 2016 - ieeexplore.ieee.org
The secret keys of critical network authorities--such as time, name, certificate, and software
update services--represent high-value targets for hackers, criminals, and spy agencies …
update services--represent high-value targets for hackers, criminals, and spy agencies …
Revisiting software ecosystems research: A longitudinal literature study
K Manikas - Journal of Systems and Software, 2016 - Elsevier
Abstract 'Software ecosystems' is argued to first appear as a concept more than 10 years
ago and software ecosystem research started to take off in 2010. We conduct a systematic …
ago and software ecosystem research started to take off in 2010. We conduct a systematic …
A systematic mapping study on requirements engineering in software ecosystems
Software ecosystems (SECOs) and open innovation processes have been claimed as a way
forward for the software industry. A proper understanding of requirements is as important for …
forward for the software industry. A proper understanding of requirements is as important for …
{CHAINIAC}: Proactive {Software-Update} transparency via collectively signed skipchains and verified builds
Software-update mechanisms are critical to the security of modern systems, but their
typically centralized design presents a lucrative and frequently attacked target. In this work …
typically centralized design presents a lucrative and frequently attacked target. In this work …
A large scale investigation of obfuscation use in google play
Android applications are frequently plagiarized or repackaged, and software obfuscation is a
recommended protection against these practices. However, there is very little data on the …
recommended protection against these practices. However, there is very little data on the …
[PDF][PDF] The cyber security body of knowledge
D Basin - University of Bristol, ch. Formal Methods for, 2021 - cybok.org
The CyBOK project would like to understand how the CyBOK is being used and its uptake.
The project would like organisations using, or intending to use, CyBOK for the purposes of …
The project would like organisations using, or intending to use, CyBOK for the purposes of …
Sok: Lessons learned from android security research for appified software platforms
Android security and privacy research has boomed in recent years, far outstripping
investigations of other appified platforms. However, despite this attention, research efforts …
investigations of other appified platforms. However, despite this attention, research efforts …