English
Related papers

Related papers: Learning to Catch Security Patches

200 papers

Patching is a common activity in software development. It is generally performed on a source code base to address bugs or add new functionalities. In this context, given the recurrence of bugs across projects, the associated similar patches…

Software Engineering · Computer Science 2023-05-05 Anil Koyuncu , Kui Liu , Tegawendé F. Bissyandé , Dongsun Kim , Jacques Klein , Martin Monperrus , Yves Le Traon

Several studies have shown that automated support for different activities of the security patch management process has great potential for reducing delays in installing security patches. However, it is also important to understand how…

Software Engineering · Computer Science 2022-09-07 Nesara Dissanayake , Asangi Jayatilaka , Mansooreh Zahedi , Muhammad Ali Babar

The Log4j-Core vulnerability, known as Log4Shell, exposed significant challenges to dependency management in software ecosystems. When a critical vulnerability is disclosed, it is imperative that dependent packages quickly adopt patched…

We address contextualized code retrieval, the search for code snippets helpful to fill gaps in a partial input program. Our approach facilitates a large-scale self-supervised contrastive training by splitting source code randomly into…

Software Engineering · Computer Science 2022-04-26 Johannes Villmow , Viola Campos , Adrian Ulges , Ulrich Schwanecke

Automated program repair is a problem of finding a transformation (called a patch) of a given incorrect program that eliminates the observable failures. It has important applications such as providing debugging aids, automatically grading…

Software Engineering · Computer Science 2017-07-18 Sergey Mechtaev , Xiang Gao , Shin Hwei Tan , Abhik Roychoudhury

Test-based automated program repair has been a prolific field of research in software engineering in the last decade. Many approaches have indeed been proposed, which leverage test suites as a weak, but affordable, approximation to program…

Automated program repair (APR) aims to fix software bugs automatically without human debugging efforts and plays a crucial role in software development and maintenance. Despite promising, APR is still challenged by a long-standing…

Software Engineering · Computer Science 2024-01-17 Quanjun Zhang , Chunrong Fang , Weisong Sun , Yan Liu , Tieke He , Xiaodong Hao , Zhenyu Chen

Automated program repair (APR) aims to fix software bugs automatically and plays a crucial role in software development and maintenance. With the recent advances in deep learning (DL), an increasing number of APR techniques have been…

Software Engineering · Computer Science 2023-11-02 Quanjun Zhang , Chunrong Fang , Yuxiang Ma , Weisong Sun , Zhenyu Chen

This work proposes PatchNet, an automated tool based on hierarchical deep learning for classifying patches by extracting features from commit messages and code changes. PatchNet contains a deep hierarchical structure that mirrors the…

Software Engineering · Computer Science 2019-03-27 Thong Hoang , Julia Lawall , Richard J. Oentaryo , Yuan Tian , David Lo

Contact tracing is an effective tool in controlling the spread of infectious diseases such as COVID-19. It involves digital monitoring and recording of physical proximity between people over time with a central and trusted authority, so…

Cryptography and Security · Computer Science 2023-03-13 Craig Gotsman , Kai Hormann

Background: Security regressions are vulnerabilities introduced in a previously unaffected software system. They often happen as a result of source code changes (e.g., a bug fix) and can have severe effects. Aims: To increase the…

Software Engineering · Computer Science 2022-07-06 Larissa Braz , Enrico Fregnan , Vivek Arora , Alberto Bacchelli

Today's Web of Data is noisy. Linked Data often needs extensive preprocessing to enable efficient use of heterogeneous resources. While consistent and valid data provides the key to efficient data processing and aggregation we are facing…

Information Retrieval · Computer Science 2012-04-13 Magnus Knuth , Johannes Hercher , Harald Sack

Advanced Persistent Threats (APTs) pose a significant security risk to organizations and industries. These attacks often lead to severe data breaches and compromise the system for a long time. Mitigating these sophisticated attacks is…

Cryptography and Security · Computer Science 2025-08-04 Ehsan Hallaji , Roozbeh Razavi-Far , Mehrdad Saif

A hot fix is an unplanned improvement to a specific time-critical issue deployed to a software system in production. While hot fixing is an essential and common activity in software maintenance, it has never been surveyed as a research…

Software Engineering · Computer Science 2024-05-17 Carol Hanna , David Clark , Federica Sarro , Justyna Petke

The increased adoption of smart contracts in many industries has made them an attractive target for cybercriminals, leading to millions of dollars in losses. Thus, deploying smart contracts with detected vulnerabilities (known to…

Software Engineering · Computer Science 2023-07-25 Pengcheng , Peng , Yun , Qingzhao , Tao , Dawn , Prateek , Sanjeev , Zhuotao , Xusheng

It is widely recognized that program repair tools need to have a high precision to be useful, i.e., the generated patches need to have a high probability to be correct. However, it is fundamentally difficult to ensure the correctness of the…

Software Engineering · Computer Science 2020-04-28 Jingjing Liang , Ruyi Ji , Jiajun Jiang , Yiling Lou , Yingfei Xiong , Gang Huang

The number of vulnerabilities reported in open source software has increased substantially in recent years. Security patches provide the necessary measures to protect software from attacks and vulnerabilities. In practice, it is difficult…

Software Engineering · Computer Science 2024-01-17 Zhiyuan Pan , Xing Hu , Xin Xia , Xian Zhan , David Lo , Xiaohu Yang

Runtime software patching aims to minimize or eliminate service downtime, user interruptions and potential data losses while deploying a patch. Due to modern software systems' high variance and heterogeneity, no universal solutions are…

Software Engineering · Computer Science 2023-02-23 Chadni Islam , Victor Prokhorenko , M. Ali Babar

Web applications continue to be a favorite target for hackers due to a combination of wide adoption and rapid deployment cycles, which often lead to the introduction of high impact vulnerabilities. Static analysis tools are important to…

Cryptography and Security · Computer Science 2022-01-19 Ibéria Medeiros , Nuno Neves , Miguel Correia

As cyber threats continue to evolve and diversify, it has become increasingly challenging to identify the root causes of security breaches that occur between periodic security assessments. This paper explores the fundamental importance of…

Cryptography and Security · Computer Science 2024-12-24 Prakhar Paliwal , Arjun Sable , Manjesh K. Hanawal
‹ Prev 1 4 5 6 7 8 10 Next ›