Search
Search Results
-
Generic Error SDP and Generic Error CVE
This paper introduces a new family of CVE schemes built from generic errors (GE-CVE) and identifies a vulnerability therein. To introduce the... -
A novel approach to continuous CVE analysis on enterprise operating systems for system vulnerability assessment
Advances in information and technology have provided great opportunities and conveniences for human life. However, with this process, attackers have...
-
On the Usage of NLP on CVE Descriptions for Calculating Risk
In order to conduct a risk analysis on an ecosystem the potential threats to its assets must first be identified. The Risk Modelling Tool (RMT) of... -
SMET: Semantic Map** of CVE to ATT&CK and Its Application to Cybersecurity
Cybercriminals relentlessly pursue vulnerabilities across cyberspace to exploit software, threatening the security of individuals, organizations, and... -
Extended Abstract: Towards Reliable and Scalable Linux Kernel CVE Attribution in Automated Static Firmware Analyses
In vulnerability assessments, software component-based CVE attribution is a common method to identify possibly vulnerable systems at scale. However,... -
On the coordination of vulnerability fixes
The Common Vulnerabilities and Exposures (CVE) program is dedicated to analyzing vulnerabilities, then to assigning a unique ID to them and...
-
Viewpoint-sharing method with reduced motion sickness in object-based VR/AR collaborative virtual environment
We propose a viewpoint-sharing method with reduced motion sickness in an object-based remote collaborative virtual environment (CVE). The method is...
-
A study of synergy between programming practices evolution and information disclosure-causing vulnerabilities
The Common Vulnerabilities and Exposures (CVE) is a formal dictionary of vulnerabilities and associated weaknesses reported by the community. As...
-
Towards Measuring Vulnerabilities and Exposures in Open-Source Packages
Much of the current software depends on open-source components, which in turn have complex dependencies on other open-source libraries.... -
Evaluating Models with Dynamic Sampling Holdout in Auto-ML
Automated Machine Learning (Auto-ML) is a growing research area that is receiving great attention today. Multiple techniques have been developed to...
-
Evaluating seed selection for fuzzing JavaScript engines
JavaScript (JS), as a platform-independent programming language, remains to be the most popular language over the years. However, popular JavaScript...
-
Vulnerability management in Linux distributions
Vulnerabilities in software systems not only lead to loss of revenue, but also to loss of reputation and trust. To avoid this, software providers...
-
Automated Behavior Labeling During Team-Based Activities Involving Neurodiverse and Neurotypical Partners Using Multimodal Data
The employment setting for autistic individuals in the USA is grim. Based on reports, individuals with ASD struggle to secure and retain employment... -
The Use of Counter Narratives to Combat Violent Extremism Online
Due to recent rises in extremism across the globe (Dean et al. in J Polic Intell Count Terror 11:121–142, 2016; Le Roux in Responding to the rise in... -
Automated CPE Labeling of CVE Summaries with Machine Learning
Open Source Security and Dependency Vulnerability Management (DVM) has become a more vital part of the software security stack in recent years as... -
BTFuzzer: A Profile-Based Fuzzing Framework for Bluetooth Protocols
Bluetooth vulnerabilities have become increasingly popular in recent years due to, in part, the remote exploitability of Bluetooth. Unfortunately, in... -
Bl0ck: Paralyzing 802.11 Connections Through Block Ack Frames
Despite Wi-Fi is at the eve of its seventh generation, security concerns regarding this omnipresent technology remain in the spotlight of the... -
Entity Alignment Based on Multi-view Interaction Model in Vulnerability Knowledge Graphs
Entity alignment (EA) aims to match the same entities in different Knowledge Graphs (KGs), which is a critical task in KG fusion. EA has recently... -
XSnare: application-specific client-side cross-site scripting protection
We present XSnare, a client-side Cross-Site Scripting (XSS) solution implemented as a Firefox extension. The client-side design of XSnare can protect...
-
Enhancing attack resilience of cyber-physical systems through state dependency graph models
This paper presents a method that utilizes graph theory and state modelling algorithms to perform automatic complexity analysis of the architecture...