English
Related papers

Related papers: Survey of Methods for Automated Code-Reuse Exploit…

200 papers

Software vulnerabilities often persist or re-emerge even after being fixed, revealing the complex interplay between code evolution and socio-technical factors. While source code metrics provide useful indicators of vulnerabilities, software…

Software Engineering · Computer Science 2026-01-21 Samiha Shimmi , Nicholas M. Synovic , Mona Rahimi , George K. Thiruvathukal

Code metamorphism refers to a computer programming exercise wherein the program modifies its own code (partial or entire) consistently and automatically while retaining its core functionality. This technique is often used for online…

Cryptography and Security · Computer Science 2024-11-05 Pooria Madani

Malware authors have always been at an advantage of being able to adversarially test and augment their malicious code, before deploying the payload, using anti-malware products at their disposal. The anti-malware developers and threat…

Machine Learning · Statistics 2018-07-31 Vineeth S. Bhaskara , Debanjan Bhattacharyya

The hallucination of code generation models hinders their applicability to systems requiring higher safety standards. One critical bottleneck in addressing code hallucination is the difficulty of identifying the functional correctness of…

Software Engineering · Computer Science 2025-10-27 Jaewoo Jeong , Taesoo Kim , Sangdon Park

CPUs provide isolation mechanisms like virtualization and privilege levels to protect software. Yet these focus on architectural isolation while typically overlooking microarchitectural side channels, exemplified by Meltdown and Foreshadow.…

Cryptography and Security · Computer Science 2025-07-09 Oleksii Oleksenko , Flavien Solt , Cédric Fournet , Jana Hofmann , Boris Köpf , Stavros Volos

Static analysis remains one of the most popular approaches for detecting and correcting poor or vulnerable program code. It involves the examination of code listings, test results, or other documentation to identify errors, violations of…

Artificial Intelligence · Computer Science 2021-08-27 Fitzroy D. Nembhard , Marco M. Carvalho

Automatically locating vulnerable statements in source code is crucial to assure software security and alleviate developers' debugging efforts. This becomes even more important in today's software ecosystem, where vulnerable code can flow…

Software Engineering · Computer Science 2022-01-14 Yangruibo Ding , Sahil Suneja , Yunhui Zheng , Jim Laredo , Alessandro Morari , Gail Kaiser , Baishakhi Ray

Large Language Models (LLMs) have demonstrated remarkable capabilities across various cybersecurity tasks, including vulnerability classification, detection, and patching. However, their potential in automated vulnerability report…

The automatic detection of software vulnerabilities is an important research problem. However, existing solutions to this problem rely on human experts to define features and often miss many vulnerabilities (i.e., incurring high false…

Cryptography and Security · Computer Science 2018-01-08 Zhen Li , Deqing Zou , Shouhuai Xu , Xinyu Ou , Hai Jin , Sujuan Wang , Zhijun Deng , Yuyi Zhong

Hardware intellectual property (IP) theft is a major issue in today's globalized supply chain. To address it, numerous logic locking and obfuscation techniques have been proposed. While locking initially focused on digital integrated…

Cryptography and Security · Computer Science 2020-04-02 Rabin Yu Acharya , Sreeja Chowdhury , Fatemeh Ganji , Domenic Forte

Large language models write production code, and yet they routinely introduce well-known vulnerabilities. We show that this is not a knowledge deficit: the same models that generate insecure code, correctly identify and explain the…

Cryptography and Security · Computer Science 2026-04-21 Gustavo Sandoval , Brendan Dolan-Gavitt , Siddharth Garg

The area of software development and secure coding can benefit significantly from advancements in virtual assistants. Research has shown that many coders neglect security in favor of meeting deadlines. This shortcoming leaves systems…

Cryptography and Security · Computer Science 2021-05-14 Fitzroy D. Nembhard , Marco M. Carvalho

As a widely deployed security scheme, text-based CAPTCHAs have become more and more difficult to resist machine learning-based attacks. So far, many researchers have conducted attacking research on text-based CAPTCHAs deployed by different…

Computer Vision and Pattern Recognition · Computer Science 2020-08-27 Chunhui Li , Xingshu Chen , Haizhou Wang , Yu Zhang , Peiming Wang

Retrieval-augmented code generation utilizes Large Language Models as the generator and significantly expands their code generation capabilities by providing relevant code, documentation, and more via the retriever. The current approach…

Software Engineering · Computer Science 2024-09-25 Xinyu Gao , Yun Xiong , Deze Wang , Zhenhan Guan , Zejian Shi , Haofen Wang , Shanshan Li

Discovering vulnerabilities in applications of real-world complexity is a daunting task: a vulnerability may affect a single line of code, and yet it compromises the security of the entire application. Even worse, vulnerabilities may…

Cryptography and Security · Computer Science 2020-12-10 Gabriele Costa , Andrea Valenza

Large Language Models (LLMs) have demonstrated remarkable capabilities in code generation, but their proficiency in producing secure code remains a critical, under-explored area. Existing benchmarks often fall short by relying on synthetic…

Cryptography and Security · Computer Science 2026-02-02 Yanlin Wang , Ziyao Zhang , Chong Wang , Xinyi Xu , Mingwei Liu , Yong Wang , Jiachi Chen , Zibin Zheng

AI assistants can help developers by recommending code to be included in their implementations (e.g., suggesting the implementation of a method from its signature). Although useful, these recommendations may mirror copyleft code available…

Software Engineering · Computer Science 2025-02-10 Gaia Colombo , Leonardo Mariani , Daniela Micucci , Oliviero Riganelli

The rapid advancements in Generative AI (GenAI) tools, such as ChatGPT and GitHub Copilot, are transforming software engineering by automating code generation tasks. While these tools improve developer productivity, they also present…

Software Engineering · Computer Science 2024-09-04 Alyssia Chen , Timothy Huo , Yunhee Nam , Dan Port , Anthony Peruma

This paper presents our approach to use refactoring techniques together with code generation. Refactoring is particularly useful if not only the generated classes but also the generator itself can be adapted in an automatic fashion. We have…

Software Engineering · Computer Science 2014-09-24 Holger Krahn , Bernhard Rumpe

Software vulnerabilities are flaws in computer software systems that pose significant threats to the integrity, security, and reliability of modern software and its application data. These vulnerabilities can lead to substantial economic…

Software Engineering · Computer Science 2024-11-11 Penghui Liu , Yingzhou Bi , Jiangtao Huang , Xinxin Jiang , Lianmei Wang