English
Related papers

Related papers: Predicting Vulnerability In Large Codebases With D…

200 papers

In this paper, we present a novel approach to improving software quality and efficiency through a Large Language Model (LLM)-based model designed to review code and identify potential issues. Our proposed LLM-based AI agent model is trained…

Software security vulnerabilities can lead to severe consequences, making early detection essential. Although code review serves as a critical defense mechanism against security flaws, relevant feedback remains scarce due to limited…

Software Engineering · Computer Science 2026-01-06 Zixiao Zhao , Yanjie Jiang , Hui Liu , Kui Liu , Lu Zhang

Context: The IoT system infrastructure platform facility vulnerability attack has become the main battlefield of network security attacks. Most of the traditional vulnerability mining methods rely on vulnerability detection tools to realize…

Cryptography and Security · Computer Science 2022-12-06 Wen Zhou

Large Language Models (LLMs) can generate code but often introduce security vulnerabilities, logical inconsistencies, and compilation errors. Prior work demonstrates that LLMs benefit substantially from structured feedback, static analysis,…

Cryptography and Security · Computer Science 2026-01-05 Vidyut Sriram , Sawan Pandita , Achintya Lakshmanan , Aneesh Shamraj , Suman Saha

Recently, there has been a growing interest in automatic software vulnerability detection. Pre-trained model-based approaches have demonstrated superior performance than other Deep Learning (DL)-based approaches in detecting…

Software Engineering · Computer Science 2024-03-29 Xin-Cheng Wen , Cuiyun Gao , Shuzheng Gao , Yang Xiao , Michael R. Lyu

The prevalence of security vulnerabilities has prompted companies to adopt static application security testing (SAST) tools for vulnerability detection. Nevertheless, these tools frequently exhibit usability limitations, as their generic…

Static Analysis (SA) tools are used to identify potential weaknesses in code and fix them in advance, while the code is being developed. In legacy codebases with high complexity, these rules-based static analysis tools generally report a…

Modern web dashboards and enterprise applications increasingly rely on complex, distributed microservices architectures. While these architectures offer scalability, they introduce significant challenges in debugging and observability. When…

Software Engineering · Computer Science 2026-02-18 Devendra Tata , Mona Rajhans

Automated program repair (APR) attempts to generate correct patches and has drawn wide attention from both academia and industry in the past decades. However, APR is continuously struggling with the patch overfitting issue due to the weak…

Software Engineering · Computer Science 2026-04-07 Quanjun Zhang , Haichuan Hu , Chunrong Fang , Ye Shang , Tao Zheng , Zhenyu Chen , Yun Yang , Liang Xiao

Modern software systems are developed in diverse programming languages and often harbor critical vulnerabilities that attackers can exploit to compromise security. These vulnerabilities have been actively targeted in real-world attacks,…

Cryptography and Security · Computer Science 2025-03-27 Zhuoyun Qian , Fangtian Zhong , Qin Hu , Yili Jiang , Jiaqi Huang , Mengfei Ren , Jiguo Yu

The source code suggestions provided by current IDEs are mostly dependent on static type learning. These suggestions often end up proposing irrelevant suggestions for a peculiar context. Recently, deep learning-based approaches have shown…

Neural and Evolutionary Computing · Computer Science 2020-07-15 Yasir Hussain , Zhiqiu Huang , Yu Zhou , Senzhang Wang

This paper presents an evaluation of the code representation model Code2vec when trained on the task of detecting security vulnerabilities in C source code. We leverage the open-source library astminer to extract path-contexts from the…

Cryptography and Security · Computer Science 2021-06-04 David Coimbra , Sofia Reis , Rui Abreu , Corina Păsăreanu , Hakan Erdogmus

Open Source Software (OSS) security and resilience are worldwide phenomena hampering economic and technological innovation. OSS vulnerabilities can cause unauthorized access, data breaches, network disruptions, and privacy violations,…

Software Engineering · Computer Science 2024-01-17 Nafis Tanveer Islam , Gonzalo De La Torre Parra , Dylan Manual , Murtuza Jadliwala , Peyman Najafirad

The detection of software vulnerabilities (or vulnerabilities for short) is an important problem that has yet to be tackled, as manifested by the many vulnerabilities reported on a daily basis. This calls for machine learning methods for…

Machine Learning · Computer Science 2021-01-27 Zhen Li , Deqing Zou , Shouhuai Xu , Hai Jin , Yawei Zhu , Zhaoxuan Chen

Static bug detection tools help developers detect problems in the code, including bad programming practices and potential defects. Recent efforts to integrate static bug detectors in modern software development workflows, such as in code…

Software Engineering · Computer Science 2024-01-24 Junjie Li , Jinqiu Yang

Software vulnerabilities in source code pose serious cybersecurity risks, prompting a shift from traditional detection methods (e.g., static analysis, rule-based matching) to AI-driven approaches. This study presents a systematic review of…

Software Engineering · Computer Science 2025-06-13 Samiha Shimmi , Hamed Okhravi , Mona Rahimi

Dynamic code, i.e., code that is created or modified at runtime, is ubiquitous in today's world. The behavior of dynamic code can depend on the logic of the dynamic code generator in subtle and non-obvious ways, with significant security…

Cryptography and Security · Computer Science 2019-10-31 Jesse Bartels , Jon Stephens , Saumya Debray

Providing feedback is an integral part of teaching. Most open online courses on programming make use of automated grading systems to support programming assignments and give real-time feedback. These systems usually rely on test results to…

Software Engineering · Computer Science 2019-05-30 Rahul Gupta , Aditya Kanade , Shirish Shevade

In recent times, it has been shown that one can use code as data to aid various applications such as automatic commit message generation, automatic generation of pull request descriptions and automatic program repair. Take for instance the…

Machine Learning · Computer Science 2021-06-14 Syed Arbaaz Qureshi , Sonu Mehta , Ranjita Bhagwan , Rahul Kumar

In Computer Science (CS) education, understanding factors contributing to students' programming difficulties is crucial for effective learning support. By identifying specific issues students face, educators can provide targeted assistance…