Dos and don'ts of machine learning in computer security
With the growing processing power of computing systems and the increasing availability of
massive datasets, machine learning algorithms have led to major breakthroughs in many …
massive datasets, machine learning algorithms have led to major breakthroughs in many …
Automatic detection of Java cryptographic API misuses: Are we there yet?
The Java platform provides various cryptographic APIs to facilitate secure coding. However,
correctly using these APIs is challenging for developers who lack cybersecurity training …
correctly using these APIs is challenging for developers who lack cybersecurity training …
[HTML][HTML] A survey of malware detection using deep learning
The problem of malicious software (malware) detection and classification is a complex task,
and there is no perfect approach. There is still a lot of work to be done. Unlike most other …
and there is no perfect approach. There is still a lot of work to be done. Unlike most other …
Realtime robust malicious traffic detection via frequency domain analysis
Machine learning (ML) based malicious traffic detection is an emerging security paradigm,
particularly for zero-day attack detection, which is complementary to existing rule based …
particularly for zero-day attack detection, which is complementary to existing rule based …
" Get in Researchers; We're Measuring Reproducibility": A Reproducibility Study of Machine Learning Papers in Tier 1 Security Conferences
D Olszewski, A Lu, C Stillman, K Warren… - Proceedings of the …, 2023 - dl.acm.org
Reproducibility is crucial to the advancement of science; it strengthens confidence in
seemingly contradictory results and expands the boundaries of known discoveries …
seemingly contradictory results and expands the boundaries of known discoveries …
Using ai assistants in software development: A qualitative study on security practices and concerns
JH Klemmer, SA Horstmann, N Patnaik… - Proceedings of the …, 2024 - dl.acm.org
Following the recent release of AI assistants, such as OpenAI's ChatGPT and GitHub
Copilot, the software industry quickly utilized these tools for software development tasks, eg …
Copilot, the software industry quickly utilized these tools for software development tasks, eg …
Crylogger: Detecting crypto misuses dynamically
Cryptographic (crypto) algorithms are the essential ingredients of all secure systems: crypto
hash functions and encryption algorithms, for example, can guarantee properties such as …
hash functions and encryption algorithms, for example, can guarantee properties such as …
Where to recruit for security development studies: Comparing six software developer samples
Studying developers is an important aspect of usable security and privacy research. In
particular, studying security development challenges such as the usability of security APIs …
particular, studying security development challenges such as the usability of security APIs …
[PDF][PDF] “Make Them Change it Every Week!”: A Qualitative Exploration of Online Developer Advice on Usable and Secure Authentication
Password-based authentication is the status quo on the web and beyond [6, 13, 14]—
despite its many known problems. This includes challenges around memorizing passwords …
despite its many known problems. This includes challenges around memorizing passwords …
" Would you give the same priority to the bank and a game? I do {not!}" exploring credential management strategies and obstacles during password manager setup
Password managers allow users to improve password security by handling large numbers of
strong and unique passwords without the burden of memorizing them. While users are …
strong and unique passwords without the burden of memorizing them. While users are …