English
Related papers

Related papers: Localizing Patch Points From One Exploit

200 papers

In this work, we investigate the practice of patch construction in the Linux kernel development, focusing on the differences between three patching processes: (1) patches crafted entirely manually to fix bugs, (2) those that are derived…

Software Engineering · Computer Science 2018-12-20 Anil Koyuncu , Tegawendé F. Bissyandé , Dongsun Kim , Jacques Klein , Martin Monperrus , Yves Le Traon

The existence of a security vulnerability in a system does not necessarily mean that it can be exploited. In this research, we introduce Autosploit -- an automated framework for evaluating the exploitability of vulnerabilities. Given a…

Cryptography and Security · Computer Science 2020-07-02 Noam Moscovich , Ron Bitton , Yakov Mallah , Masaki Inokuchi , Tomohiko Yagyu , Meir Kalech , Yuval Elovici , Asaf Shabtai

Software plays a crucial role in our daily lives, and therefore the quality and security of software systems have become increasingly important. However, vulnerabilities in software still pose a significant threat, as they can have serious…

Software Engineering · Computer Science 2023-09-18 Chaozheng Wang , Zongjie Li , Yun Peng , Shuzheng Gao , Sirong Chen , Shuai Wang , Cuiyun Gao , Michael R. Lyu

Fault localization is an imperative method in fault tolerance in a distributed environment that designs a blueprint for continuing the ongoing process even when one or many modules are non-functional. Visualizing a distributed environment…

Distributed, Parallel, and Cluster Computing · Computer Science 2021-09-24 Narayanaa S R , Sivaranjan M , Lekshmi R S

Software Composition Analysis (SCA) has become pivotal in addressing vulnerabilities inherent in software project dependencies. In particular, reachability analysis is increasingly used in Open-Source Software (OSS) projects to identify…

Software Engineering · Computer Science 2025-06-25 Lyuye Zhang , Jian Zhang , Kaixuan Li , Chong Wang , Chengwei Liu , Jiahui Wu , Sen Chen , Yaowen Zheng , Yang Liu

Computer-based systems have solved several domain problems, including industrial, military, education, and wearable. Nevertheless, such arrangements need high-quality software to guarantee security and safety as both are mandatory for…

Due to the difficulty of repairing defect, many research efforts have been devoted into automatic defect repair. Given a buggy program that fails some test cases, a typical automatic repair technique tries to modify the program to make all…

Software Engineering · Computer Science 2018-08-30 Yingfei Xiong , Jie Wang , Runfa Yan , Jiachen Zhang , Shi Han , Gang Huang , Lu Zhang

Large language models (LLMs) and their agentic frameworks are increasingly adopted to perform development tasks such as automated program repair (APR). While prior work has identified security risks in LLM-generated code, most have focused…

Cryptography and Security · Computer Science 2025-12-30 Amirali Sajadi , Kostadin Damevski , Preetha Chatterjee

Being able to accurately locate wireless devices, while guaranteeing high-level of security against spoofing attacks, benefits all participants in the localization chain (e.g., end users, network operators, and location service providers).…

Signal Processing · Electrical Eng. & Systems 2020-12-11 Marko Beko , Slavisa Tomic

Developers often build software on top of third-party libraries (Libs) to improve productivity, but these libraries may contain vulnerabilities that enable supply chain attacks. Existing tools detect vulnerable dependencies, yet developers…

Cryptography and Security · Computer Science 2026-03-31 Ying Zhang , Wenjia Song , Zhengjie Ji , Danfeng , Yao , Na Meng

High-quality datasets of real-world vulnerabilities are enormously valuable for downstream research in software security, but existing datasets are typically small, require extensive manual effort to update, and are missing crucial features…

The changesets (or patches) that fix open source software vulnerabilities form critical datasets for various machine learning security-enhancing applications, such as automated vulnerability patching and silent fix detection. These patch…

Software Engineering · Computer Science 2025-09-23 Hui Chen , Yunhua Zhao , Kostadin Damevski

Security updates create a short but important window in which defenders and attackers can compare vulnerable and patched software. Yet in many operational settings, the most accessible artifacts are binary packages rather than source…

Cryptography and Security · Computer Science 2026-05-08 Isaac David , Arthur Gervais

Fault localization is a practical research topic that helps developers identify code locations that might cause bugs in a program. Most existing fault localization techniques are designed for imperative programs (e.g., C and Java) and rely…

Software Engineering · Computer Science 2021-02-23 Guolong Zheng , ThanhVu Nguyen , Simón Gutiérrez Brida , Germán Regis , Marcelo F. Frias , Nazareno Aguirre , Hamid Bagheri

Map-based LiDAR localization, while widely used in autonomous systems, faces significant challenges in degraded environments due to lacking distinct geometric features. This paper introduces SuperLoc, a robust LiDAR localization package…

Robotics · Computer Science 2025-03-31 Shibo Zhao , Honghao Zhu , Yuanjun Gao , Beomsoo Kim , Yuheng Qiu , Aaron M. Johnson , Sebastian Scherer

Software vulnerabilities remain a significant risk factor in achieving security objectives within software development organizations. This is especially true where either proprietary or open-source software (OSS) is included in the…

Software Engineering · Computer Science 2025-09-23 James J. Cusick

Spectre v1 attacks pose a substantial threat to security-critical software, particularly cryptographic implementations. Existing software mitigations, however, often introduce excessive overhead by indiscriminately hardening instructions…

Cryptography and Security · Computer Science 2025-06-10 Yiming Zhu , Wenchao Huang , Yan Xiong

The paradigm shift of enabling extensive intercommunication between the Operational Technology (OT) and Information Technology (IT) devices allows vulnerabilities typical to the IT world to propagate to the OT side. Therefore, the security…

Cryptography and Security · Computer Science 2022-12-09 Prashant Hari Narayan Rajput , Constantine Doumanidis , Michail Maniatakos

The rapid expansion of software systems and the growing number of reported vulnerabilities have emphasized the importance of accurately identifying vulnerable code segments. Traditional methods for vulnerability localization, such as manual…

Cryptography and Security · Computer Science 2025-04-21 Yue Li , Xiao Li , Hao Wu , Yue Zhang , Xiuzhen Cheng , Yating Liu , Fengyuan Xu , Sheng Zhong

The lack of reliable sources of detailed information on the vulnerabilities of open-source software (OSS) components is a major obstacle to maintaining a secure software supply chain and an effective vulnerability management process.…

Cryptography and Security · Computer Science 2025-03-18 Antonino Sabetta , Michele Bezzi