English
Related papers

Related papers: On using distributed representations of source cod…

200 papers

Vulnerability identification constitutes a task of high importance for cyber security. It is quite helpful for locating and fixing vulnerable functions in large applications. However, this task is rather challenging owing to the absence of…

Cryptography and Security · Computer Science 2023-06-09 Ammar Ahmed , Anwar Said , Mudassir Shabbir , Xenofon Koutsoukos

We explore the applicability of Graph Neural Networks in learning the nuances of source code from a security perspective. Specifically, whether signatures of vulnerabilities in source code can be learned from its graph representation, in…

Software Engineering · Computer Science 2020-06-17 Sahil Suneja , Yunhui Zheng , Yufan Zhuang , Jim Laredo , Alessandro Morari

Bug prediction is a resource demanding task that is hard to automate using static source code analysis. In many fields of computer science, machine learning has proven to be extremely useful in tasks like this, however, for it to work we…

Software Engineering · Computer Science 2021-10-12 Tamás Aladics , Judit Jász , Rudolf Ferenc

The identification of vulnerabilities is an important element in the software development life cycle to ensure the security of software. While vulnerability identification based on the source code is a well studied field, the identification…

Cryptography and Security · Computer Science 2022-12-05 Andreas Schaad , Dominik Binder

The sources of reliable, code-level information about vulnerabilities that affect open-source software (OSS) are scarce, which hinders a broad adoption of advanced tools that provide code-level detection and assessment of vulnerable OSS…

Software Engineering · Computer Science 2021-05-10 Therese Fehrer , Rocío Cabrera Lozoya , Antonino Sabetta , Dario Di Nucci , Damian A. Tamburri

Over the years, open-source software systems have become prey to threat actors. Even as open-source communities act quickly to patch the breach, code vulnerability screening should be an integral part of agile software development from the…

Cryptography and Security · Computer Science 2024-01-09 Nafis Tanveer Islam , Gonzalo De La Torre Parra , Dylan Manuel , Elias Bou-Harb , Peyman Najafirad

Software vulnerabilities are a serious and crucial concern. Typically, in a program or function consisting of hundreds or thousands of source code statements, there are only a few statements causing the corresponding vulnerabilities. Most…

Cryptography and Security · Computer Science 2024-06-13 Van Nguyen , Trung Le , Chakkrit Tantithamthavorn , Michael Fu , John Grundy , Hung Nguyen , Seyit Camtepe , Paul Quirk , Dinh Phung

Vulnerability identification is crucial to protect the software systems from attacks for cyber security. It is especially important to localize the vulnerable functions among the source code to facilitate the fix. However, it is a…

Software Engineering · Computer Science 2019-09-10 Yaqin Zhou , Shangqing Liu , Jingkai Siow , Xiaoning Du , Yang Liu

Large language models (LLMs) can detect software vulnerabilities, but how do they actually identify vulnerable code? We address this question using mechanistic interpretability; analyzing the internal computations of a neural network to…

Cryptography and Security · Computer Science 2026-05-29 Syafiq Al Atiiq , Chun Zhou , Christian Gehrmann

Computer-based systems have solved several domain problems, including industrial, military, education, and wearable. Nevertheless, such arrangements need high-quality software to guarantee security and safety as both are mandatory for…

Detecting security vulnerabilities in source code remains challenging, particularly due to class imbalance in real-world datasets where vulnerable functions are under-represented. Existing learning-based methods often optimise for recall,…

Cryptography and Security · Computer Science 2025-07-24 Radowanul Haque , Aftab Ali , Sally McClean , Naveed Khan

In the age of big data and machine learning, at a time when the techniques and methods of software development are evolving rapidly, a problem has arisen: programmers can no longer detect all the security flaws and vulnerabilities in their…

Software Engineering · Computer Science 2021-08-05 Amirreza Bagheri , Péter Hegedűs

Developing automated and smart software vulnerability detection models has been receiving great attention from both research and development communities. One of the biggest challenges in this area is the lack of code samples for all…

Software Engineering · Computer Science 2023-03-14 Khadija Hanifi , Ramin F Fouladi , Basak Gencer Unsalver , Goksu Karadag

In today's digital landscape, the importance of timely and accurate vulnerability detection has significantly increased. This paper presents a novel approach that leverages transformer-based models and machine learning techniques to…

Software Engineering · Computer Science 2025-01-10 Daniele Cipollone , Changjie Wang , Mariano Scazzariello , Simone Ferlin , Maliheh Izadi , Dejan Kostic , Marco Chiesa

Weaknesses in computer systems such as faults, bugs and errors in the architecture, design or implementation of software provide vulnerabilities that can be exploited by attackers to compromise the security of a system. Common Weakness…

Machine Learning · Computer Science 2021-02-24 Siddhartha Shankar Das , Edoardo Serra , Mahantesh Halappanavar , Alex Pothen , Ehab Al-Shaer

Vulnerability detection is crucial for maintaining software security, and recent research has explored the use of Language Models (LMs) for this task. While LMs have shown promising results, their performance has been inconsistent across…

Cryptography and Security · Computer Science 2024-12-24 Syafiq Al Atiiq , Christian Gehrmann , Kevin Dahlén

Mission-critical embedded software is critical to our society's infrastructure but can be subject to new security vulnerabilities as technology advances. When security issues arise, Reverse Engineers (REs) use Software Reverse Engineering…

While much of the current research in deep learning-based vulnerability detection relies on disassembled binaries, this paper explores the feasibility of extracting features directly from raw x86-64 machine code. Although assembly language…

Cryptography and Security · Computer Science 2026-01-15 Mitchell Petingola

In software, a vulnerability is a defect in a program that attackers might utilize to acquire unauthorized access, alter system functions, and acquire information. These vulnerabilities arise from programming faults, design flaws, incorrect…

Software Engineering · Computer Science 2024-11-28 Md. Fahim Sultan , Tasmin Karim , Md. Shazzad Hossain Shaon , Mohammad Wardat , Mst Shapna Akter

One of the most important challenges in the field of software code audit is the presence of vulnerabilities in software source code. These flaws are highly likely ex-ploited and lead to system compromise, data leakage, or denial of…

Machine Learning · Computer Science 2023-03-15 Mst Shapna Akter , Hossain Shahriar , Zakirul Alam Bhuiya