researchr
explore
Tags
Journals
Conferences
Authors
Profiles
Groups
calendar
New Conferences
Events
Deadlines
search
search
You are not signed in
Sign in
Sign up
Links
Filter by Year
OR
AND
NOT
1
2016
2017
2018
2019
2020
2021
2022
2023
Filter by Tag
Filter by Author
[+]
OR
AND
NOT
1
Akond Rahman
Andrei Lapets
Charles Weir
Danfeng Daphne Yao
Danfeng Yao
David Svoboda
Douglas Everson
Ethan Johnson
Hans Liljestrand
Hasan Yasar
John Criswell
Long Cheng 0005
Lotfi Ben Othmane
Mayank Varia
Michelle L. Mazurek
N. Asokan
Raghudeep Kannavara
Sascha Fahl
Sazzadur Rahaman
Trent Jaeger
Filter by Top terms
[+]
OR
AND
NOT
1
analysis
attack
c
code
cybersecurity
design
development
ieee
memory
practices
secdev
secure
security
software
static
systems
tutorial
usa
using
vulnerabilities
SecDev (secdev)
Editions
Publications
Viewing Publication 1 - 100 from 192
2023
Bridging the Bubbles: Connecting Academia and Industry in Cybersecurity Research
Rasha Kashef 0001
,
Monika Freunek
,
Jeff Schwartzentruber
,
Reza Samavi
,
Burcu Bulgurcu
,
A. J. Khan
,
Marcus Santos
.
secdev 2023
:
207-213
[doi]
Evaluating Container Debloaters
Muhammad Hassan 0005
,
Talha Tahir
,
Muhammad Farrukh
,
Abdullah Naveed
,
Anas Naeem
,
Fareed Zaffar
,
Fahad Shaon
,
Ashish Gehani
,
Sazzadur Rahaman
.
secdev 2023
:
88-98
[doi]
IEEE Secure Development Conference, SecDev 2023, Atlanta, GA, USA, October 18-20, 2023
IEEE,
2023.
[doi]
BLADE: Towards Scalable Source Code Debloating
Muaz Ali
,
Rumaisa Habib
,
Ashish Gehani
,
Sazzadur Rahaman
,
Zartash Afzal Uzmi
.
secdev 2023
:
75-87
[doi]
Model-Agnostic Federated Learning for Privacy-Preserving Systems
Hussain M. J. Almohri
,
Layne T. Watson
.
secdev 2023
:
99-105
[doi]
Misplaced Trust: The Security Flaw in Modern Code Signing Process
Pranshu Bajpai
,
Raghudeep Kannavara
.
secdev 2023
:
49-50
[doi]
Curbing the Vulnerable Parser: Graded Modal Guardrails for Secure Input Handling
Eric Bond
,
Matthew Heimerdinger
.
secdev 2023
:
126-132
[doi]
Friend or Foe Inside? Exploring In-Process Isolation to Maintain Memory Safety for Unsafe Rust
Merve Gülmez
,
Thomas Nyman
,
Christoph Baumann
,
Jan Tobias Mühlberg
.
secdev 2023
:
54-66
[doi]
Characterizing Static Analysis Alerts for Terraform Manifests: An Experience Report
Hanyang Hu
,
Yani Bu
,
Kristen Wong
,
Gaurav Sood
,
Karen Smiley
,
Akond Rahman
.
secdev 2023
:
7-13
[doi]
Assessing the Impact of Efficiently Protecting Ten Million Stack Objects from Memory Errors Comprehensively
Kaiming Huang
,
Jack Sampson
,
Trent Jaeger
.
secdev 2023
:
67-74
[doi]
Adaptive Security: Certificate and Key Rotation for Firmware Integrity
Sunil Joshi
,
Kenneth G. Crowther
,
Jarvis Robinson
.
secdev 2023
:
214-215
[doi]
Challenges with Passwordless FIDO2 in an Enterprise Setting: A Usability Study
Michal Kepkowski
,
Maciej Machulak
,
Ian D. Wood
,
Dali Kaafar
.
secdev 2023
:
37-48
[doi]
Securing Your Crypto-API Usage Through Tool Support - A Usability Study
Stefan Krüger
,
Michael Reif
,
Anna-Katharina Wickert
,
Sarah Nadi
,
Karim Ali 0001
,
Eric Bodden
,
Yasemin Acar
,
Mira Mezini
,
Sascha Fahl
.
secdev 2023
:
14-25
[doi]
Parser Weakness Enumeration: Definition and Preliminary Assessment
Denley Lam
,
Letitia W. Li
,
Anthony Gabrielson
.
secdev 2023
:
118-125
[doi]
Triaging Android Systems Using Bayesian Attack Graphs
Yu Tsung Lee
,
Rahul George
,
HaiNing Chen
,
Kevin Chan
,
Trent Jaeger
.
secdev 2023
:
171-183
[doi]
11 things about Securing Microservice
Yuvaraj Madheswaran
.
secdev 2023
:
51-53
[doi]
Security and Privacy Threat Analysis for Solid
Omid Mirzamohammadi
,
Kristof Jannes
,
Laurens Sion
,
Dimitri Van Landuyt
,
Aysajan Abidin
,
Dave Singelée
.
secdev 2023
:
196-206
[doi]
A randomization-based, zero-trust cyberattack detection method for hierarchical systems
Sinnott Murphy
,
Richard Macwan
,
Vivek Kumar Singh
,
Chin-Yao Chang
.
secdev 2023
:
145-155
[doi]
PRICAR: Privacy Framework for Vehicular Data Sharing with Third Parties
Mert D. Pesé
,
Jay W. Schauer
,
Murali Mohan
,
Cassandra Joseph
,
Kang G. Shin
,
John Moore
.
secdev 2023
:
184-195
[doi]
An In-Depth Analysis of Android's Java Class Library: its Evolution and Security Impact
Timothée Riom
,
Alexandre Bartel
.
secdev 2023
:
133-144
[doi]
Tutorial: The End of Binary Protocol Parser Vulnerabilities : Using RecordFlux and SPARK to implement formally-verified binary formats and communication protocols
Alexander Senier
.
secdev 2023
:
5-6
[doi]
Tutorial: Crypto-Ransomware: Analysis, Defense, and Criminal Negotiation
Wenjia Song
,
Arianna Schuler Scott
.
secdev 2023
:
3-4
[doi]
Grading on a Curve: How Rust can Facilitate New Contributors while Decreasing Vulnerabilities
Justin Tracey
,
Ian Goldberg
.
secdev 2023
:
26-36
[doi]
Fortifying IoT Devices: AI-Driven Intrusion Detection via Memory-Encoded Audio Signals
Ramyapandian Vijayakanthan
,
Karley M. Waguespack
,
Irfan Ahmed 0001
,
Aisha I. Ali-Gombe
.
secdev 2023
:
106-117
[doi]
A Lot Less Likely Than I Thought: Introducing Evidence-Based Security Risk Assessment for Healthcare Software
Charles Weir
,
Anna Dyson
,
Daniel Prince
.
secdev 2023
:
156-170
[doi]
Invited Tutorial: Counteracting Web Application Abuse in Malware
Mingxuan Yao
,
Jonathan Fuller
,
Ranjita Pai Sridhar
,
Saumya Agarwal
,
Amit Kumar Sikder
,
Brendan Saltaformaggio
.
secdev 2023
:
1-2
[doi]
2022
IEEE Secure Development Conference, SecDev 2022, Atlanta, GA, USA, October 18-20, 2022
IEEE,
2022.
[doi]
Position Paper: Towards a Hybrid Approach to Protect Against Memory Safety Vulnerabilities
Kaled M. Alshmrany
,
Ahmed Bhayat
,
Franz Brauße
,
Lucas C. Cordeiro
,
Konstantin Korovin
,
Tom Melham
,
Mustafa A. Mustafa
,
Pierre Olivier
,
Giles Reger
,
Fedor Shmarov
.
secdev 2022
:
52-58
[doi]
Secure Development Workflows in CI/CD Pipelines
Pranshu Bajpai
,
Adam Lewis
.
secdev 2022
:
65-66
[doi]
What are the Practices for Secret Management in Software Artifacts?
Setu Kumar Basak
,
Lorenzo Neil
,
Bradley Reaves
,
Laurie A. Williams
.
secdev 2022
:
69-76
[doi]
Design and User Study of a Constraint-based Framework for Business Logic Flaw Discovery
Carmen Cheh
,
Nicholas Tay
,
Binbin Chen
.
secdev 2022
:
91-99
[doi]
Salsa: SGX Attestation for Live Streaming Applications
Tobias Cloosters
,
Sebastian Surminski
,
Gerrit Sangel
,
Lucas Davi
.
secdev 2022
:
45-51
[doi]
Tutorial: LLVM for Security Practitioners
John Criswell
,
Ethan Johnson
,
Colin Pronovost
.
secdev 2022
:
1-2
[doi]
A Comparative Study of Log4Sheil Test Tools
Douglas Everson
,
Ashish Bastola
,
Rajat Mittal
,
Siddheshwar Munde
,
Long Cheng 0005
.
secdev 2022
:
16-22
[doi]
Towards cryptographically-authenticated in-memory data structures
Setareh Ghorshi
,
Lachlan J. Gunn
,
Hans Liljestrand
,
N. Asokan
.
secdev 2022
:
30-44
[doi]
Tutorial: Analyzing, Exploiting, and Patching Smart Contracts in Ethereum
Jens-Rene Giesen
,
Sébastien Andreina
,
Michael Rodler
,
Ghassan O. Karame
,
Lucas Davi
.
secdev 2022
:
3-4
[doi]
Evaluating Text Augmentation for Boosting the Automatic Mapping of Vulnerability Information to Adversary Techniques
Emmanouil Gionanidis
,
Petros S. Karvelis
,
George K. Georgoulas
,
Konstantinos Stamos
,
Purvi Garg
.
secdev 2022
:
23-29
[doi]
A Hierarchical Database of One Million Websites
Jack B. Harrison
,
Joseph R. Harrison
,
Madison G. Boswell
,
Alan J. Michaels
.
secdev 2022
:
67-68
[doi]
How Do Developers Follow Security-Relevant Best Practices When Using NPM Packages?
Md Mahir Asef Kabir
,
Ying Wang
,
Danfeng Yao
,
Na Meng 0001
.
secdev 2022
:
77-83
[doi]
Tutorial: Threat Modeling of Cloud-based Solutions
Lotfi Ben Othmane
,
Heinrich Gantenbein
,
Hasan Yasar
,
Simone Curzi
,
Altaz Valani
,
Arun Prabhakar
,
Robert Cuddy
.
secdev 2022
:
5-6
[doi]
Framework to Assess Policy Driven Security Misconfiguration Risks in Cloud Native Application
Kanchanjot Kaur Phokela
,
Kapil Singi
,
Kuntal Dey
,
Vikrant Kaulgud
,
Adam P. Burden
.
secdev 2022
:
63-64
[doi]
How far are German companies in improving security through static program analysis tools?
Goran Piskachev
,
Stefan Dziwok
,
Thorsten Koch
,
Sven Merschjohann
,
Eric Bodden
.
secdev 2022
:
7-15
[doi]
Uncovering Product Vulnerabilities with Threat Knowledge Graphs
Zhenpeng Shi
,
Nikolay Matyunin
,
Kalman Graffi
,
David Starobinski
.
secdev 2022
:
84-90
[doi]
From Lemons to Peaches: Improving Security ROI through Security Chaos Engineering
Kelly Shortridge
.
secdev 2022
:
59-60
[doi]
Industrial Strength Static Detection for Cryptographic API Misuses
Ya Xiao
,
Yang Zhao
,
Nicholas Allen
,
Nathan Keynes
,
Danfeng Yao
,
Cristina Cifuentes
.
secdev 2022
:
61-62
[doi]
2021
Tutorial: Making C Programs Safer with Checked C
Jie Zhou 0022
,
Michael Hicks 0001
,
Yudi Yang
,
John Criswell
.
secdev 2021
:
13-14
[doi]
IEEE Secure Development Conference, SecDev 2021, Atlanta, GA, USA, October 18-20, 2021
IEEE,
2021.
[doi]
Tutorial: Investigating Advanced Exploits for System Security Assurance
Salman Ahmed
,
Long Cheng 0005
,
Hans Liljestrand
,
N. Asokan
,
Danfeng Daphne Yao
.
secdev 2021
:
3-4
[doi]
Analyzing OpenAPI Specifications for Security Design Issues
Carmen Cheh
,
Binbin Chen
.
secdev 2021
:
15-22
[doi]
Developers Are Neither Enemies Nor Users: They Are Collaborators
Partha Das Chowdhury
,
Joseph Hallett
,
Nikhil Patnaik
,
Mohammad Tahaei
,
Awais Rashid
.
secdev 2021
:
47-55
[doi]
Layered Formal Verification of a TCP Stack
Guillaume Cluzel
,
Kyriakos Georgiou
,
Yannick Moy
,
Clément Zeller
.
secdev 2021
:
86-93
[doi]
Tutorial: LLVM for Security Practitioners
John Criswell
,
Ethan Johnson
,
Colin Pronovost
.
secdev 2021
:
9-10
[doi]
Compressing Network Attack Surfaces for Practical Security Analysis
Douglas Everson
,
Long Cheng 0005
.
secdev 2021
:
23-29
[doi]
Android Remote Unlocking Service using Synthetic Password: A Hardware Security-preserving Approach
Sungmin Lee
,
Yoonkyo Jung
,
JaeHyun Lee
,
Byoungyoung Lee
,
Ted "Taekyoung" Kwon
.
secdev 2021
:
63-70
[doi]
Tutorial: A Lightweight Web Application for Software Vulnerability Demonstration
David Lee
,
Brandon Steed
,
Yi Liu
,
Onyeka Ezenwoye
.
secdev 2021
:
5-6
[doi]
Towards Zero Trust: An Experience Report
Jason Lowdermilk
,
Simha Sethumadhavan
.
secdev 2021
:
79-85
[doi]
Tutorial: Sandboxing (unsafe) C code with RLBox
Shravan Narayan
,
Craig Disselkoen
,
Deian Stefan
.
secdev 2021
:
11-12
[doi]
Enclave-Based Secure Programming with JE
Aditya Oak
,
Amir M. Ahmadian
,
Musard Balliu
,
Guido Salvaneschi
.
secdev 2021
:
71-78
[doi]
Shhh!: 12 Practices for Secret Management in Infrastructure as Code
Akond Rahman
,
Farhat Lamia Barsha
,
Patrick Morrison
.
secdev 2021
:
56-62
[doi]
Towards Improving Container Security by Preventing Runtime Escapes
Michael Reeves
,
Dave Jing Tian
,
Antonio Bianchi
,
Z. Berkay Celik
.
secdev 2021
:
38-46
[doi]
Tutorial: The Correctness-by-Construction Approach to Programming Using CorC
Ina Schaefer
,
Tobias Runge
,
Loek Cleophas
,
Bruce W. Watson
.
secdev 2021
:
1-2
[doi]
Automated Threat Analysis and Management in a Continuous Integration Pipeline
Laurens Sion
,
Dimitri Van Landuyt
,
Koen Yskout
,
Stef Verreydt
,
Wouter Joosen
.
secdev 2021
:
30-37
[doi]
Hands-on Tutorial: How Exploitable is Insecure C Code?
David Svoboda
.
secdev 2021
:
7-8
[doi]
Vivienne: Relational Verification of Cryptographic Implementations in WebAssembly
Rodothea-Myrsini Tsoupidi
,
Musard Balliu
,
Benoit Baudry
.
secdev 2021
:
94-102
[doi]
2020
IEEE Secure Development, SecDev 2020, Atlanta, GA, USA, September 28-30, 2020
IEEE,
2020.
[doi]
Cybersecurity Deception Experimentation System
Jaime C. Acosta
,
Anjon Basak
,
Christopher Kiekintveld
,
Nandi Leslie
,
Charles A. Kamhoua
.
secdev 2020
:
34-40
[doi]
A Secure Code Review Retrospective
Andrew Buttner
,
Richard Piazza
,
Rushi Purohit
,
Alec Summers
.
secdev 2020
:
31-32
[doi]
Tutorial: LLVM for Security Practitioners
John Criswell
.
secdev 2020
:
1
[doi]
Refactoring the FreeBSD Kernel with Checked C
Junhan Duan
,
Yudi Yang
,
Jie Zhou
,
John Criswell
.
secdev 2020
:
15-22
[doi]
Network Attack Surface Simplification for Red and Blue Teams
Douglas Everson
,
Long Cheng
.
secdev 2020
:
74-80
[doi]
Fuzzing Binaries for Memory Safety Errors with QASan
Andrea Fioraldi
,
Daniele Cono D'Elia
,
Leonardo Querzoni
.
secdev 2020
:
23-30
[doi]
Active Deception Framework: An Extensible Development Environment for Adaptive Cyber Deception
Md Mazharul Islam
,
Ehab Al-Shaer
.
secdev 2020
:
41-48
[doi]
Coding Practices and Recommendations of Spring Security for Enterprise Applications
Mazharul Islam
,
Sazzadur Rahaman
,
Na Meng
,
Behnaz Hassanshahi
,
Padmanabhan Krishnan
,
Danfeng Daphne Yao
.
secdev 2020
:
49-57
[doi]
ReViCe: Reusing Victim Cache to Prevent Speculative Cache Leakage
Sungkeun Kim
,
Farabi Mahmud
,
Jiayi Huang 0001
,
Pritam Majumder
,
Neophytos Christou
,
Abdullah Muzahid
,
Chia-che Tsai
,
Eun Jung Kim 0001
.
secdev 2020
:
96-107
[doi]
Analysis of Blockchain Smart Contracts: Techniques and Insights
Shinhae Kim
,
Sukyoung Ryu
.
secdev 2020
:
65-73
[doi]
Tutorial: Static Analysis at Scale with Muse
Stephen Magill
,
Thomas Dubuisson
.
secdev 2020
:
4
[doi]
REMIND: A Framework for the Resilient Design of Automotive Systems
Thomas Rosenstatter
,
Kim Strandberg
,
Rodi Jolak
,
Riccardo Scandariato
,
Tomas Olovsson
.
secdev 2020
:
81-95
[doi]
XI Commandments of Kubernetes Security: A Systematization of Knowledge Related to Kubernetes Security Practices
Md. Shazibul Islam Shamim
,
Farzana Ahamed Bhuiyan
,
Akond Rahman
.
secdev 2020
:
58-64
[doi]
Fast Execute-Only Memory for Embedded Systems
Zhuojia Shen
,
Komail Dharsee
,
John Criswell
.
secdev 2020
:
7-14
[doi]
Symbolic Testing for C and Rust
Aaron Tomb
,
Stuart Pernsteiner
,
Mike Dodds
.
secdev 2020
:
33
[doi]
Tutorial: Principles and Practices of Secure Cryptographic Coding in Java
Ya Xiao
,
Miles Frantz
,
Sharmin Afrose
,
Sazzadur Rahaman
,
Danfeng Daphne Yao
.
secdev 2020
:
5-6
[doi]
Tutorial: Detecting Memory Vulnerabilities in the Components of System Code using PROMPT
Tuba Yavuz
,
Ken Yihang Bai
.
secdev 2020
:
2-3
[doi]
2019
2019 IEEE Cybersecurity Development, SecDev 2019, Tysons Corner, VA, USA, September 23-25, 2019
IEEE,
2019.
[doi]
CryptoAPI-Bench: A Comprehensive Benchmark on Java Cryptographic API Misuses
Sharmin Afrose
,
Sazzadur Rahaman
,
Danfeng Yao
.
secdev 2019
:
49-61
[doi]
Tutorial: Deploying Secure Multi-Party Computation on the Web Using JIFF
Kinan Dak Albab
,
Rawane Issa
,
Andrei Lapets
,
Peter Flockhart
,
Lucy Qin
,
Ira Globus-Harris
.
secdev 2019
:
3
[doi]
Using Rules Engine in the Automation of System Security Review
Abdulrahman A. Alnaim
.
secdev 2019
:
142
[doi]
Tutorial: A Practical Introduction to Formal Development and Verification of High-Assurance Software with SPARK
Benjamin M. Brosgol
,
Claire Dross
,
Yannick Moy
.
secdev 2019
:
1-2
[doi]
With Great Abstraction Comes Great Responsibility: Sealing the Microservices Attack Surface
Chien-An Chen
.
secdev 2019
:
144
[doi]
Polymorphic Relaxed Noninterference
Raimil Cruz
,
Éric Tanter
.
secdev 2019
:
101-113
[doi]
Development Cycle Estimation Modeling
Samuel Denard
,
Susan Mengel
,
Atila Ertas
,
Stephen Ekwaro-Osire
.
secdev 2019
:
146
[doi]
OpenOSC: Open Source Object Size Checking Library With Built-in Metrics
Yongkui Han
,
Pankil Shah
,
Van Nguyen
,
Ling Ma
,
Richard Livingston
.
secdev 2019
:
143
[doi]
Role-Based Ecosystem for the Design, Development, and Deployment of Secure Multi-Party Data Analytics Applications
Andrei Lapets
,
Kinan Dak Albab
,
Rawane Issa
,
Lucy Qin
,
Mayank Varia
,
Azer Bestavros
,
Frederick Jansen
.
secdev 2019
:
129-140
[doi]
Compositional Testing of Internet Protocols
Kenneth L. McMillan
,
Lenore D. Zuck
.
secdev 2019
:
161-174
[doi]
System-Level Framework for Logic Obfuscation with Quantified Metrics for Evaluation
Vivek V. Menon
,
Gaurav Kolhe
,
Andrew G. Schmidt
,
Joshua S. Monson
,
Matthew French
,
Yinghua Hu
,
Peter A. Beerel
,
Pierluigi Nuzzo
.
secdev 2019
:
89-100
[doi]
Effective Static Analysis Enforcement in Complex Cloud Native Dockerized Systems
Abhishek Pathak
,
Kaarthik Sivakumar
,
Jin Sheng
,
Anlu Yan
,
Mazhar Haque
.
secdev 2019
:
141
[doi]
Multi-Cluster Visualization and Live Reporting of Static Analysis Security Testing (SAST) Warnings
Abhishek Pathak
,
Kaarthik Sivakumar
,
Mazhar Haque
,
Prasanna Ganesan
.
secdev 2019
:
145
[doi]
Downright: A Framework and Toolchain for Privilege Handling
Remo Schweizer
,
Stephan Neuhaus
.
secdev 2019
:
76-88
[doi]
Self-Authenticating Traditional Domain Names
Paul Syverson
,
Matthew Traudt
.
secdev 2019
:
147-160
[doi]
Start Your ENGINEs: Dynamically Loadable Contemporary Crypto
Nicola Tuveri
,
Billy Bob Brumley
.
secdev 2019
:
4-19
[doi]
Detecting Callback Related Deep Vulnerabilities in Linux Device Drivers
Tuba Yavuz
.
secdev 2019
:
62-75
[doi]
Sign in
or
sign up
to see more results.