English
Related papers

Related papers: Learning to Catch Security Patches

200 papers

Recently, object detection has proven vulnerable to adversarial patch attacks. The attackers holding a specially crafted patch can hide themselves from state-of-the-art detectors, e.g., YOLO, even in the physical world. This attack can…

Computer Vision and Pattern Recognition · Computer Science 2025-12-16 Jiachun Li , Jianan Feng , Jianjun Huang , Bin Liang

Automated Vulnerability Repair (AVR) systems, especially those leveraging large language models (LLMs), have demonstrated promising results in patching vulnerabilities -- that is, if we trust their patch validation methodology. Ground-truth…

Software Engineering · Computer Science 2026-03-23 Zheng Yu , Wenxuan Shi , Xinqian Sun , Zheyun Feng , Meng Xu , Xinyu Xing

State-of-the-art object detectors are vulnerable to localized patch hiding attacks, where an adversary introduces a small adversarial patch to make detectors miss the detection of salient objects. The patch attacker can carry out a…

Computer Vision and Pattern Recognition · Computer Science 2021-10-28 Chong Xiang , Prateek Mittal

Mutation testing has been widely accepted as an approach to guide test case generation or to assess the effectiveness of test suites. Empirical studies have shown that mutants are representative of real faults; yet they also indicated a…

Software Engineering · Computer Science 2019-07-31 Michele Tufano , Cody Watson , Gabriele Bavota , Massimiliano Di Penta , Martin White , Denys Poshyvanyk

Automatic program repair (APR) has recently gained attention because it proposes to fix software defects with no human intervention. To automatically fix defects, most APR tools use the developer-written tests to (a) localize the defect,…

Software Engineering · Computer Science 2021-04-19 Manish Motwani

We present a study that characterizes the way developers use automatically generated patches when fixing software defects. Our study tasked two groups of developers with repairing defects in C programs. Both groups were provided with the…

Software Engineering · Computer Science 2019-11-26 José Pablo Cambronero , Jiasi Shen , Jürgen Cito , Elena Glassman , Martin Rinard

We propose, BanditRepair, a system that systematically explores and assesses a set of possible runtime patches. The system is grounded on so-called bandit algorithms, that are online machine learning algorithms, designed for constantly…

Software Engineering · Computer Science 2016-03-25 Thomas Durieux , Youssef Hamadi , Martin Monperrus

Software, while beneficial, poses potential cybersecurity risks due to inherent vulnerabilities. Detecting these vulnerabilities is crucial, and deep learning has shown promise as an effective tool for this task due to its ability to…

Software Engineering · Computer Science 2024-01-17 Imam Nur Bani Yusuf , Lingxiao Jiang

In the very last years, cybersecurity attacks have increased at an unprecedented pace, becoming ever more sophisticated and costly. Their impact has involved both private/public companies and critical infrastructures. At the same time, due…

Cryptography and Security · Computer Science 2023-09-25 Filippo Sobrero , Beatrice Clavarezza , Daniele Ucci , Federica Bisio

Collaborative learning allows multiple clients to train a joint model without sharing their data with each other. Each client performs training locally and then submits the model updates to a central server for aggregation. Since the server…

Cryptography and Security · Computer Science 2020-03-11 Lingchen Zhao , Shengshan Hu , Qian Wang , Jianlin Jiang , Chao Shen , Xiangyang Luo , Pengfei Hu

Fault localization is a crucial step of automated program repair, because accurately identifying program locations that are most closely implicated with a fault greatly affects the effectiveness of the patching process. An ideal fault…

Software Engineering · Computer Science 2024-10-03 Tongtong Xu , Liushan Chen , Yu Pei , Tian Zhang , Minxue Pan , Carlo A. Furia

Packing is an obfuscation technique widely used by malware to hide the content and behavior of a program. Much prior research has explored how to detect whether a program is packed. This research includes a broad variety of approaches such…

Cryptography and Security · Computer Science 2021-05-04 Charles-Henry Bertrand Van Ouytsel , Thomas Given-Wilson , Jeremy Minet , Julian Roussieau , Axel Legay

Pointers are a powerful, but dangerous feature provided by the C and C++ programming languages, and incorrect use of pointers is a common source of bugs and security vulnerabilities. Making secure software is crucial, as vulnerabilities…

Formal Languages and Automata Theory · Computer Science 2024-11-01 Vlad-Alexandru Teodorescu , Dorel Lucanu

Cyber-physical systems (CPSs) are widespread in critical domains, and significant damage can be caused if an attacker is able to modify the code of their programmable logic controllers (PLCs). Unfortunately, traditional techniques for…

Cryptography and Security · Computer Science 2021-08-24 Yuqi Chen , Christopher M. Poskitt , Jun Sun

Reusing third-party libraries increases productivity and saves time and costs for developers. However, the downside is the presence of vulnerabilities in those libraries, which can lead to catastrophic outcomes. For instance, Apache Log4J…

Software Engineering · Computer Science 2024-11-20 Yi Wen Heng , Zeyang Ma , Haoxiang Zhang , Zhenhao Li , Tse-Hsun , Chen

Many damaging cybersecurity attacks are enabled when an attacker can access residual sensitive information (e.g. cryptographic keys, personal identifiers) left behind from earlier computation. Attackers can sometimes use residual…

Cryptography and Security · Computer Science 2021-06-21 Deborah Shands , Carolyn Talcott

Machine learning-based program analyses have recently shown the promise of integrating formal and probabilistic reasoning towards aiding software development. However, in the absence of large annotated corpora, training these analyses is…

Machine Learning · Computer Science 2021-11-17 Miltiadis Allamanis , Henry Jackson-Flux , Marc Brockschmidt

Cryptographic API misuses, such as exposed secrets, predictable random numbers, and vulnerable certificate verification, seriously threaten software security. The vision of automatically screening cryptographic API calls in massive-sized…

Cryptography and Security · Computer Science 2019-03-28 Sazzadur Rahaman , Ya Xiao , Sharmin Afrose , Fahad Shaon , Ke Tian , Miles Frantz , Danfeng , Yao , Murat Kantarcioglu

The utilization of third-party open-source libraries is widespread in modern software development. Due to the dependency relationships, vulnerabilities within open-source libraries pose significant security threats to downstream software.…

Software Engineering · Computer Science 2026-05-07 Liyou Chen , Hailong Sun , Xiang Gao , Lin Shi , Yixin Yang , Yi Xu

Generative code models (GCMs) significantly enhance development efficiency through automated code generation and code summarization. However, building and training these models require computational resources and time, necessitating…

Cryptography and Security · Computer Science 2025-07-01 Haoxuan Li , Jiale Zhang , Xiaobing Sun , Xiapu Luo
‹ Prev 1 8 9 10 Next ›