English
Related papers

Related papers: Has My Release Disobeyed Semantic Versioning? Stat…

200 papers

Evaluating AMR parsing accuracy involves comparing pairs of AMR graphs. The major evaluation metric, SMATCH (Cai and Knight, 2013), searches for one-to-one mappings between the nodes of two AMRs with a greedy hill-climbing algorithm, which…

Computation and Language · Computer Science 2019-05-31 Linfeng Song , Daniel Gildea

Binary similarity detection is a critical technique that has been applied in many real-world scenarios where source code is not available, e.g., bug search, malware analysis, and code plagiarism detection. Existing works are ineffective in…

Cryptography and Security · Computer Science 2023-08-04 Zian Liu , Zhi Zhang , Siqi Ma , Dongxi Liu , Jun Zhang , Chao Chen , Shigang Liu , Muhammad Ejaz Ahmed , Yang Xiang

Modern software heavily relies on the use of components. Those components are usually published in central repositories, and managed by build systems via dependencies. Due to issues around vulnerabilities, licenses and the propagation of…

Software Engineering · Computer Science 2023-10-11 Jens Dietrich , Shawn Rasheed , Alexander Jordan , Tim White

Safety mechanisms for large language models (LLMs) remain predominantly English-centric, creating systematic vulnerabilities in multilingual deployment. Prior work shows that translating malicious prompts into other languages can…

Computation and Language · Computer Science 2026-04-29 Shirin Alanova , Bogdan Minko , Sabrina Sadiekh , Evgeniy Kokuykin

In recent years, the rapid growth of security vulnerabilities poses great challenges to tracing and managing them. For example, it was reported that the NVD database experienced significant delays due to the shortage of maintainers. Such…

Cryptography and Security · Computer Science 2024-11-19 Xueqing Liu , Yuchen Xiong , Qiushi Liu , Jiangrui Zheng

With the development of the open source community, the code is often copied, spread, and evolved in multiple software systems, which brings uncertainty and risk to the software system (e.g., bug propagation and copyright infringement).…

Software Engineering · Computer Science 2024-05-02 Shihan Dou , Yueming Wu , Haoxiang Jia , Yuhao Zhou , Yan Liu , Yang Liu

In this paper, we explore how to use a small amount of new data to update a task-oriented semantic parsing model when the desired output for some examples has changed. When making updates in this way, one potential problem that arises is…

Computation and Language · Computer Science 2021-12-13 David Gaddy , Alex Kouzemtchenko , Pavankumar Reddy Muddireddy , Prateek Kolhar , Rushin Shah

Static analyzers can reason about the properties and behaviors of programs and detect various issues without executing them. Hence, they should extract the necessary information to understand the analyzed program well. Annotation has been a…

Software Engineering · Computer Science 2024-02-23 Huaien Zhang , Yu Pei , Shuyun Liang , Shin Hwei Tan

Static bug detection tools help developers detect problems in the code, including bad programming practices and potential defects. Recent efforts to integrate static bug detectors in modern software development workflows, such as in code…

Software Engineering · Computer Science 2024-01-24 Junjie Li , Jinqiu Yang

Version control relies on commit messages to convey the rationale for code changes, but these messages are often low quality and, more critically, inconsistent with their diffs-known as message-code inconsistency (MCI). MCIs mislead…

Software Engineering · Computer Science 2025-11-26 Qingyu Zhang , Puzhuo Liu , Peng Di , Chenxiong Qian

Current merge tools don't detect semantic conflicts, which occur when changes from different developers are textually integrated but semantically interfere with each other. Although researchers have proposed static analyses for detecting…

Software Engineering · Computer Science 2025-07-29 Matheus Barbosa , Paulo Borba , Rodrigo Bonifácio , Victor Lira , Galileu Santos

Several studies showed that misuses of cryptographic APIs are common in real-world code (e.g., Apache projects and Android apps). There exist several open-sourced and commercial security tools that automatically screen Java programs to…

Cryptography and Security · Computer Science 2021-12-09 Sharmin Afrose , Ya Xiao , Sazzadur Rahaman , Barton P. Miller , Danfeng , Yao

Network protocol parsers are essential for enabling correct and secure communication between devices. Bugs in these parsers can introduce critical vulnerabilities, including memory corruption, information leakage, and denial-of-service…

Software Engineering · Computer Science 2025-04-21 Mingwei Zheng , Danning Xie , Xiangyu Zhang

Dependency updates often cause compilation errors when new dependency versions introduce changes that are incompatible with existing client code. Fixing breaking dependency updates is notoriously hard, as their root cause can be hidden deep…

Software Engineering · Computer Science 2025-01-14 Frank Reyes , Benoit Baudry , Martin Monperrus

Despite their ability to aid developers in detecting potential defects early in the software development life cycle, static analysis tools often suffer from precision issues (i.e., high false positive rates of reported alarms). To improve…

Software Engineering · Computer Science 2024-01-22 Yuwei Zhang , Ying Xing , Ge Li , Zhi Jin

Identifying recurring vulnerabilities is crucial for ensuring software security. Clone-based techniques, while widely used, often generate many false alarms due to the existence of similar but patched (SBP) code, which is similar to…

Software Engineering · Computer Science 2026-02-10 Zixuan Tan , Jiayuan Zhou , Xing Hu , Shengyi Pan , Kui Liu , Xin Xia

With the increasing disclosure of vulnerabilities in open-source software, software composition analysis (SCA) has been widely applied to reveal third-party libraries and the associated vulnerabilities in software projects. Beyond the…

Software Engineering · Computer Science 2023-01-23 Lyuye Zhang , Chengwei Liu , Zhengzi Xu , Sen Chen , Lingling Fan , Lida Zhao , Jiahui Wu , Yang Liu

In this paper, we present a challenging code reasoning task: vulnerability detection. Large Language Models (LLMs) have shown promising results in natural-language and math reasoning, but state-of-the-art (SOTA) models reported only 54.5%…

Software Engineering · Computer Science 2025-01-09 Benjamin Steenhoek , Md Mahbubur Rahman , Monoshi Kumar Roy , Mirza Sanjida Alam , Hengbo Tong , Swarna Das , Earl T. Barr , Wei Le

Large language models (LLMs) have transformed software development by enabling automated code generation, yet they frequently suffer from systematic errors that limit practical deployment. We identify two critical failure modes:…

Software Engineering · Computer Science 2025-11-12 Wuyang Zhang , Chenkai Zhang , Zhen Luo , Jianming Ma , Wangming Yuan , Chuqiao Gu , Chenwei Feng

Software vulnerabilities, caused by unintentional flaws in source code, are a primary root cause of cyberattacks. Static analysis of source code has been widely used to detect these unintentional defects introduced by software developers.…

Software Engineering · Computer Science 2024-08-08 Andrew A Mahyari