English
Related papers

Related papers: Tracing Vulnerable Code Lineage

200 papers

Clone-and-own approach is a natural way of source code reuse for software developers. To assess how known bugs and security vulnerabilities of a cloned component affect an application, developers and security analysts need to identify an…

Software Engineering · Computer Science 2017-04-28 Takashi Ishio , Yusuke Sakaguchi , Kaoru Ito , Katsuro Inoue

Software security mainly studies vulnerability detection: is my code vulnerable today? This hinders risk estimation, so new approaches are emerging to forecast the occurrence of future vulnerabilities. While useful, these approaches are…

Software Engineering · Computer Science 2024-11-19 Carlos E. Budde , Ranindya Paramitha , Fabio Massacci

As the role of information and communication technologies gradually increases in our lives, source code security becomes a significant issue to protect against malicious attempts Furthermore with the advent of data-driven techniques, there…

Cryptography and Security · Computer Science 2023-02-03 Maryam Taeb

Software developers share programming solutions in Q&A sites like Stack Overflow. The reuse of crowd-sourced code snippets can facilitate rapid prototyping. However, recent research shows that the shared code snippets may be of low quality…

Software Engineering · Computer Science 2021-01-21 Morteza Verdi , Ashkan Sami , Jafar Akhondali , Foutse Khomh , Gias Uddin , Alireza Karami Motlagh

Open source projects often maintain open bug repositories during development and maintenance, and the reporters often point out straightly or implicitly the reasons why bugs occur when they submit them. The comments about a bug are very…

Software Engineering · Computer Science 2011-03-21 Deqing Wang , Mengxiang Lin , Hui Zhang , Hongping Hu

Providing high quality software and evaluating the software reliability in softwarized networks are crucial for vendors and customers. These networks rely on open source code, which are sensitive to contain high number of bugs. Both, the…

Software Engineering · Computer Science 2024-08-01 Hasan Yagiz Ozkan , Madeleine Kaufmann , Wolfgang Kellerer , Carmen Mas-Machuca

In recent years, defect prediction has received a great deal of attention in the empirical software engineering world. Predicting software defects before the maintenance phase is very important not only to decrease the maintenance costs but…

Software Engineering · Computer Science 2018-08-31 Ahmet Okutan

Software, and software source code in particular, is widely used in modern research. It must be properly archived, referenced, described and cited in order to build a stable and long lasting corpus of scientic knowledge. In this article we…

Digital Libraries · Computer Science 2020-09-16 Roberto Di Cosmo

Source code similarity are increasingly used in application development to identify clones, isolate bugs, and find copy-rights violations. Similar code fragments can be very problematic due to the fact that errors in the original code must…

Software Engineering · Computer Science 2019-07-30 F Alomari , M Harbi

Code cloning is frequently observed in software development, often leading to a variety of maintenance and security issues. While substantial research has been conducted on code cloning in traditional software, to the best of my knowledge,…

Software Engineering · Computer Science 2025-08-26 Huashan Chen , Zisheng Huang , Yifan Xu , Wenjie Huang , Jinfu Chen , Haotang Li , Kebin Peng , Feng Liu , Sen He

Previous studies have shown that cryptography is hard for developers to use and misusing cryptography leads to severe security vulnerabilities. We studied relevant vulnerability reports on the HackerOne bug bounty platform to understand…

Cryptography and Security · Computer Science 2021-11-09 Mohammadreza Hazhirpasand , Mohammad Ghafari

Vulnerability detection has always been the most important task in the field of software security. With the development of technology, in the face of massive source code, automated analysis and detection of vulnerabilities has become a…

Cryptography and Security · Computer Science 2021-04-26 Jiajie Wu

Software vulnerabilities, caused by unintentional flaws in source codes, are the main root cause of cyberattacks. Source code static analysis has been used extensively to detect the unintentional defects, i.e. vulnerabilities, introduced…

Cryptography and Security · Computer Science 2022-11-17 Arash Mahyari

Despite various approaches being employed to detect vulnerabilities, the number of reported vulnerabilities shows an upward trend over the years. This suggests the problems are not caught before the code is released, which could be caused…

Cryptography and Security · Computer Science 2025-02-14 Karl Tamberg , Hayretdin Bahsi

With the advent of open source software, a veritable treasure trove of previously proprietary software development data was made available. This opened the field of empirical software engineering research to anyone in academia. Data that is…

Software Engineering · Computer Science 2022-04-19 Adam Tutko , Austin Z. Henley , Audris Mockus

Modern software development methodologies include reuse of open source code. Reuse can be facilitated by architectural knowledge of the software, not necessarily provided in the documentation of open source software. The effort required to…

Software Engineering · Computer Science 2011-10-11 Eleni Constantinou , George Kakarontzas , Ioannis Stamelos

With an ever-increasing amount of open source software, the popularity of services like GitHub that facilitate code reuse, and common misconceptions about the licensing of open source software, the problem of license violations in the code…

Software Engineering · Computer Science 2020-07-07 Yaroslav Golubev , Maria Eliseeva , Nikita Povarov , Timofey Bryksin

One of the most significant challenges in the field of software code auditing is the presence of vulnerabilities in software source code. Every year, more and more software flaws are discovered, either internally in proprietary code or…

Cryptography and Security · Computer Science 2023-06-16 Mst Shapna Akter , Hossain Shahriar , Juan Rodriguez Cardenas , Sheikh Iqbal Ahamed , Alfredo Cuzzocrea

Secure coding is a critical yet often overlooked practice in software development. Despite extensive awareness efforts, real-world adoption remains inconsistent due to organizational, educational, and technical barriers. This paper provides…

Software Engineering · Computer Science 2025-10-02 Kiana Kiashemshaki , Mohammad Jalili Torkamani , Negin Mahmoudi

Open-source software (OSS) has become increasingly more popular across different domains. However, this rapid development and widespread adoption come with a security cost. The growing complexity and openness of OSS ecosystems have led to…

Cryptography and Security · Computer Science 2025-06-17 Seyed Ali Akhavani , Behzad Ousat , Amin Kharraz