English
Related papers

Related papers: Survey of Methods for Automated Code-Reuse Exploit…

200 papers

Recent advances in large language models (LLMs) have significantly improved automated code generation. While existing approaches have achieved strong performance at the function and file levels, real-world software engineering requires…

Software Engineering · Computer Science 2026-05-21 Yicheng Tao , Yuante Li , Yao Qin , Yepang Liu

Security vulnerabilities present in a code that has been written in diverse programming languages are among the most critical yet complicated aspects of source code to detect. Static analysis tools based on rule-based patterns usually do…

Cryptography and Security · Computer Science 2025-08-19 Hael Abdulhakim Ali Humran , Ferdi Sonmez

Mainstream software applications and tools are the configurable platforms with an enormous number of parameters along with their values. Certain settings and possible interactions between these parameters may harden (or soften) the security…

Software Engineering · Computer Science 2020-06-17 Shuvalaxmi Dass , Akbar Siami Namin

Control-flow attacks, usually achieved by exploiting a buffer-overflow vulnerability, have been a serious threat to system security for over fifteen years. Researchers have answered the threat with various mitigation techniques, but…

Cryptography and Security · Computer Science 2015-04-10 Andreas Follner , Eric Bodden

The security of AI-generated code remains a major obstacle to its widespread adoption. Although code generation models achieve strong performance on functional benchmarks, their outputs frequently contain bugs and security weaknesses that…

Software Engineering · Computer Science 2026-05-08 Ali Soltanian Fard Jahromi , Amjed Tahir , Peng Liang , Foutse Khomh

The prevalence of cryptographic API misuse (CAM) is compromising the effectiveness of cryptography and in turn the security of modern systems and applications. Despite extensive efforts to develop CAM detection tools, these tools typically…

Cryptography and Security · Computer Science 2025-09-16 Yang Zhang , Wenyi Ouyang , Yi Zhang , Liang Cheng , Chen Wu , Wenxin Hu

Neural language models are increasingly deployed into APIs and websites that allow a user to pass in a prompt and receive generated text. Many of these systems do not reveal generation parameters. In this paper, we present methods to…

Machine Learning · Computer Science 2023-09-12 Daphne Ippolito , Nicholas Carlini , Katherine Lee , Milad Nasr , Yun William Yu

Reproducible builds are a set of software development practices that establish an independently verifiable path from source code to binary artifacts, helping to detect and mitigate certain classes of supply chain attacks. Although quantum…

Quantum Physics · Physics 2025-10-03 Iyán Méndez Veiga , Esther Hänggi

Return Oriented Programming (ROP) is a technique by which an attacker can induce arbitrary behavior inside a vulnerable program without injecting a malicious code. The continues failure of the currently deployed defenses against ROP has…

Cryptography and Security · Computer Science 2020-05-26 Ammari Nader , Joan Calvet , Jose M. Fernandez

Regenerating codes are a class of codes for distributed storage networks that provide reliability and availability of data, and also perform efficient node repair. Another important aspect of a distributed storage network is its security.…

Information Theory · Computer Science 2015-03-19 Nihar B. Shah , K. V. Rashmi , P. Vijay Kumar

Memory corruption is a serious class of software vulnerabilities, which requires careful attention to be detected and removed from applications before getting exploited and harming the system users. Symbolic execution is a well-known method…

Cryptography and Security · Computer Science 2025-09-16 Sara Baradaran , Mahdi Heidari , Ali Kamali , Maryam Mouzarani

This paper presents results from the MSR 2021 Hackathon. Our team investigates files/projects that contain known security vulnerabilities and how widespread they are throughout repositories in open source software. These security…

Software Engineering · Computer Science 2021-03-24 David Reid , Kalvin Eng , Chris Bogart , Adam Tutko

While language models (LMs) have proven remarkably adept at generating code, many programs are challenging for LMs to generate using their parametric knowledge alone. Providing external contexts such as library documentation can facilitate…

Software Engineering · Computer Science 2025-02-28 Zora Zhiruo Wang , Akari Asai , Xinyan Velocity Yu , Frank F. Xu , Yiqing Xie , Graham Neubig , Daniel Fried

This paper presents a framework that selectively triggers security reviews for incoming source code changes. Functioning as a review bot within a code review service, the framework can automatically request additional security reviews at…

Cryptography and Security · Computer Science 2024-05-28 Keun Soo Yim

One of the most significant challenges in the field of software code auditing is the presence of vulnerabilities in software source code. Every year, more and more software flaws are discovered, either internally in proprietary code or…

Cryptography and Security · Computer Science 2023-06-16 Mst Shapna Akter , Hossain Shahriar , Juan Rodriguez Cardenas , Sheikh Iqbal Ahamed , Alfredo Cuzzocrea

As a direct cause of software defects, human error is the key to understanding and identifying defects. We propose a new code inspection method: targeted code inspection based on human error mechanisms of software engineers. Based on the…

Software Engineering · Computer Science 2022-02-07 Fuqun Huang , Henrique Madeira

Code reuse is common in modern software development, but it can also spread vulnerabilities when developers unknowingly copy risky code. The code fragments that preserve the logic of known vulnerabilities are known as vulnerable code clones…

Users around the world rely on software-intensive systems in their day-to-day activities. These systems regularly contain bugs and security vulnerabilities. To facilitate bug fixing, data-driven models of automatic program repair use pairs…

Software Engineering · Computer Science 2022-02-08 Anastasiia Grishina

Context: AI code generators are revolutionizing code writing and software development, but their training on large datasets, including potentially untrusted source code, raises security concerns. Furthermore, these generators can produce…

Software Engineering · Computer Science 2024-09-04 Domenico Cotroneo , Roberta De Luca , Pietro Liguori

Large language models (LLMs) have achieved remarkable progress in code generation, yet their potential for software protection remains largely untapped. Reverse engineering continues to threaten software security, while traditional virtual…

Computation and Language · Computer Science 2026-01-29 Mingqiao Mo , Yunlong Tan , Hao Zhang , Heng Zhang , Yangfan He
‹ Prev 1 3 4 5 6 7 10 Next ›