English
Related papers

Related papers: Technical Report -- Expected Exploitability: Predi…

200 papers
AEAS: Actionable Exploit Assessment System

Security practitioners face growing challenges in exploit assessment, as public vulnerability repositories are increasingly populated with inconsistent and low-quality exploit artifacts. Existing scoring systems, such as CVSS and EPSS,…

Cryptography and Security · Computer Science 2025-09-23 Xiangmin Shen , Wenyuan Cheng , Yan Chen , Zhenyuan Li , Yuqiao Gu , Lingzhi Wang , Wencheng Zhao , Dawei Sun , Jiashui Wang
Predicting Exploitation of Disclosed Software Vulnerabilities Using Open-source Data

Each year, thousands of software vulnerabilities are discovered and reported to the public. Unpatched known vulnerabilities are a significant security risk. It is imperative that software vendors quickly provide patches once vulnerabilities…

Cryptography and Security · Computer Science 2017-07-26 Benjamin L. Bullough , Anna K. Yanchenko , Christopher L. Smith , Joseph R. Zipkin
Few-Sample Named Entity Recognition for Security Vulnerability Reports by Fine-Tuning Pre-Trained Language Models

Public security vulnerability reports (e.g., CVE reports) play an important role in the maintenance of computer and network systems. Security companies and administrators rely on information from these reports to prioritize tasks on…

Computation and Language · Computer Science 2021-08-17 Guanqun Yang , Shay Dineen , Zhipeng Lin , Xueqing Liu
Enhancing Vulnerability Prioritization: Data-Driven Exploit Predictions with Community-Driven Insights

The number of disclosed vulnerabilities has been steadily increasing over the years. At the same time, organizations face significant challenges patching their systems, leading to a need to prioritize vulnerability remediation in order to…

Cryptography and Security · Computer Science 2023-06-19 Jay Jacobs , Sasha Romanosky , Octavian Suciu , Benjamin Edwards , Armin Sarabi
When Priors Backfire: On the Vulnerability of Unlearnable Examples to Pretraining

Unlearnable Examples (UEs) serve as a data protection strategy that generates imperceptible perturbations to mislead models into learning spurious correlations instead of underlying semantics. In this paper, we uncover a fundamental…

Machine Learning · Computer Science 2026-03-06 Zhihao Li , Gezheng Xu , Jiale Cai , Ruiyi Fang , Di Wu , Qicheng Lao , Charles Ling , Boyu Wang
Probabilistic Machine Learning for Noisy Labels in Earth Observation

Label noise poses a significant challenge in Earth Observation (EO), often degrading the performance and reliability of supervised Machine Learning (ML) models. Yet, given the critical nature of several EO applications, developing robust…

Machine Learning · Computer Science 2025-04-07 Spyros Kondylatos , Nikolaos Ioannis Bountos , Ioannis Prapas , Angelos Zavras , Gustau Camps-Valls , Ioannis Papoutsis
Exploit Prediction Scoring System (EPSS)

Despite the massive investments in information security technologies and research over the past decades, the information security industry is still immature. In particular, the prioritization of remediation efforts within vulnerability…

Cryptography and Security · Computer Science 2019-08-15 Jay Jacobs , Sasha Romanosky , Benjamin Edwards , Michael Roytman , Idris Adjerid
From Model to Breach: Towards Actionable LLM-Generated Vulnerabilities Reporting

As the role of Large Language Models (LLM)-based coding assistants in software development becomes more critical, so does the role of the bugs they generate in the overall cybersecurity landscape. While a number of LLM code security…

Computation and Language · Computer Science 2025-11-07 Cyril Vallez , Alexander Sternfeld , Andrei Kucharavy , Ljiljana Dolamic
Forecasting the risk of software choices: A model to foretell security vulnerabilities from library dependencies and source code evolution

Software security mainly studies vulnerability detection: is my code vulnerable today? This hinders risk estimation, so new approaches are emerging to forecast the occurrence of future vulnerabilities. While useful, these approaches are…

Software Engineering · Computer Science 2024-11-19 Carlos E. Budde , Ranindya Paramitha , Fabio Massacci
AXE: An Agentic eXploit Engine for Confirming Zero-Day Vulnerability Reports

Vulnerability detection tools are widely adopted in software projects, yet they often overwhelm maintainers with false positives and non-actionable reports. Automated exploitation systems can help validate these reports; however, existing…

Cryptography and Security · Computer Science 2026-02-17 Amirali Sajadi , Tu Nguyen , Kostadin Damevski , Preetha Chatterjee
Efficacy of EPSS in High Severity CVEs found in KEV

The Exploit Prediction Scoring System (EPSS) is designed to assess the probability of a vulnerability being exploited in the next 30 days relative to other vulnerabilities. The latest version, based on a research paper published in arXiv,…

Cryptography and Security · Computer Science 2024-11-06 Rianna Parla
The Devil is in the Details: On the Pitfalls of Event Extraction Evaluation

Event extraction (EE) is a crucial task aiming at extracting events from texts, which includes two subtasks: event detection (ED) and event argument extraction (EAE). In this paper, we check the reliability of EE evaluations and identify…

Computation and Language · Computer Science 2023-06-16 Hao Peng , Xiaozhi Wang , Feng Yao , Kaisheng Zeng , Lei Hou , Juanzi Li , Zhiyuan Liu , Weixing Shen
Towards Unveiling Predictive Uncertainty Vulnerabilities in the Context of the Right to Be Forgotten

Currently, various uncertainty quantification methods have been proposed to provide certainty and probability estimates for deep learning models' label predictions. Meanwhile, with the growing demand for the right to be forgotten, machine…

Machine Learning · Computer Science 2025-08-12 Wei Qian , Chenxu Zhao , Yangyi Li , Wenqian Ye , Mengdi Huai
Unlearnable Examples Give a False Sense of Security: Piercing through Unexploitable Data with Learnable Examples

Safeguarding data from unauthorized exploitation is vital for privacy and security, especially in recent rampant research in security breach such as adversarial/membership attacks. To this end, \textit{unlearnable examples} (UEs) have been…

Machine Learning · Computer Science 2023-10-04 Wan Jiang , Yunfeng Diao , He Wang , Jianxin Sun , Meng Wang , Richang Hong
Recoverability Has a Law: The ERR Measure for Tool-Augmented Agents

Language model agents often appear capable of self-recovery after failing tool call executions, yet this behavior lacks a formal explanation. We present a predictive theory that resolves this gap by showing that recoverability follows a…

Machine Learning · Computer Science 2026-02-02 Sri Vatsa Vuddanti , Satwik Kumar Chittiprolu
Rectifying Adversarial Examples Using Their Vulnerabilities

Deep neural network-based classifiers are prone to errors when processing adversarial examples (AEs). AEs are minimally perturbed input data undetectable to humans posing significant risks to security-dependent applications. Hence,…

Cryptography and Security · Computer Science 2026-01-05 Fumiya Morimoto , Ryuto Morita , Satoshi Ono
Accountable Error Characterization

Customers of machine learning systems demand accountability from the companies employing these algorithms for various prediction tasks. Accountability requires understanding of system limit and condition of erroneous predictions, as…

Machine Learning · Computer Science 2021-05-12 Amita Misra , Zhe Liu , Jalal Mahmud
Automated Vulnerability Detection in Source Code Using Deep Representation Learning

Increasing numbers of software vulnerabilities are discovered every year whether they are reported publicly or discovered internally in proprietary code. These vulnerabilities can pose serious risk of exploit and result in system…

Machine Learning · Computer Science 2018-11-29 Rebecca L. Russell , Louis Kim , Lei H. Hamilton , Tomo Lazovich , Jacob A. Harer , Onur Ozdemir , Paul M. Ellingwood , Marc W. McConley
The Evaluation Differential: When Frontier AI Models Recognise They Are Being Tested

Recent published evidence from frontier laboratories shows that contemporary AI models can recognise evaluation contexts, latently represent them, and behave differently under those contexts than under deployment-continuous conditions.…

Artificial Intelligence · Computer Science 2026-05-13 Varad Vishwarupe , Nigel Shadbolt , Marina Jirotka , Ivan Flechais
Unlearnable Clusters: Towards Label-agnostic Unlearnable Examples

There is a growing interest in developing unlearnable examples (UEs) against visual privacy leaks on the Internet. UEs are training samples added with invisible but unlearnable noise, which have been found can prevent unauthorized training…

Cryptography and Security · Computer Science 2023-03-24 Jiaming Zhang , Xingjun Ma , Qi Yi , Jitao Sang , Yu-Gang Jiang , Yaowei Wang , Changsheng Xu
‹ Prev 1 2 3 10 Next ›