English
Related papers

Related papers: DeepCVA: Automated Commit-level Vulnerability Asse…

200 papers

This paper presents VLAI, a transformer-based model that predicts software vulnerability severity levels directly from text descriptions. Built on RoBERTa, VLAI is fine-tuned on over 600,000 real-world vulnerabilities and achieves over 82%…

Cryptography and Security · Computer Science 2025-07-08 Cédric Bonhomme , Alexandre Dulaunoy

The rapid expansion of software systems and the growing number of reported vulnerabilities have emphasized the importance of accurately identifying vulnerable code segments. Traditional methods for vulnerability localization, such as manual…

Cryptography and Security · Computer Science 2025-04-21 Yue Li , Xiao Li , Hao Wu , Yue Zhang , Xiuzhen Cheng , Yating Liu , Fengyuan Xu , Sheng Zhong

The increasing reliance of software projects on third-party libraries has raised concerns about the security of these libraries due to hidden vulnerabilities. Managing these vulnerabilities is challenging due to the time gap between fixes…

Software Engineering · Computer Science 2023-09-06 Son Nguyen , Thanh Trong Vu , Hieu Dinh Vo

The security guarantee of AI-enabled software systems (particularly using deep learning techniques as a functional core) is pivotal against the adversarial attacks exploiting software vulnerabilities. However, little attention has been paid…

Software Engineering · Computer Science 2024-06-14 Zhongzheng Lai , Huaming Chen , Ruoxi Sun , Yu Zhang , Minhui Xue , Dong Yuan

Collecting relevant and high-quality data is integral to the development of effective Software Vulnerability (SV) prediction models. Most of the current SV datasets rely on SV-fixing commits to extract vulnerable functions and lines.…

Software Engineering · Computer Science 2024-01-23 Triet H. M. Le , Xiaoning Du , M. Ali Babar

Deep learning models have demonstrated exceptional performance across a wide range of computer vision tasks. However, their performance often degrades significantly when faced with distribution shifts, such as domain or dataset changes.…

Computer Vision and Pattern Recognition · Computer Science 2025-07-09 Samuel Barbeau , Pedram Fekri , David Osowiechi , Ali Bahri , Moslem Yazdanpanah , Masih Aminbeidokhti , Christian Desrosiers

We present CrossCommitVuln-Bench, a curated benchmark of 15 real-world Python vulnerabilities (CVEs) in which the exploitable condition was introduced across multiple commits - each individually benign to per-commit static analysis - but…

Cryptography and Security · Computer Science 2026-04-24 Arunabh Majumdar

This paper proposes a pipeline for quantitatively evaluating interactive Large Language Models (LLMs) using publicly available datasets. We carry out an extensive technical evaluation of LLMs using Big-Vul covering four different common…

Software Engineering · Computer Science 2024-07-09 Xin Yin , Chao Ni , Shaohua Wang

Identifying the impact scope and scale is critical for software supply chain vulnerability assessment. However, existing studies face substantial limitations. First, prior studies either work at coarse package-level granularity, producing…

Software Engineering · Computer Science 2025-10-10 Bonan Ruan , Zhiwei Lin , Jiahao Liu , Chuqi Zhang , Kaihang Ji , Zhenkai Liang

Accurate survival prediction is critical in oncology for prognosis and treatment planning. Traditional approaches often rely on a single data modality, limiting their ability to capture the complexity of tumor biology. To address this…

Machine Learning · Computer Science 2025-07-11 Alba Garrido , Alejandro Almodóvar , Patricia A. Apellániz , Juan Parras , Santiago Zazo

Data is a central resource for modern enterprises, and data validation is essential for ensuring the reliability of downstream applications. However, existing automated data unit testing frameworks are largely task-agnostic: they validate…

Machine Learning · Computer Science 2026-04-24 Hao Chen , Arnab Phani , Sebastian Schelter

Traditional vulnerability scanning methods are time-consuming and indecisive, and they negatively affect network performance by generating high network traffic. In this paper, we present a novel vulnerability scanner that is time-efficient,…

Cryptography and Security · Computer Science 2019-11-05 Sari Sultan , Ayed Salman

The rapid rise of cyber-crime activities and the growing number of devices threatened by them place software security issues in the spotlight. As around 90% of all attacks exploit known types of security issues, finding vulnerable…

Cryptography and Security · Computer Science 2024-05-14 Rudolf Ferenc , Péter Hegedűs , Péter Gyimesi , Gábor Antal , Dénes Bán , Tibor Gyimóthy

Due to the increasing usage of machine learning (ML) techniques in security- and safety-critical domains, such as autonomous systems and medical diagnosis, ensuring correct behavior of ML systems, especially for different corner cases, is…

Cryptography and Security · Computer Science 2022-12-21 Kexin Pei , Linjie Zhu , Yinzhi Cao , Junfeng Yang , Carl Vondrick , Suman Jana

The advances of deep learning (DL) have paved the way for automatic software vulnerability repair approaches, which effectively learn the mapping from the vulnerable code to the fixed code. Nevertheless, existing DL-based vulnerability…

Software Engineering · Computer Science 2024-03-13 Xin Zhou , Kisub Kim , Bowen Xu , DongGyun Han , David Lo

Secure software engineering is crucial but can be time-consuming; therefore, methods that could expedite the identification of software weaknesses without reducing the process efficacy would benefit the software engineering industry and…

Software Engineering · Computer Science 2023-08-11 Mounika Vanamala , Sean Loesch , Alexander Caravella

Software vulnerabilities pose significant risks to computer systems, impacting our daily lives, productivity, and even our health. Identifying and addressing security vulnerabilities in a timely manner is crucial to prevent hacking and data…

Cryptography and Security · Computer Science 2023-08-01 Jin Wang , Zishan Huang , Hui Xiao , Yinhao Xiao

Software Composition Analysis (SCA) has become pivotal in addressing vulnerabilities inherent in software project dependencies. In particular, reachability analysis is increasingly used in Open-Source Software (OSS) projects to identify…

Software Engineering · Computer Science 2025-06-25 Lyuye Zhang , Jian Zhang , Kaixuan Li , Chong Wang , Chengwei Liu , Jiahui Wu , Sen Chen , Yaowen Zheng , Yang Liu

With the growing threat of software vulnerabilities, deep learning (DL)-based detectors have gained popularity for vulnerability detection. However, doubts remain regarding their consistency within declared CWE ranges, real-world…

Software Engineering · Computer Science 2025-07-15 Yunqian Wang , Xiaohong Li , Yao Zhang , Yuekang Li , Zhiping Zhou , Ruitao Feng

Context: Security Vulnerabilities (SVs) pose many serious threats to software systems. Developers usually seek solutions to addressing these SVs on developer Question and Answer (Q&A) websites. However, there is still little known about…

Software Engineering · Computer Science 2021-09-10 Triet H. M. Le , Roland Croft , David Hin , M. Ali Babar