English
Related papers

Related papers: Localizing Patch Points From One Exploit

200 papers

The development of machine learning techniques for discovering software vulnerabilities relies fundamentally on the availability of appropriate datasets. The ideal dataset consists of a large and diverse collection of real-world…

Cryptography and Security · Computer Science 2025-04-29 Sima Arasteh , Georgios Nikitopoulos , Wei-Cheng Wu , Nicolaas Weideman , Aaron Portnoy , Mukund Raghothaman , Christophe Hauser

Security vulnerabilities are among the most critical software defects in existence. As such, they require patches that are correct and quickly deployed. This motivates an automatic patch generation method that emphasizes both soundness and…

Cryptography and Security · Computer Science 2018-06-13 Zhen Huang , David Lie

Software vulnerabilities continue to grow in volume and remain difficult to detect in practice. Although learning-based vulnerability detection has progressed, existing benchmarks are largely function-centric and fail to capture realistic,…

Software Engineering · Computer Science 2026-03-19 Amine Lbath

Automated Program Repair (APR) techniques have drawn wide attention from both academia and industry. Meanwhile, one main limitation with the current state-of-the-art APR tools is that patches passing all the original tests are not…

Software Engineering · Computer Science 2023-02-10 Jun Yang , Yuehan Wang , Yiling Lou , Ming Wen , Lingming Zhang

Web applications continue to be a favorite target for hackers due to a combination of wide adoption and rapid deployment cycles, which often lead to the introduction of high impact vulnerabilities. Static analysis tools are important to…

Cryptography and Security · Computer Science 2022-01-19 Ibéria Medeiros , Nuno Neves , Miguel Correia

Code cloning is a common practice in software development, but it poses significant security risks by propagating vulnerabilities across cloned segments. To address this challenge, we introduce srcVul, a scalable, precise detection approach…

Software Engineering · Computer Science 2025-05-06 Hakam Alomari , Christopher Vendome , Hilal Gyawali

Thousands of security vulnerabilities are discovered in production software each year, either reported publicly to the Common Vulnerabilities and Exposures database or discovered internally in proprietary code. Vulnerabilities often…

Today, software systems have a significant role in various domains among which are healthcare, entertainment, transport and logistics, and many more. It is only natural that with this increasing dependency on software, the number of…

Software Engineering · Computer Science 2022-12-23 Filip Zamfirov

Software Fault Localization refers to the activity of finding code elements (e.g., statements) that are related to a software failure. The state-of-the-art fault localization techniques, however, produce coarse-grained results that can…

Software Engineering · Computer Science 2021-11-16 Shangwen Wang , Kui Liu , Bo Lin , Li Li , Jacques Klein , Xiaoguang Mao , Tegawendé F. Bissyandé

Context: Contemporary code review tools are a popular choice for software quality assurance. Using these tools, reviewers are able to post a linkage between two patches during a review discussion. Large development teams that use a…

Software Engineering · Computer Science 2021-06-07 Dong Wang , Raula Gaikovina Kula , Takashi Ishio , Kenichi Matsumoto

The art of finding software vulnerabilities has been covered extensively in the literature and there is a huge body of work on this topic. In contrast, the intentional insertion of exploitable, security-critical bugs has received little…

Cryptography and Security · Computer Science 2020-07-07 Jannik Pewny , Thorsten Holz

The quantity and quality of vulnerability datasets are essential for developing deep learning solutions to vulnerability-related tasks. Due to the limited availability of vulnerabilities, a common approach to building such datasets is…

Cryptography and Security · Computer Science 2025-06-12 Zeyu Gao , Junlin Zhou , Bolun Zhang , Yi He , Chao Zhang , Yuxin Cui , Hao Wang

Automated Program Repair (APR) techniques typically rely on a given test-suite to guide the repair process. Apart from the need to provide test oracles, this makes the produced patches prone to test data over-fitting. In this work, instead…

Software Engineering · Computer Science 2023-08-02 Yuntong Zhang , Andreea Costea , Ridwan Shariffdeen , Davin McCall , Abhik Roychoudhury

We present a study that characterizes the way developers use automatically generated patches when fixing software defects. Our study tasked two groups of developers with repairing defects in C programs. Both groups were provided with the…

Software Engineering · Computer Science 2019-11-26 José Pablo Cambronero , Jiasi Shen , Jürgen Cito , Elena Glassman , Martin Rinard

Many tools and libraries are readily available to build and operate distributed Web applications. While the setup of operational environments is comparatively easy, practice shows that their continuous secure operation is more difficult to…

Cryptography and Security · Computer Science 2012-07-13 Matteo Maria Casalino , Michele Mangili , Henrik Plate , Serena Elisa Ponta

Applying security patches in open source software timely is critical for ensuring the security of downstream applications. However, it is challenging to apply these patches promptly because notifications of patches are often incomplete and…

Cryptography and Security · Computer Science 2024-06-11 Tianyu Chen , Lin Li , Taotao Qian , Jingyi Liu , Wei Yang , Ding Li , Guangtai Liang , Qianxiang Wang , Tao Xie

Test-based automated program repair has been a prolific field of research in software engineering in the last decade. Many approaches have indeed been proposed, which leverage test suites as a weak, but affordable, approximation to program…

Software fault localization is one of the most expensive, tedious, and time-consuming activities in program debugging. This activity becomes even much more challenging in Software Product Line (SPL) systems due to variability of failures.…

Software Engineering · Computer Science 2021-09-22 Thu-Trang Nguyen , Kien-Tuan Ngo , Son Nguyen , Hieu Dinh Vo

Software testing is essential for the reliable development of complex software systems. A key step in software testing is fault localization, which uses test data to pinpoint failure-inducing combinations for further diagnosis. Existing…

Software Engineering · Computer Science 2026-03-30 Yi Ji , Simon Mak , Ryan Lekivetz , Joseph Morgan

Automated Program Repair (APR) techniques have shown more and more promising results in fixing real-world bugs. Despite the effectiveness, APR techniques still face an overfitting problem: a generated patch can be incorrect although it…

Software Engineering · Computer Science 2024-03-26 Xin Zhou , Bowen Xu , Kisub Kim , DongGyun Han , Thanh Le-Cong , Junda He , Bach Le , David Lo