English
Related papers

Related papers: VulDeeLocator: A Deep Learning-based Fine-grained …

200 papers

Applying security patches in open source software timely is critical for ensuring the security of downstream applications. However, it is challenging to apply these patches promptly because notifications of patches are often incomplete and…

Cryptography and Security · Computer Science 2024-06-11 Tianyu Chen , Lin Li , Taotao Qian , Jingyi Liu , Wei Yang , Ding Li , Guangtai Liang , Qianxiang Wang , Tao Xie

Detecting software vulnerabilities is critical to ensuring the security and reliability of modern computer systems. Deep neural networks have shown promising results on vulnerability detection, but they lack the capability to capture global…

Cryptography and Security · Computer Science 2026-04-02 Sameer Shaik , Zhen Huang , Daniela Stan Raicu , Jacob Furst

Open-source AI libraries are foundational to modern AI systems, yet they present significant, underexamined risks spanning security, licensing, maintenance, supply chain integrity, and regulatory compliance. We introduce LibVulnWatch, a…

Cryptography and Security · Computer Science 2025-07-01 Zekun Wu , Seonglae Cho , Umar Mohammed , Cristian Munoz , Kleyton Costa , Xin Guan , Theo King , Ze Wang , Emre Kazim , Adriano Koshiyama

Vulnerability detection is crucial to protect software security. Nowadays, deep learning (DL) is the most promising technique to automate this detection task, leveraging its superior ability to extract patterns and representations within…

Software Engineering · Computer Science 2026-02-13 Yuejun Guo , Qiang Hu , Qiang Tang , Yves Le Traon

Deep learning (DL) techniques are on the rise in the software engineering research community. More and more approaches have been developed on top of DL models, also due to the unprecedented amount of software-related data that can be used…

Software Engineering · Computer Science 2021-03-23 Alejandro Mazuera-Rozo , Anamaria Mojica-Hanke , Mario Linares-Vásquez , Gabriele Bavota

To address security vulnerabilities arising from third-party libraries, security researchers maintain databases monitoring and curating vulnerability reports. Application developers can identify vulnerable libraries by directly querying the…

Cryptography and Security · Computer Science 2023-11-20 Tianyu Chen , Lin Li , Bingjie Shan , Guangtai Liang , Ding Li , Qianxiang Wang , Tao Xie

Software security vulnerabilities allow attackers to perform malicious activities to disrupt software operations. Recent Transformer-based language models have significantly advanced vulnerability detection, surpassing the capabilities of…

Cryptography and Security · Computer Science 2024-06-11 Aidan Z. H. Yang , Haoye Tian , He Ye , Ruben Martins , Claire Le Goues

Recognizing vulnerabilities in stripped binary files presents a significant challenge in software security. Although some progress has been made in generating human-readable information from decompiled binary files with Large Language…

Cryptography and Security · Computer Science 2025-05-29 Nasir Hussain , Haohan Chen , Chanh Tran , Philip Huang , Zhuohao Li , Pravir Chugh , William Chen , Ashish Kundu , Yuan Tian

The advances of deep learning (DL) have paved the way for automatic software vulnerability repair approaches, which effectively learn the mapping from the vulnerable code to the fixed code. Nevertheless, existing DL-based vulnerability…

Software Engineering · Computer Science 2024-03-13 Xin Zhou , Kisub Kim , Bowen Xu , DongGyun Han , David Lo

The impact of software vulnerabilities on everyday software systems is significant. Despite deep learning models being proposed for vulnerability detection, their reliability is questionable. Prior evaluations show high recall/F1 scores of…

Software Engineering · Computer Science 2024-07-04 Partha Chakraborty , Krishna Kanth Arumugam , Mahmoud Alfadel , Meiyappan Nagappan , Shane McIntosh

Software vulnerabilities are a serious and crucial concern. Typically, in a program or function consisting of hundreds or thousands of source code statements, there are only a few statements causing the corresponding vulnerabilities. Most…

Cryptography and Security · Computer Science 2024-06-13 Van Nguyen , Trung Le , Chakkrit Tantithamthavorn , Michael Fu , John Grundy , Hung Nguyen , Seyit Camtepe , Paul Quirk , Dinh Phung

Deep Learning (DL) has emerged as a powerful tool for vulnerability detection, often outperforming traditional solutions. However, developing effective DL models requires large amounts of real-world data, which can be difficult to obtain in…

The utilization of third-party open-source libraries is widespread in modern software development. Due to the dependency relationships, vulnerabilities within open-source libraries pose significant security threats to downstream software.…

Software Engineering · Computer Science 2026-05-07 Liyou Chen , Hailong Sun , Xiang Gao , Lin Shi , Yixin Yang , Yi Xu

The problem of malicious software (malware) detection and classification is a complex task, and there is no perfect approach. There is still a lot of work to be done. Unlike most other research areas, standard benchmarks are difficult to…

Cryptography and Security · Computer Science 2024-07-30 Ahmed Bensaoud , Jugal Kalita , Mahmoud Bensaoud

The identification of vulnerabilities is a continuous challenge in software projects. This is due to the evolution of methods that attackers employ as well as the constant updates to the software, which reveal additional issues. As a…

Cryptography and Security · Computer Science 2023-09-19 Irdin Pekaric , Michael Felderer , Philipp Steinmüller

Although LLMs have shown promising potential in vulnerability detection, this study reveals their limitations in distinguishing between vulnerable and similar-but-benign patched code (only 0.06 - 0.14 accuracy). It shows that LLMs struggle…

Software Engineering · Computer Science 2025-06-18 Xueying Du , Geng Zheng , Kaixin Wang , Yi Zou , Yujia Wang , Wentai Deng , Jiayi Feng , Mingwei Liu , Bihuan Chen , Xin Peng , Tao Ma , Yiling Lou

The increasing reliance on software in various applications has made the problem of software vulnerability detection more critical. Software vulnerabilities can lead to security breaches, data theft, and other negative outcomes. Traditional…

Software Engineering · Computer Science 2025-12-16 Saadh Jawwadh , Guhanathan Poravi

The pervasive nature of software vulnerabilities has emerged as a primary factor for the surge in cyberattacks. Traditional vulnerability detection methods, including rule-based, signature-based, manual review, static, and dynamic analysis,…

Software Engineering · Computer Science 2025-03-07 Md Nizam Uddin , Yihe Zhang , Xiali Hei

Automatically locating vulnerable statements in source code is crucial to assure software security and alleviate developers' debugging efforts. This becomes even more important in today's software ecosystem, where vulnerable code can flow…

Software Engineering · Computer Science 2022-01-14 Yangruibo Ding , Sahil Suneja , Yunhui Zheng , Jim Laredo , Alessandro Morari , Gail Kaiser , Baishakhi Ray

The art of finding software vulnerabilities has been covered extensively in the literature and there is a huge body of work on this topic. In contrast, the intentional insertion of exploitable, security-critical bugs has received little…

Cryptography and Security · Computer Science 2020-07-07 Jannik Pewny , Thorsten Holz