English
Related papers

Related papers: Localizing Patch Points From One Exploit

200 papers

Security practitioners maintain vulnerability reports (e.g., GitHub Advisory) to help developers mitigate security risks. An important task for these databases is automatically extracting structured information mentioned in the report,…

Cryptography and Security · Computer Science 2024-05-21 Tianyu Chen , Lin Li , Liuchuan Zhu , Zongyang Li , Xueqing Liu , Guangtai Liang , Qianxiang Wang , Tao Xie

Existing dynamic vulnerability patching techniques are not well-suited for embedded devices, especially mission-critical ones such as medical equipment, as they have limited computational power and memory but uninterrupted service…

Cryptography and Security · Computer Science 2025-09-15 Ming Zhou , Xupu Hu , Zhihao Wang , Haining Wang , Hui Wen , Limin Sun , Peng Zhang

Automated detection of software vulnerabilities is a fundamental problem in software security. Existing program analysis techniques either suffer from high false positives or false negatives. Recent progress in Deep Learning (DL) has…

Software Engineering · Computer Science 2020-09-16 Saikat Chakraborty , Rahul Krishna , Yangruibo Ding , Baishakhi Ray

In the open source software (OSS) ecosystem, there exists a complex software supply chain, where developers upstream and downstream widely borrow and reuse code. This results in the widespread occurrence of recurring defects, missing fixes,…

Cryptography and Security · Computer Science 2024-01-31 Fuwei Wang , Yongzhi Liu , Zhiqiang Dong

Real bug fixes found in open source repositories seem to be the perfect source for learning to localize and repair real bugs. However, the absence of large scale bug fix collections has made it difficult to effectively exploit real bug…

Software Engineering · Computer Science 2022-07-04 Cedric Richter , Heike Wehrheim

Port scanning is the process of attempting to connect to various network ports on a computing endpoint to determine which ports are open and which services are running on them. It is a common method used by hackers to identify…

Cryptography and Security · Computer Science 2023-02-21 Jason M. Pittman

This technical report introduces CyberLoc, an image-based visual localization pipeline for robust and accurate long-term pose estimation under challenging conditions. The proposed method comprises four modules connected in a sequence.…

Computer Vision and Pattern Recognition · Computer Science 2023-01-09 Liu Liu , Yukai Lin , Xiao Liang , Qichao Xu , Miao Jia , Yangdong Liu , Yuxiang Wen , Wei Luo , Jiangwei Li

Fault localization has been determined as a major resource factor in the software development life cycle. Academic fault localization techniques are mostly unknown and unused in professional environments. Although manual debugging…

Software Engineering · Computer Science 2021-03-04 Thomas Hirsch

Bug Localization is the process of locating potential error-prone files or methods from a given bug report and source code. There is extensive research on bug localization in the literature that focuses on applying information retrieval…

Software Engineering · Computer Science 2020-04-21 Sandeep Muvva , A Eashaan Rao , Sridhar Chimalakonda

Compilers are fundamental to modern software development, making the effective identification and resolution of compiler faults essential. However, localizing these faults to specific source files remains highly challenging due to the…

Software Engineering · Computer Science 2025-12-30 Qingyang Li , Yibiao Yang , Maolin Sun , Jiangchang Wu , Qingkai Shi , Yuming Zhou

Context: Fault localization (FL) is the key activity while debugging a program. Any improvement to this activity leads to significant improvement in total software development cost. There is an internal linkage between the program spectrum…

Software Engineering · Computer Science 2024-03-11 Saksham Sahai Srivastava , Arpita Dutta , Rajib Mall

Real-time embedded devices like medical or industrial devices are increasingly targeted by cyber-attacks. Prompt patching is crucial to mitigate the serious consequences of such attacks on these devices. Hotpatching is an approach to apply…

Cryptography and Security · Computer Science 2024-08-29 Mohsen Salehi , Karthik Pattabiraman

Although LLMs have shown promising potential in vulnerability detection, this study reveals their limitations in distinguishing between vulnerable and similar-but-benign patched code (only 0.06 - 0.14 accuracy). It shows that LLMs struggle…

Software Engineering · Computer Science 2025-06-18 Xueying Du , Geng Zheng , Kaixin Wang , Yi Zou , Yujia Wang , Wentai Deng , Jiayi Feng , Mingwei Liu , Bihuan Chen , Xin Peng , Tao Ma , Yiling Lou

Crash localization, an important step in debugging crashes, is challenging when dealing with an extremely large number of diverse applications and platforms and underlying root causes. Large-scale error reporting systems, e.g., Windows…

Software Engineering · Computer Science 2021-12-06 Manish Shetty , Chetan Bansal , Suman Nath , Sean Bowles , Henry Wang , Ozgur Arman , Siamak Ahari

Bugs are inescapable during software development due to frequent code changes, tight deadlines, etc.; therefore, it is important to have tools to find these errors. One way of performing bug identification is to analyze the characteristics…

Software Engineering · Computer Science 2020-06-19 Rudolf Ferenc , Péter Gyimesi , Gábor Gyimesi , Zoltán Tóth , Tibor Gyimóthy

Vulnerability detection plays a key role in secure software development. There are many different vulnerability detection tools and techniques to choose from, and insufficient information on which vulnerability detection techniques to use…

Software Engineering · Computer Science 2021-03-10 Sarah Elder

Global localization is a critical problem in autonomous navigation, enabling precise positioning without reliance on GPS. Modern global localization techniques often depend on dense LiDAR maps, which, while precise, require extensive…

Many applications have security vulnerabilities that can be exploited. It is practically impossible to find all of them due to the NP-complete nature of the testing problem. Security solutions provide defenses against these attacks through…

Cryptography and Security · Computer Science 2020-07-17 Fady Copty , Andre Kassis , Sharon Keidar-Barner , Dov Murik

Fuzz testing (fuzzing) is a well-known method for exposing bugs/vulnerabilities in software systems. Popular fuzzers, such as AFL, use a biased random search over the domain of program inputs, where 100s or 1000s of inputs (test cases) are…

Software Engineering · Computer Science 2023-08-02 Yuntong Zhang , Ridwan Shariffdeen , Gregory J. Duck , Jiaqi Tan , Abhik Roychoudhury

Open source software vulnerabilities pose significant security risks to downstream applications. While vulnerability databases provide valuable information for mitigation, many security patches are released silently in new commits of OSS…

Software Engineering · Computer Science 2025-03-27 Yiran Cheng , Ting Zhang , Lwin Khin Shar , Zhe Lang , David Lo , Shichao Lv , Dongliang Fang , Zhiqiang Shi , Limin Sun