The field of cybersecurity and software vulnerability detection is rapidly evolving, with a focus on developing innovative solutions to combat emerging threats. Recent research has highlighted the importance of secure coding practices, with studies demonstrating the effectiveness of code property graphs and machine learning techniques in detecting software vulnerabilities. Additionally, the development of new frameworks and tools, such as CleanStack and InfraFix, has improved the efficiency and accuracy of vulnerability detection and repair. The use of post-quantum algorithms and the analysis of cryptographic usages in modern software have also become key areas of research, with the goal of enhancing the security and resilience of software systems. Noteworthy papers in this area include 'CleanStack: A New Dual-Stack for Defending Against Stack-Based Memory Corruption Attacks' and 'InfraFix: Technology-Agnostic Repair of Infrastructure as Code', which introduce novel approaches to stack protection and infrastructure repair.
Advances in Cybersecurity and Software Vulnerability Detection
Sources
SoK: Trusted Execution in SoC-FPGAs
Visualizing Privacy-Relevant Data Flows in Android Applications
CleanStack: A New Dual-Stack for Defending Against Stack-Based Memory Corruption Attacks
Nofl: A Precise Immix
EVSOAR: Security Orchestration, Automation and Response via EV Charging Stations
InfraFix: Technology-Agnostic Repair of Infrastructure as Code
Breaking the Symmetries of Indistinguishable Objects
UAV Resilience Against Stealthy Attacks
QITE: Assembly-Level, Cross-Platform Testing of Quantum Computing Platforms
Understanding the Changing Landscape of Automotive Software Vulnerabilities: Insights from a Seven-Year Analysis
LEMIX: Enabling Testing of Embedded Applications as Linux Applications
Connectedness: a dimension of security bug severity assessment for measuring uncertainty
Fingerprinting Implementations of Cryptographic Primitives and Protocols that Use Post-Quantum Algorithms
Enhancing Software Vulnerability Detection Using Code Property Graphs and Convolutional Neural Networks
COFO: COdeFOrces dataset for Program Classification, Recognition and Tagging
EVOLVE: a Value-Added Services Platform for Electric Vehicle Charging Stations
strideSEA: A STRIDE-centric Security Evaluation Approach
Coding Malware in Fancy Programming Languages for Fun and Profit
QUIC-Fuzz: An Effective Greybox Fuzzer For The QUIC Protocol
Cryptoscope: Analyzing cryptographic usages in modern software
Nanopass Back-Translation of Call-Return Trees for Mechanized Secure Compilation Proofs
Substation Bill of Materials: A Novel Approach to Managing Supply Chain Cyber-risks on IEC 61850 Digital Substations
In the Magma chamber: Update and challenges in ground-truth vulnerabilities revival for automatic input generator comparison
Software Vulnerability Analysis Across Programming Language and Program Representation Landscapes: A Survey
How to Secure Existing C and C++ Software without Memory Safety
The Promise and Pitfalls of WebAssembly: Perspectives from the Industry
Automated Analysis of Pricings in SaaS-based Information Systems
HORIZON: a Classification and Comparison Framework for Pricing-driven Feature Toggling
SoK: Towards Reproducibility for Software Packages in Scripting Language Ecosystems
Decoding Dependency Risks: A Quantitative Study of Vulnerabilities in the Maven Ecosystem
Understanding Software Vulnerabilities in the Maven Ecosystem: Patterns, Timelines, and Risks