English
Related papers

Related papers: Learning to Catch Security Patches

200 papers

The presence of software vulnerabilities is an ever-growing issue in software development. In most cases, it is desirable to detect vulnerabilities as early as possible, preferably in a just-in-time manner, when the vulnerable piece is…

Software Engineering · Computer Science 2023-03-30 Tamás Aladics , Péter Hegedűs , Rudolf Ferenc

Currently used semantic parsing systems deployed in voice assistants can require weeks to train. Datasets for these models often receive small and frequent updates, data patches. Each patch requires training a new model. To reduce training…

Computation and Language · Computer Science 2021-03-23 Vladislav Lialin , Rahul Goel , Andrey Simanovsky , Anna Rumshisky , Rushin Shah

With the growing processing power of computing systems and the increasing availability of massive datasets, machine learning algorithms have led to major breakthroughs in many different areas. This development has influenced computer…

Machine Learning models from other fields, like Computational Linguistics, have been transplanted to Software Engineering tasks, often quite successfully. Yet a transplanted model's initial success at a given task does not necessarily mean…

Software Engineering · Computer Science 2020-09-02 Yangruibo Ding , Baishakhi Ray , Premkumar Devanbu , Vincent J. Hellendoorn

Motivated by the success of general-purpose large language models (LLMs) in software patching, recent works started to train specialized patching models. Most works trained one model to handle the end-to-end patching pipeline (including…

Artificial Intelligence · Computer Science 2025-11-27 Yuheng Tang , Hongwei Li , Kaijie Zhu , Michael Yang , Yangruibo Ding , Wenbo Guo

In the field of automated program repair, the redundancy assumption claims large programs contain the seeds of their own repair. However, most redundancy-based program repair techniques do not reason about the repair ingredients---the code…

Software Engineering · Computer Science 2023-10-13 Martin White , Michele Tufano , Matias Martinez , Martin Monperrus , Denys Poshyvanyk

Port scanning is the process of attempting to connect to various network ports on a computing endpoint to determine which ports are open and which services are running on them. It is a common method used by hackers to identify…

Cryptography and Security · Computer Science 2023-02-21 Jason M. Pittman

High-quality and large-scale repositories of real bugs and their concise patches collected from real-world applications are critical for research in software engineering community. In such a repository, each real bug is explicitly…

Software Engineering · Computer Science 2021-03-02 Yanjie Jiang , Hui Liu , Nan Niu , Lu Zhang , Yamin Hu

Previous research on code intelligence usually trains a deep learning model on a fixed dataset in an offline manner. However, in real-world scenarios, new code repositories emerge incessantly, and the carried new knowledge is beneficial for…

Software Engineering · Computer Science 2023-02-08 Shuzheng Gao , Hongyu Zhang , Cuiyun Gao , Chaozheng Wang

Software vulnerabilities pose significant risks to computer systems, impacting our daily lives, productivity, and even our health. Identifying and addressing security vulnerabilities in a timely manner is crucial to prevent hacking and data…

Cryptography and Security · Computer Science 2023-08-01 Jin Wang , Zishan Huang , Hui Xiao , Yinhao Xiao

The increasing reliance of software projects on third-party libraries has raised concerns about the security of these libraries due to hidden vulnerabilities. Managing these vulnerabilities is challenging due to the time gap between fixes…

Software Engineering · Computer Science 2023-09-06 Son Nguyen , Thanh Trong Vu , Hieu Dinh Vo

Open-Source Projects and Libraries are being used in software development while also bearing multiple security vulnerabilities. This use of third party ecosystem creates a new kind of attack surface for a product in development. An…

Software Engineering · Computer Science 2018-08-15 Lorenzo Neil , Sudip Mittal , Anupam Joshi

With the ever-increasing popularity of blockchain applications, securing blockchain networks plays a critical role in these cyber systems. In this paper, we first study cyberattacks (e.g., flooding of transactions, brute pass) in blockchain…

Cryptography and Security · Computer Science 2024-07-08 Tran Viet Khoa , Do Hai Son , Dinh Thai Hoang , Nguyen Linh Trung , Tran Thi Thuy Quynh , Diep N. Nguyen , Nguyen Viet Ha , Eryk Dutkiewicz

Just-in-time defect prediction assigns a defect risk to each new change to a software repository in order to prioritize review and testing efforts. Over the last decades different approaches were proposed in literature to craft more…

Software Engineering · Computer Science 2022-09-29 Peter Bludau , Alexander Pretschner

Patch-based attacks introduce a perceptible but localized change to the input that induces misclassification. A limitation of current patch-based black-box attacks is that they perform poorly for targeted attacks, and even for the less…

Computer Vision and Pattern Recognition · Computer Science 2020-07-21 Chenglin Yang , Adam Kortylewski , Cihang Xie , Yinzhi Cao , Alan Yuille

Software security is becoming a high priority for both large companies and start-ups alike due to the increasing potential for harm that vulnerabilities and breaches carry with them. However, attaining robust security assurance while…

Software Engineering · Computer Science 2019-08-06 David N. Palacio , Daniel McCrystal , Kevin Moran , Carlos Bernal-Cárdenas , Denys Poshyvanyk , Chris Shenefiel

Secure by Design has become the mainstream development approach ensuring that software systems are not vulnerable to cyberattacks. Architectural security controls need to be carefully monitored over the software development life cycle to…

Software Engineering · Computer Science 2023-07-13 Ahmet Okutan , Ali Shokri , Viktoria Koscinski , Mohamad Fazelinia , Mehdi Mirakhorli

Port scanning is the process of attempting to connect to various network ports on a computing endpoint to determine which ports are open and which services are running on them. It is a common method used by hackers to identify…

Cryptography and Security · Computer Science 2023-02-01 Jason M. Pittman

Due to increasingly complex software design and rapid iterative development, code defects and security vulnerabilities are prevalent in modern software. In response, programmers rely on static analysis tools to regularly scan their…

Software Engineering · Computer Science 2022-03-21 Anant Kharkar , Roshanak Zilouchian Moghaddam , Matthew Jin , Xiaoyu Liu , Xin Shi , Colin Clement , Neel Sundaresan

In today's digital landscape, the importance of timely and accurate vulnerability detection has significantly increased. This paper presents a novel approach that leverages transformer-based models and machine learning techniques to…

Software Engineering · Computer Science 2025-01-10 Daniele Cipollone , Changjie Wang , Mariano Scazzariello , Simone Ferlin , Maliheh Izadi , Dejan Kostic , Marco Chiesa