English
Related papers

Related papers: Localizing Patch Points From One Exploit

200 papers

Bug localization, which is used to help programmers identify the location of bugs in source code, is an essential task in software development. Researchers have already made efforts to harness the powerful deep learning (DL) techniques to…

Software Engineering · Computer Science 2023-06-09 Zhuo Li , Huangzhao Zhang , Zhi Jin , Ge Li

Code flaws or vulnerabilities are prevalent in software systems and can potentially cause a variety of problems including deadlock, information loss, or system failure. A variety of approaches have been developed to try and detect the most…

Software Engineering · Computer Science 2017-08-09 Hoa Khanh Dam , Truyen Tran , Trang Pham , Shien Wee Ng , John Grundy , Aditya Ghose

Software patches are pivotal in refining and evolving codebases, addressing bugs, vulnerabilities, and optimizations. Patch descriptions provide detailed accounts of changes, aiding comprehension and collaboration among developers. However,…

Software Engineering · Computer Science 2024-09-30 Thanh Trong Vu , Tuan-Dung Bui , Thanh-Dat Do , Thu-Trang Nguyen , Hieu Dinh Vo , Son Nguyen

Automatically locating a bug within a large codebase remains a significant challenge for developers. Existing techniques often struggle with generalizability and deployment due to their reliance on application-specific data and large model…

Software Engineering · Computer Science 2024-07-04 Mahinthan Chandramohan , Dai Quoc Nguyen , Padmanabhan Krishnan , Jovan Jancic

Trojanized software packages used in software supply chain attacks constitute an emerging threat. Unfortunately, there is still a lack of scalable approaches that allow automated and timely detection of malicious software packages and thus…

Cryptography and Security · Computer Science 2021-03-22 Marc Ohm , Lukas Kempf , Felix Boes , Michael Meier

Linux kernel vulnerability reproduction is a critical task in system security. To reproduce a kernel vulnerability, the vulnerable environment and the Proof of Concept (PoC) program are needed. Most existing research focuses on the…

Cryptography and Security · Computer Science 2024-09-25 Bonan Ruan , Jiahao Liu , Chuqi Zhang , Zhenkai Liang

Automatic program repair (APR) has recently gained attention because it proposes to fix software defects with no human intervention. To automatically fix defects, most APR tools use the developer-written tests to (a) localize the defect,…

Software Engineering · Computer Science 2021-04-19 Manish Motwani

To address the extremely concerning problem of software vulnerability, system security is often entrusted to Machine Learning (ML) algorithms. Despite their now established detection capabilities, such models are limited by design to…

Machine Learning · Computer Science 2025-10-14 Marco Pintore , Giorgio Piras , Angelo Sotgiu , Maura Pintor , Battista Biggio

Is it possible to patch software bugs in P4 programs without human involvement? We show that this is partially possible in many cases due to advances in software testing and the structure of P4 programs. Our insight is that runtime…

Software Engineering · Computer Science 2020-04-28 Apoorv Shukla , Kevin Hudemann , Zsolt Vági , Lily Hügerich , Georgios Smaragdakis , Stefan Schmid , Artur Hecker , Anja Feldmann

Timely and effective vulnerability patching is essential for cybersecurity defense, for which various approaches have been proposed yet still struggle to generate valid and correct patches for real-world vulnerabilities. In this paper, we…

Cryptography and Security · Computer Science 2025-04-04 Yu Nong , Haoran Yang , Long Cheng , Hongxin Hu , Haipeng Cai

We propose a novel approach to improving software security called Cryptographic Path Hardening, which is aimed at hiding security vulnerabilities in software from attackers through the use of provably secure and obfuscated cryptographic…

Software Engineering · Computer Science 2012-02-03 Vijay Ganesh , Michael Carbin , Martin Rinard

Accurately assessing software vulnerabilities is essential for effective prioritization and remediation. While various scoring systems exist to support this task, their differing goals, methodologies and outputs often lead to inconsistent…

Cryptography and Security · Computer Science 2025-08-20 Viktoria Koscinski , Mark Nelson , Ahmet Okutan , Robert Falso , Mehdi Mirakhorli

To fix a software bug, you must first find it. As software grows in size and complexity, finding bugs is becoming harder. To solve this problem, measures have been developed to rank lines of code according to their "suspiciousness" wrt…

Software Engineering · Computer Science 2018-10-02 David Landsberg , Earl Barr

A widespread belief in the blockchain security community is that automated techniques are only good for detecting shallow bugs, typically of small value. In this paper, we present the techniques and insights that have led us to repeatable…

Debugging is difficult. Recent studies show that automatic bug localization techniques have limited usefulness. One of the reasons is that programmers typically have to understand why the program fails before fixing it. In this work, we aim…

Software Engineering · Computer Science 2019-11-22 Jun Sun , Long H. Pham , Lyly Tran Thi , Jingyi Wang , Xin Peng

Bug localization aims to reduce debugging time by recommending program elements that are relevant for a specific bug report. To date, researchers have primarily addressed this problem by applying different information retrieval techniques…

Software Engineering · Computer Science 2022-03-08 Agnieszka Ciborowska , Michael J. Decker , Kostadin Damevski

Security patches are essential for enhancing the stability and robustness of projects in the software community. While vulnerabilities are officially expected to be patched before being disclosed, patching vulnerabilities is complicated and…

Cryptography and Security · Computer Science 2024-08-19 Ziyou Jiang , Lin Shi , Guowei Yang , Qing Wang

The relentless process of tracking and remediating vulnerabilities is a top concern for cybersecurity professionals. The key challenge is trying to identify a remediation scheme specific to in-house, organizational objectives. Without a…

Cryptography and Security · Computer Science 2024-06-11 Corren McCoy , Ross Gore , Michael L. Nelson , Michele C. Weigle

Despite its massive popularity as a programming language, especially in novel domains like data science programs, there is comparatively little research about fault localization that targets Python. Even though it is plausible that several…

Software Engineering · Computer Science 2024-10-03 Mohammad Rezaalipour , Carlo A. Furia

Discovering vulnerabilities in applications of real-world complexity is a daunting task: a vulnerability may affect a single line of code, and yet it compromises the security of the entire application. Even worse, vulnerabilities may…

Cryptography and Security · Computer Science 2020-12-10 Gabriele Costa , Andrea Valenza
‹ Prev 1 4 5 6 7 8 10 Next ›