English
Related papers

Related papers: Less is More: Supporting Developers in Vulnerabili…

200 papers

Static code analysis tools and integrated development environments present developers with quality-related software metrics, some of which describe the understandability of source code. Software metrics influence overarching strategic…

Software Engineering · Computer Science 2021-05-18 Marvin Wyrich , Andreas Preikschat , Daniel Graziotin , Stefan Wagner

Smart contracts are self-executing programs that run on blockchains (e.g., Ethereum). 680 million US dollars worth of digital assets controlled by smart contracts have been hacked or stolen due to various security vulnerabilities in 2021.…

Cryptography and Security · Computer Science 2022-04-26 Tanusree Sharma , Zhixuan Zhou , Andrew Miller , Yang Wang

A concern can be characterized as a developer's intent behind a piece of code, often not explicitly captured in it. We discuss a technique of recording concerns using source code annotations (concern annotations). Using two studies and two…

Software Engineering · Computer Science 2018-08-13 Matúš Sulír , Milan Nosáľ , Jaroslav Porubän

Code review is essential for maintaining software quality but often time-consuming and cognitively demanding, especially in industrial environments. Recent advancements in language models (LMs) have opened new avenues for automating core…

Software Engineering · Computer Science 2025-10-24 Igli Begolli , Meltem Aksoy , Daniel Neider

Code review is a common process that is used by developers, in which a reviewer provides useful comments or points out defects in the submitted source code changes via pull request. Code review has been widely used for both industry and…

Software Engineering · Computer Science 2019-12-23 JingKai Siow , Cuiyun Gao , Lingling Fan , Sen Chen , Yang Liu

Code translation is crucial for cross-language codebase migration, and large language models (LLMs) have emerged as a promising technique to automate this process. However, the security implications of using LLMs for code translation remain…

Cryptography and Security · Computer Science 2025-12-09 Hailong Chang , Guozhu Meng , Shuhui Xiao , Kai Chen , Kun Sun , Yilin Li

This paper presents the source code analysis of a file reader server socket program (connection-oriented sockets) developed in Java, to illustrate the identification, impact analysis and solutions to remove five important software security…

Cryptography and Security · Computer Science 2014-12-02 Natarajan Meghanathan

In software development, the identification of source code file experts is an important task. Identifying these experts helps to improve software maintenance and evolution activities, such as developing new features, code reviews, and bug…

Software Engineering · Computer Science 2022-08-17 Otávio Cury , Guilherme Avelino , Pedro Santos Neto , Ricardo Britto , Marco Túlio Valente

Refactoring is a common practice in software development, aimed at improving the internal code structure in order to make it easier to understand and modify. Consequently, it is often assumed that refactoring makes the code less prone to…

Software Engineering · Computer Science 2025-05-14 Isabella Ferreira , Lawrence Arkoh , Anderson Uchôa , Ana Carla Bibiano , Alessandro Garcia , Wesley K. G. Assunção

Modern Code Review (MCR) plays a key role in software quality practices. In MCR process, a new patch (i.e., a set of code changes) is encouraged to be examined by reviewers in order to identify weaknesses in source code prior to an…

Software Engineering · Computer Science 2018-06-28 Shade Ruangwan , Patanamon Thongtanunam , Akinori Ihara , Kenichi Matsumoto

In software project management, risk management is a critical factor. Project managers use existing lists of risk or perform brainstorming to identify the risks. However, it is not easy to perceive all the risks objectively. As a result,…

Software Engineering · Computer Science 2022-09-09 Yukasa Murakami , Masateru Tsunoda , Eduardo C. Campos

Third-party library reuse has become common practice in contemporary software development, as it includes several benefits for developers. Library dependencies are constantly evolving, with newly added features and patches that fix bugs in…

Software Engineering · Computer Science 2017-09-15 Raula Gaikovina Kula , Daniel M. German , Ali Ouni , Takashi Ishio , Katsuro Inoue

Improved software discovery is a prerequisite for greater software reuse: after all, if someone cannot find software for a particular task, they cannot reuse it. Understanding people's approaches and preferences when they look for software…

Computers and Society · Computer Science 2018-05-30 Michael Hucka , Matthew J. Graham

The absolute majority of software today is developed collaboratively using collaborative version control tools such as Git. It is a common practice that once a vulnerability is detected and fixed, the developers behind the software issue a…

Cryptography and Security · Computer Science 2023-02-07 Nitzan Farhi , Noam Koenigstein , Yuval Shavitt

Code vulnerability detection (CVD) is essential for addressing and preventing system security issues, playing a crucial role in ensuring software security. Previous learning-based vulnerability detection methods rely on either fine-tuning…

Computation and Language · Computer Science 2025-01-07 Xuefeng Jiang , Lvhua Wu , Sheng Sun , Jia Li , Jingjing Xue , Yuwei Wang , Tingting Wu , Min Liu

Increasing number of cyber-attacks demotivate people to use Information and Communication Technology (ICT) for industrial as well as day to day work. A main reason for the increasing number of cyber-attacks is mistakes that programmers make…

Cryptography and Security · Computer Science 2018-10-12 Chamila Wijayarathna , Nalin Asanka Gamagedara Arachchilage

Despite the popularity and importance of modern code review, the understanding of the cognitive processes that enable reviewers to analyze code and provide meaningful feedback is lacking. To address this gap, we observed and interviewed ten…

Software Engineering · Computer Science 2025-03-28 Pavlína Wurzel Gonçalves , Pooja Rani , Margaret-Anne Storey , Diomidis Spinellis , Alberto Bacchelli

The rapid expansion of software systems and the growing number of reported vulnerabilities have emphasized the importance of accurately identifying vulnerable code segments. Traditional methods for vulnerability localization, such as manual…

Cryptography and Security · Computer Science 2025-04-21 Yue Li , Xiao Li , Hao Wu , Yue Zhang , Xiuzhen Cheng , Yating Liu , Fengyuan Xu , Sheng Zhong

AI coding agents allow software developers to generate code quickly, which raises a practical question for project managers and open source maintainers: can vibe coders with less development experience substitute for expert developers? To…

Software Engineering · Computer Science 2026-03-02 Syed Ammar Asdaque , Imran Haider , Muhammad Umar Malik , Maryam Abdul Ghafoor , Abdul Ali Bangash

Much of the current software depends on open-source components, which in turn have complex dependencies on other open-source libraries. Vulnerabilities in open source therefore have potentially huge impacts. The goal of this work is to get…

Software Engineering · Computer Science 2023-05-10 Tobias Dam , Sebastian Neumaier
‹ Prev 1 8 9 10 Next ›