English
Related papers

Related papers: On managing vulnerabilities in AI/ML systems

200 papers

In recent years, a proliferation of cyber-security threats and diversity has been on the rise culminating in an increase in their reporting and analysis. To counter that, many non-profit organizations have emerged in this domain, such as…

Cryptography and Security · Computer Science 2023-04-24 Ashraf Haddad , Najwa Aaraj , Preslav Nakov , Septimiu Fabian Mare

Common Vulnerability and Exposure (CVE) records are fundamental to cybersecurity, offering unique identifiers for publicly known software and system vulnerabilities. Each CVE is typically assigned a Common Vulnerability Scoring System…

Cryptography and Security · Computer Science 2025-04-16 Francesco Marchiori , Denis Donadel , Mauro Conti

The National Vulnerability Database (NVD) publishes over a thousand new vulnerabilities monthly, with a projected 25 percent increase in 2024, highlighting the crucial need for rapid vulnerability identification to mitigate cybersecurity…

Computation and Language · Computer Science 2025-02-25 Rikhiya Ghosh , Hans-Martin von Stockhausen , Martin Schmitt , George Marica Vasile , Sanjeev Kumar Karn , Oladimeji Farri

Machine learning (ML) models deployed in many safety- and business-critical systems are vulnerable to exploitation through adversarial examples. A large body of academic research has thoroughly explored the causes of these blind spots,…

Cryptography and Security · Computer Science 2020-07-15 Ivan Evtimov , Weidong Cui , Ece Kamar , Emre Kiciman , Tadayoshi Kohno , Jerry Li

Large language models (LLMs) are increasingly used to help security analysts manage the surge of cyber threats, automating tasks from vulnerability assessment to incident response. Yet in operational CTI workflows, reliability gaps remain…

Cryptography and Security · Computer Science 2026-05-29 Yuqiao Meng , Luoxi Tang , Feiyang Yu , Jinyuan Jia , Guanhua Yan , Ping Yang , Zhaohan Xi

Machine learning and Large language models (LLMs) for vulnerability detection has received significant attention in recent years. Unfortunately, state-of-the-art techniques show that LLMs are unsuccessful in even distinguishing the…

Cryptography and Security · Computer Science 2025-08-05 Mohammed Sayagh , Mohammad Ghafari

Context: Coordination is a fundamental tenet of software engineering. Coordination is required also for identifying discovered and disclosed software vulnerabilities with Common Vulnerabilities and Exposures (CVEs). Motivated by recent…

Software Engineering · Computer Science 2020-07-27 Jukka Ruohonen , Sampsa Rauti , Sami Hyrynsalmi , Ville Leppänen

In this article, we propose the Artificial Intelligence Security Taxonomy to systematize the knowledge of threats, vulnerabilities, and security controls of machine-learning-based (ML-based) systems. We first classify the damage caused by…

Cryptography and Security · Computer Science 2023-01-20 Yusuke Kawamoto , Kazumasa Miyake , Koichi Konishi , Yutaka Oiwa

Software vulnerabilities remain a critical security challenge, providing entry points for attackers into enterprise networks. Despite advances in security practices, the lack of high-quality datasets capturing diverse exploit behavior…

Cryptography and Security · Computer Science 2025-11-17 Alireza Lotfi , Charalampos Katsis , Elisa Bertino

Code vulnerability detection (CVD) is essential for addressing and preventing system security issues, playing a crucial role in ensuring software security. Previous learning-based vulnerability detection methods rely on either fine-tuning…

Computation and Language · Computer Science 2025-01-07 Xuefeng Jiang , Lvhua Wu , Sheng Sun , Jia Li , Jingjing Xue , Yuwei Wang , Tingting Wu , Min Liu

Common Vulnerabilities and Exposures database (CVE) is one of the largest publicly available source of software and hardware vulnerability data and reports. In this work we analyze the CVE database in the context of IoT device and system…

Cryptography and Security · Computer Science 2020-07-01 Grzegorz J. Blinowski , Paweł Piotrowski

With the growing processing power of computing systems and the increasing availability of massive datasets, machine learning algorithms have led to major breakthroughs in many different areas. This development has influenced computer…

Security vulnerabilities in software can have severe consequences; however, manual vulnerability detection is costly and does not scale, especially as agentic coding frameworks increase the rate of code production. Over the last decade, a…

Software Engineering · Computer Science 2026-05-11 Dan Ristea , Shae McFadden , Ezzeldin Shereen , Madeleine Dwyer , Sanyam Vyas , Chris Hicks , Vasilios Mavroudis

While advanced machine learning (ML) models are deployed in numerous real-world applications, previous works demonstrate these models have security and privacy vulnerabilities. Various empirical research has been done in this field.…

Cryptography and Security · Computer Science 2023-10-23 Boyang Zhang , Zheng Li , Ziqing Yang , Xinlei He , Michael Backes , Mario Fritz , Yang Zhang

There is growing recognition that machine learning (ML) exposes new security and privacy vulnerabilities in software systems, yet the technical community's understanding of the nature and extent of these vulnerabilities remains limited but…

Cryptography and Security · Computer Science 2018-11-06 Nicolas Papernot

Software vulnerability detection is critical in software security because it identifies potential bugs in software systems, enabling immediate remediation and mitigation measures to be implemented before they may be exploited. Automatic…

Software Engineering · Computer Science 2023-06-21 Nima Shiri Harzevili , Alvine Boaye Belle , Junjie Wang , Song Wang , Zhen Ming , Jiang , Nachiappan Nagappan

Context: Traditional software security analysis methods struggle to keep pace with the scale and complexity of modern codebases, requiring intelligent automation to detect, assess, and remediate vulnerabilities more efficiently and…

Software Engineering · Computer Science 2026-01-14 Shaznin Sultana , Sadia Afreen , Nasir U. Eisty

Software vulnerabilities have been continually disclosed and documented. An important practice in documenting vulnerabilities is to describe the key vulnerability aspects, such as vulnerability type, root cause, affected product, impact,…

Software Engineering · Computer Science 2020-08-07 Hao Guo , Zhenchang Xing , Xiaohong Li

Vulnerability discovery and exploits detection are two wide areas of study in software engineering. This preliminary work tries to combine existing methods with machine learning techniques to define a metric classification of vulnerable…

Software Engineering · Computer Science 2014-07-23 Gabriele Modena

Cloud Computing (CC) is revolutionizing the way IT resources are delivered to users, allowing them to access and manage their systems with increased cost-effectiveness and simplified infrastructure. However, with the growth of CC comes a…

Cryptography and Security · Computer Science 2024-10-28 Aptin Babaei , Parham M. Kebria , Mohsen Moradi Dalvand , Saeid Nahavandi