English
Related papers

Related papers: Sound Patch Generation for Vulnerabilities

200 papers

With the increasing usage of open-source software (OSS) components, vulnerabilities embedded within them are propagated to a huge number of underlying applications. In practice, the timely application of security patches in downstream…

Cryptography and Security · Computer Science 2023-01-09 Xinda Wang , Shu Wang , Pengbin Feng , Kun Sun , Sushil Jajodia , Sanae Benchaaboun , Frank Geck

Bug fixing is generally a manually-intensive task. However, recent work has proposed the idea of automated program repair, which aims to repair (at least a subset of) bugs in different ways such as code mutation, etc. Following in the same…

Software Engineering · Computer Science 2019-07-05 Hideaki Hata , Emad Shihab , Graham Neubig

Security vulnerabilities in software packages are a significant concern for developers and users alike. Patching these vulnerabilities in a timely manner is crucial to restoring the integrity and security of software systems. However,…

Cryptography and Security · Computer Science 2025-09-30 Deniz Simsek , Aryaz Eghbali , Michael Pradel

Open-source software vulnerability patch detection is a critical component for maintaining software security and ensuring software supply chain integrity. Traditional manual detection methods face significant scalability challenges when…

Software Engineering · Computer Science 2025-09-30 Haoran Xu , Chen Zhi , Junxiao Han , Xinkui Zhao , Jianwei Yin , Shuiguang Deng

Large Language Models (LLMs) have demonstrated remarkable capabilities in code generation, but their proficiency in producing secure code remains a critical, under-explored area. Existing benchmarks often fall short by relying on synthetic…

Cryptography and Security · Computer Science 2026-02-02 Yanlin Wang , Ziyao Zhang , Chong Wang , Xinyi Xu , Mingwei Liu , Yong Wang , Jiachi Chen , Zibin Zheng

Speech synthesis technology has brought great convenience, while the widespread usage of realistic deepfake audio has triggered hazards. Malicious adversaries may unauthorizedly collect victims' speeches and clone a similar voice for…

Sound · Computer Science 2025-04-15 Zhisheng Zhang , Derui Wang , Qianyi Yang , Pengyang Huang , Junhan Pu , Yuxin Cao , Kai Ye , Jie Hao , Yixian Yang

The growth of open-source software has increased the risk of hidden vulnerabilities that can affect downstream software applications. This concern is further exacerbated by software vendors' practice of silently releasing security patches…

Software Engineering · Computer Science 2023-08-30 Xunzhu Tang , zhenghan Chen , Saad Ezzini , Haoye Tian , Yewei Song , Jacques Klein , Tegawende F. Bissyande

Rigorous security-focused evaluation of large language model (LLM) agents is imperative for establishing trust in their safe deployment throughout the software development lifecycle. However, existing benchmarks largely rely on synthetic…

Machine Learning · Computer Science 2025-10-23 Hwiwon Lee , Ziqi Zhang , Hanxiao Lu , Lingming Zhang

Software vulnerabilities affect all businesses and research is being done to avoid, detect or repair them. In this article, we contribute a new technique for automatic vulnerability fixing. We present a system that uses the rich software…

Software Engineering · Computer Science 2019-12-09 Zimin Chen , Steve Kommrusch , Martin Monperrus

Large language models (LLMs) are increasingly used in software development, yet their tendency to generate insecure code remains a major barrier to real-world deployment. Existing secure code alignment methods often suffer from a…

Cryptography and Security · Computer Science 2026-02-10 Tianyi Wu , Mingzhe Du , Yue Liu , Chengran Yang , Terry Yue Zhuo , Jiaheng Zhang , See-Kiong Ng

Purpose: In the field of vulnerability repair, previous research has leveraged pretrained models and LLM-based prompt engineering, among which LLM-based approaches show better generalizability and achieve the best performance. However, the…

Software Engineering · Computer Science 2025-12-23 Ruoke Wang , Zongjie Li , Cuiyun Gao , Chaozheng Wang , Yang Xiao , Xuan Wang

The exploit or the Proof of Concept of the vulnerability plays an important role in developing superior vulnerability repair techniques, as it can be used as an oracle to verify the correctness of the patches generated by the tools.…

Identifying the root cause of a bug remains difficult for many developers because bug reports often lack a bug reproducing test case that reliably triggers the failure. Manually writing such test cases is time-consuming and requires…

Software Engineering · Computer Science 2026-03-10 Zhiwei Fei , Yue Pan , Federica Sarro , Jidong Ge , Marc Liu , Vincent Ng , He Ye

Automatic patch generation can significantly reduce the window of exposure after a vulnerability is disclosed. Towards this goal, a long-standing problem has been that of patch localization: to find a program point at which a patch can be…

Cryptography and Security · Computer Science 2020-08-12 Shiqi Shen , Aashish Kolluri , Zhen Dong , Prateek Saxena , Abhik Roychoudhury

Security patches are essential for enhancing the stability and robustness of projects in the software community. While vulnerabilities are officially expected to be patched before being disclosed, patching vulnerabilities is complicated and…

Cryptography and Security · Computer Science 2024-08-19 Ziyou Jiang , Lin Shi , Guowei Yang , Qing Wang

Software plays a crucial role in our daily lives, and therefore the quality and security of software systems have become increasingly important. However, vulnerabilities in software still pose a significant threat, as they can have serious…

Software Engineering · Computer Science 2023-09-18 Chaozheng Wang , Zongjie Li , Yun Peng , Shuzheng Gao , Sirong Chen , Shuai Wang , Cuiyun Gao , Michael R. Lyu

Software patches are pivotal in refining and evolving codebases, addressing bugs, vulnerabilities, and optimizations. Patch descriptions provide detailed accounts of changes, aiding comprehension and collaboration among developers. However,…

Software Engineering · Computer Science 2024-09-30 Thanh Trong Vu , Tuan-Dung Bui , Thanh-Dat Do , Thu-Trang Nguyen , Hieu Dinh Vo , Son Nguyen

Bug fixing holds significant importance in software development and maintenance. Recent research has made substantial strides in exploring the potential of large language models (LLMs) for automatically resolving software bugs. However, a…

Software Engineering · Computer Science 2025-02-18 Yuwei Zhang , Zhi Jin , Ying Xing , Ge Li , Fang Liu , Jiaxin Zhu , Wensheng Dou , Jun Wei

Web applications continue to be a favorite target for hackers due to a combination of wide adoption and rapid deployment cycles, which often lead to the introduction of high impact vulnerabilities. Static analysis tools are important to…

Cryptography and Security · Computer Science 2022-01-19 Ibéria Medeiros , Nuno Neves , Miguel Correia

Accompanying the successes of learning-based defensive software vulnerability analyses is the lack of large and quality sets of labeled vulnerable program samples, which impedes further advancement of those defenses. Existing automated…

Software Engineering · Computer Science 2024-01-08 Yu Nong , Richard Fang , Guangbei Yi , Kunsong Zhao , Xiapu Luo , Feng Chen , Haipeng Cai
‹ Prev 1 2 3 10 Next ›