English
Related papers

Related papers: VulSPG: Vulnerability detection based on slice pro…

200 papers

Fine-grained software vulnerability detection is an important and challenging problem. Ideally, a detection system (or detector) not only should be able to detect whether or not a program contains vulnerabilities, but also should be able to…

Cryptography and Security · Computer Science 2020-01-09 Deqing Zou , Sujuan Wang , Shouhuai Xu , Zhen Li , Hai Jin

Program representation, which aims at converting program source code into vectors with automatically extracted features, is a fundamental problem in programming language processing (PLP). Recent work tries to represent programs with neural…

Machine Learning · Computer Science 2022-02-28 Ting Long , Yutong Xie , Xianyu Chen , Weinan Zhang , Qinxiang Cao , Yong Yu

Graph-based retrieval-augmented generation (Graph RAG) is increasingly deployed to support LLM applications by augmenting user queries with structured knowledge retrieved from a knowledge graph. While Graph RAG improves relational…

Cryptography and Security · Computer Science 2026-02-09 Minkyoo Song , Jaehan Kim , Myungchul Kang , Hanna Kim , Seungwon Shin , Sooel Son

In an increasingly interconnected and data-driven world, the importance of robust security measures cannot be overstated. A knowledge graph constructed with information extracted from the system along with the desired security behavior can…

Cryptography and Security · Computer Science 2023-12-11 M. Xie , T. Rahat , W. Wang , Y. Tian

Despite the successes of machine learning (ML) and deep learning (DL) based vulnerability detectors (VD), they are limited to providing only the decision on whether a given code is vulnerable or not, without details on what part of the code…

Cryptography and Security · Computer Science 2021-06-22 Yi Li , Shaohua Wang , Tien N. Nguyen

The application of language models to project-level vulnerability detection remains challenging, owing to the dual requirement of accurately localizing security-sensitive code and correctly correlating and reasoning over complex program…

Software Engineering · Computer Science 2025-09-16 Ziliang Wang , Ge Li , Jia Li , Hao Zhu , Zhi Jin

In software, a vulnerability is a defect in a program that attackers might utilize to acquire unauthorized access, alter system functions, and acquire information. These vulnerabilities arise from programming faults, design flaws, incorrect…

Software Engineering · Computer Science 2024-11-28 Md. Fahim Sultan , Tasmin Karim , Md. Shazzad Hossain Shaon , Mohammad Wardat , Mst Shapna Akter

With the advancement of deep learning (DL) in various fields, there are many attempts to reveal software vulnerabilities by data-driven approach. Nonetheless, such existing works lack the effective representation that can retain the…

Cryptography and Security · Computer Science 2023-09-27 Vu Le Anh Quan , Chau Thuan Phat , Kiet Van Nguyen , Phan The Duy , Van-Hau Pham

Code reuse is common in modern software development, but it can also spread vulnerabilities when developers unknowingly copy risky code. The code fragments that preserve the logic of known vulnerabilities are known as vulnerable code clones…

In modern software development, vulnerability detection is crucial due to the inevitability of bugs and vulnerabilities in complex software systems. Effective detection and elimination of these vulnerabilities during the testing phase are…

Cryptography and Security · Computer Science 2025-09-29 Christopher Scherb , Luc Bryan Heitz , Hermann Grieder

Traditional vulnerability detection methods rely heavily on predefined rule matching, which often fails to capture vulnerabilities accurately. With the rise of large language models (LLMs), leveraging their ability to understand code…

Cryptography and Security · Computer Science 2025-11-26 Xiang Li , Yueci Su , Jiahao Liu , Zhiwei Lin , Yuebing Hou , Peiming Gao , Yuanchao Zhang

Source code vulnerability detection aims to identify inherent vulnerabilities to safeguard software systems from potential attacks. Many prior studies overlook diverse vulnerability characteristics, simplifying the problem into a binary…

Cryptography and Security · Computer Science 2024-04-16 Shangqing Liu , Wei Ma , Jian Wang , Xiaofei Xie , Ruitao Feng , Yang Liu

Detecting security vulnerabilities in source code remains challenging, particularly due to class imbalance in real-world datasets where vulnerable functions are under-represented. Existing learning-based methods often optimise for recall,…

Cryptography and Security · Computer Science 2025-07-24 Radowanul Haque , Aftab Ali , Sally McClean , Naveed Khan

The high complexity of modern software supply chains necessitates tools such as Software Bill of Materials (SBOMs) to manage component dependencies, and Software Composition Analysis (SCA) tools to identify vulnerabilities. While there…

Software Engineering · Computer Science 2025-07-29 Howell Xia , Jonah Gluck , Sevval Simsek , David Sastre Medina , David Starobinski

Prior studies generally focus on software vulnerability detection and have demonstrated the effectiveness of Graph Neural Network (GNN)-based approaches for the task. Considering the various types of software vulnerabilities and the…

Software Engineering · Computer Science 2023-06-13 Xin-Cheng Wen , Cuiyun Gao , Feng Luo , Haoyu Wang , Ge Li , Qing Liao

As graphs grow larger, full-batch GNN training becomes hard for single GPU memory. Therefore, to enhance the scalability of GNN training, some studies have proposed sampling-based mini-batch training and distributed graph learning. However,…

Machine Learning · Computer Science 2024-08-22 Zhengjia Xu , Dingyang Lyu , Jinghui Zhang

Though many deep learning (DL)-based vulnerability detection approaches have been proposed and indeed achieved remarkable performance, they still have limitations in the generalization as well as the practical usage. More precisely,…

Software Engineering · Computer Science 2023-08-23 Chao Ni , Xin Yin , Kaiwen Yang , Dehai Zhao , Zhenchang Xing , Xin Xia

This paper presents VulBERTa, a deep learning approach to detect security vulnerabilities in source code. Our approach pre-trains a RoBERTa model with a custom tokenisation pipeline on real-world code from open-source C/C++ projects. The…

Cryptography and Security · Computer Science 2023-06-21 Hazim Hanif , Sergio Maffeis

The increasing reliance on software in various applications has made the problem of software vulnerability detection more critical. Software vulnerabilities can lead to security breaches, data theft, and other negative outcomes. Traditional…

Software Engineering · Computer Science 2025-12-16 Saadh Jawwadh , Guhanathan Poravi

Although LLMs have shown promising potential in vulnerability detection, this study reveals their limitations in distinguishing between vulnerable and similar-but-benign patched code (only 0.06 - 0.14 accuracy). It shows that LLMs struggle…

Software Engineering · Computer Science 2025-06-18 Xueying Du , Geng Zheng , Kaixin Wang , Yi Zou , Yujia Wang , Wentai Deng , Jiayi Feng , Mingwei Liu , Bihuan Chen , Xin Peng , Tao Ma , Yiling Lou