English
Related papers

Related papers: Predicting Missing Information of Key Aspects in V…

200 papers

Software Engineering researchers are increasingly using Natural Language Processing (NLP) techniques to automate Software Vulnerabilities (SVs) assessment using the descriptions in public repositories. However, the existing NLP-based…

Software Engineering · Computer Science 2021-03-23 Triet H. M. Le , Bushra Sabir , M. Ali Babar

Software vulnerability detection (SVD) is a critical challenge in modern systems. Large language models (LLMs) offer natural-language explanations alongside predictions, but most work focuses on binary evaluation, and explanations often…

Software Engineering · Computer Science 2026-02-12 Samal Mukhtar , Yinghua Yao , Zhu Sun , Mustafa Mustafa , Yew Soon Ong , Youcheng Sun

Security assessment relies on public information about products, vulnerabilities, and weaknesses. So far, databases in these categories have rarely been analyzed in combination. Yet, doing so could help predict unreported vulnerabilities…

Cryptography and Security · Computer Science 2024-02-13 Zhenpeng Shi , Nikolay Matyunin , Kalman Graffi , David Starobinski

Software security mainly studies vulnerability detection: is my code vulnerable today? This hinders risk estimation, so new approaches are emerging to forecast the occurrence of future vulnerabilities. While useful, these approaches are…

Software Engineering · Computer Science 2024-11-19 Carlos E. Budde , Ranindya Paramitha , Fabio Massacci

Many studies have developed Machine Learning (ML) approaches to detect Software Vulnerabilities (SVs) in functions and fine-grained code statements that cause such SVs. However, there is little work on leveraging such detection outputs for…

Software Engineering · Computer Science 2022-03-17 Triet H. M. Le , M. Ali Babar

The lack of reliable sources of detailed information on the vulnerabilities of open-source software (OSS) components is a major obstacle to maintaining a secure software supply chain and an effective vulnerability management process.…

Cryptography and Security · Computer Science 2025-03-18 Antonino Sabetta , Michele Bezzi

For vulnerabilities, Proof-of-Concept (PoC) plays an irreplaceable role in demonstrating the exploitability. PoC reports may include critical information such as specific usage, test platforms, and more, providing essential insights for…

Cryptography and Security · Computer Science 2025-08-26 Lingxiao Wang , Wenjing Dang , Mengyao Zhang , Yue Wang , Xianzong Wu , Sen Chen

Software vulnerabilities (SVs) have emerged as a prevalent and critical concern for safety-critical security systems. This has spurred significant advancements in utilizing AI-based methods, including machine learning and deep learning, for…

Software Engineering · Computer Science 2025-10-07 Van Nguyen , Surya Nepal , Tingmin Wu , Xingliang Yuan , Carsten Rudolph

Industrial components are of high importance because they control critical infrastructures that form the lifeline of modern societies. However, the rapid evolution of industrial components, together with the new paradigm of Industry 4.0,…

Cryptography and Security · Computer Science 2022-03-16 Ángel Longueira-Romero , Rosa Iglesias , Jose Luis Flores , Iñaki Garitano

Although LLMs have shown promising potential in vulnerability detection, this study reveals their limitations in distinguishing between vulnerable and similar-but-benign patched code (only 0.06 - 0.14 accuracy). It shows that LLMs struggle…

Software Engineering · Computer Science 2025-06-18 Xueying Du , Geng Zheng , Kaixin Wang , Yi Zou , Yujia Wang , Wentai Deng , Jiayi Feng , Mingwei Liu , Bihuan Chen , Xin Peng , Tao Ma , Yiling Lou

When a new computer security vulnerability is publicly disclosed, only a textual description of it is available. Cybersecurity experts later provide an analysis of the severity of the vulnerability using the Common Vulnerability Scoring…

Computation and Language · Computer Science 2021-11-17 Mustafizur Shahid , Hervé Debar

Common Vulnerability and Exposure (CVE) records are fundamental to cybersecurity, offering unique identifiers for publicly known software and system vulnerabilities. Each CVE is typically assigned a Common Vulnerability Scoring System…

Cryptography and Security · Computer Science 2025-04-16 Francesco Marchiori , Denis Donadel , Mauro Conti

The Proof-of-Concept (PoC) for a vulnerability is crucial in validating its existence, mitigating false positives, and illustrating the severity of the security threat it poses. However, research on PoCs significantly lags behind studies…

Software Engineering · Computer Science 2025-10-22 Wenjing Dang , Kaixuan Li , Sen Chen , Zhenwei Zhuo , Lyuye Zhang , Zheli Liu

Software security is crucial in any field where breaches can exploit sensitive data, and lead to financial losses. As a result, vulnerability detection becomes an essential part of the software development process. One of the key steps in…

Software Engineering · Computer Science 2024-12-03 Md. Fahim Sultan , Tasmin Karim , Md. Shazzad Hossain Shaon , Mohammad Wardat , Mst Shapna Akter

Advancing our understanding of software vulnerabilities, automating their identification, the analysis of their impact, and ultimately their mitigation is necessary to enable the development of software that is more secure. While operating…

Software Engineering · Computer Science 2025-03-18 Serena E. Ponta , Henrik Plate , Antonino Sabetta , Michele Bezzi , Cédric Dangremont

The increasing complexity of modern software systems has led to a rise in vulnerabilities that malicious actors can exploit. Traditional methods of vulnerability detection, such as static and dynamic analysis, have limitations in…

Software Engineering · Computer Science 2025-04-01 Amanpreet Singh Saimbhi

In software, a vulnerability is a defect in a program that attackers might utilize to acquire unauthorized access, alter system functions, and acquire information. These vulnerabilities arise from programming faults, design flaws, incorrect…

Software Engineering · Computer Science 2024-11-28 Md. Fahim Sultan , Tasmin Karim , Md. Shazzad Hossain Shaon , Mohammad Wardat , Mst Shapna Akter

Understanding software vulnerabilities and their resolutions is crucial for securing modern software systems. This study presents a novel traceability model that links a pair of sentences describing at least one of the three types of…

Software Engineering · Computer Science 2025-03-17 Amiao Gao , Zenong Zhang , Simin Wang , Liguo Huang , Shiyi Wei , Vincent Ng

The software build process transforms source code into deployable artifacts, representing a critical yet vulnerable stage in software development. Build infrastructure security poses unique challenges: the complexity of multi-component…

Threat analysis is continuously growing in importance due to the always-increasing complexity and frequency of cyber attacks. Analyzing threats demands significant effort from security experts: different cybersecurity knowledge bases…

Cryptography and Security · Computer Science 2026-01-13 Andrea Ciavotta , Alessandro Palma , Simone Lenti , Silvia Bonomi
‹ Prev 1 3 4 5 6 7 10 Next ›