English
Related papers

Related papers: DeepCVA: Automated Commit-level Vulnerability Asse…

200 papers

The increasing reliance on software in various applications has made the problem of software vulnerability detection more critical. Software vulnerabilities can lead to security breaches, data theft, and other negative outcomes. Traditional…

Software Engineering · Computer Science 2025-12-16 Saadh Jawwadh , Guhanathan Poravi

Automatically locating vulnerable statements in source code is crucial to assure software security and alleviate developers' debugging efforts. This becomes even more important in today's software ecosystem, where vulnerable code can flow…

Software Engineering · Computer Science 2022-01-14 Yangruibo Ding , Sahil Suneja , Yunhui Zheng , Jim Laredo , Alessandro Morari , Gail Kaiser , Baishakhi Ray

Large Language Models (LLMs) have shown promise in software engineering tasks, but evaluating their effectiveness in vulnerability detection is challenging due to the lack of high-quality datasets. Most existing datasets are limited to…

Software Engineering · Computer Science 2025-05-27 Md Basim Uddin Ahmed , Nima Shiri Harzevili , Jiho Shin , Hung Viet Pham , Song Wang

Background: Static Application Security Testing (SAST) tools purport to assist developers in detecting security issues in source code. These tools typically use rule-based approaches to scan source code for security vulnerabilities.…

Software Engineering · Computer Science 2021-07-19 Roland Croft , Dominic Newlands , Ziyu Chen , M. Ali Babar

This paper presents VulBERTa, a deep learning approach to detect security vulnerabilities in source code. Our approach pre-trains a RoBERTa model with a custom tokenisation pipeline on real-world code from open-source C/C++ projects. The…

Cryptography and Security · Computer Science 2023-06-21 Hazim Hanif , Sergio Maffeis

The significant increase in software production, driven by the acceleration of development cycles over the past two decades, has led to a steady rise in software vulnerabilities, as shown by statistics published yearly by the CVE program.…

Software Engineering · Computer Science 2025-12-11 Dyna Soumhane Ouchebara , Stéphane Dupont

Currently, smart contract vulnerabilities (SCVs) have emerged as a major factor threatening the transaction security of blockchain. Existing state-of-the-art methods rely on deep learning to mitigate this threat. They treat each input…

Cryptography and Security · Computer Science 2024-04-30 Yizhou Chen , Zeyu Sun , Zhihao Gong , Dan Hao

Though many deep learning (DL)-based vulnerability detection approaches have been proposed and indeed achieved remarkable performance, they still have limitations in the generalization as well as the practical usage. More precisely,…

Software Engineering · Computer Science 2023-08-23 Chao Ni , Xin Yin , Kaiwen Yang , Dehai Zhao , Zhenchang Xing , Xin Xia

Open-source AI libraries are foundational to modern AI systems, yet they present significant, underexamined risks spanning security, licensing, maintenance, supply chain integrity, and regulatory compliance. We introduce LibVulnWatch, a…

Cryptography and Security · Computer Science 2025-07-01 Zekun Wu , Seonglae Cho , Umar Mohammed , Cristian Munoz , Kleyton Costa , Xin Guan , Theo King , Ze Wang , Emre Kazim , Adriano Koshiyama

Traditional vulnerability detection methods rely heavily on predefined rule matching, which often fails to capture vulnerabilities accurately. With the rise of large language models (LLMs), leveraging their ability to understand code…

Cryptography and Security · Computer Science 2025-11-26 Xiang Li , Yueci Su , Jiahao Liu , Zhiwei Lin , Yuebing Hou , Peiming Gao , Yuanchao Zhang

The use of learning-based techniques to achieve automated software vulnerability detection has been of longstanding interest within the software security domain. These data-driven solutions are enabled by large software vulnerability…

Software Engineering · Computer Science 2023-01-16 Roland Croft , M. Ali Babar , Mehdi Kholoosi

Software security is becoming a high priority for both large companies and start-ups alike due to the increasing potential for harm that vulnerabilities and breaches carry with them. However, attaining robust security assurance while…

Software Engineering · Computer Science 2019-08-06 David N. Palacio , Daniel McCrystal , Kevin Moran , Carlos Bernal-Cárdenas , Denys Poshyvanyk , Chris Shenefiel

Open-source software (OSS) vulnerabilities are increasingly prevalent, emphasizing the importance of security patches. However, in widely used security platforms like NVD, a substantial number of CVE records still lack trace links to…

Software Engineering · Computer Science 2024-07-25 Kaixuan Li , Jian Zhang , Sen Chen , Han Liu , Yang Liu , Yixiang Chen

Organizations struggle to handle sheer number of vulnerabilities in their cloud environments. The de facto methodology used for prioritizing vulnerabilities is to use Common Vulnerability Scoring System (CVSS). However, CVSS has inherent…

Cryptography and Security · Computer Science 2022-06-23 Muhammed Fatih Bulut , Abdulhamid Adebayo , Daby Sow , Steve Ocepek

With the increasing reliance on Open Source Software, users are exposed to third-party library vulnerabilities. Software Composition Analysis (SCA) tools have been created to alert users of such vulnerabilities. SCA requires the…

Context: Identifying potential vulnerable code is important to improve the security of our software systems. However, the manual detection of software vulnerabilities requires expert knowledge and is time-consuming, and must be supported by…

Cryptography and Security · Computer Science 2022-01-24 Laura Wartschinski , Yannic Noller , Thomas Vogel , Timo Kehrer , Lars Grunske

We introduce the Deep Learning Vulnerability Analyzer (DLVA) for Ethereum smart contracts based on neural networks. We train DLVA to judge bytecode even though the supervising oracle can only judge source. DLVA's training algorithm is…

Cryptography and Security · Computer Science 2026-05-19 Tamer Abdelaziz , Aquinas Hobor

Software vulnerabilities pose critical security and risk concerns for many software systems. Many techniques have been proposed to effectively assess and prioritize these vulnerabilities before they cause serious consequences. To evaluate…

Cryptography and Security · Computer Science 2024-09-25 Bonan Ruan , Jiahao Liu , Weibo Zhao , Zhenkai Liang

Context: Traditional software security analysis methods struggle to keep pace with the scale and complexity of modern codebases, requiring intelligent automation to detect, assess, and remediate vulnerabilities more efficiently and…

Software Engineering · Computer Science 2026-01-14 Shaznin Sultana , Sadia Afreen , Nasir U. Eisty

Large Language Models (LLMs) have training corpora containing large amounts of program code, greatly improving the model's code comprehension and generation capabilities. However, sound comprehensive research on detecting program…

Cryptography and Security · Computer Science 2024-08-22 Yu Liu , Lang Gao , Mingxin Yang , Yu Xie , Ping Chen , Xiaojin Zhang , Wei Chen
‹ Prev 1 3 4 5 6 7 10 Next ›