English
Related papers

Related papers: VulCurator: A Vulnerability-Fixing Commit Detector

200 papers

In order to ensure the quality of software and prevent attacks from hackers on critical systems, static analysis tools are frequently utilized to detect vulnerabilities in the early development phase. However, these tools often report a…

Software Engineering · Computer Science 2022-09-28 Thanh Trong Vu , Hieu Dinh Vo

As one of the representative Delegated Proof-of-Stake (DPoS) blockchain platforms, EOSIO's ecosystem grows rapidly in recent years. A number of vulnerabilities and corresponding attacks of EOSIO's smart contracts have been discovered and…

Cryptography and Security · Computer Science 2019-06-26 Lijin Quan , Lei Wu , Haoyu Wang

As software vulnerabilities increase in both volume and complexity, vendors often struggle to repair them promptly. Automated vulnerability repair has emerged as a promising solution to reduce the burden of manual debugging and fixing…

Software Engineering · Computer Science 2024-11-28 Bo Lin , Shangwen Wang , Liqian Chen , Xiaoguang Mao

To address security vulnerabilities arising from third-party libraries, security researchers maintain databases monitoring and curating vulnerability reports. Application developers can identify vulnerable libraries by directly querying the…

Cryptography and Security · Computer Science 2023-11-20 Tianyu Chen , Lin Li , Bingjie Shan , Guangtai Liang , Ding Li , Qianxiang Wang , Tao Xie

Security vulnerabilities present in a code that has been written in diverse programming languages are among the most critical yet complicated aspects of source code to detect. Static analysis tools based on rule-based patterns usually do…

Cryptography and Security · Computer Science 2025-08-19 Hael Abdulhakim Ali Humran , Ferdi Sonmez

Despite various approaches being employed to detect vulnerabilities, the number of reported vulnerabilities shows an upward trend over the years. This suggests the problems are not caught before the code is released, which could be caused…

Cryptography and Security · Computer Science 2025-02-14 Karl Tamberg , Hayretdin Bahsi

Accurately assessing software vulnerabilities is essential for effective prioritization and remediation. While various scoring systems exist to support this task, their differing goals, methodologies and outputs often lead to inconsistent…

Cryptography and Security · Computer Science 2025-08-20 Viktoria Koscinski , Mark Nelson , Ahmet Okutan , Robert Falso , Mehdi Mirakhorli

Commits often involve refactorings -- behavior-preserving code modifications aiming at software design improvements. Refactoring operations pose a challenge to code reviewers, as distinguishing them from behavior-altering changes is often…

Software Engineering · Computer Science 2025-02-26 Benjamin Ritz , Aleksandar Karakaš , Denis Helic

To address the extremely concerning problem of software vulnerability, system security is often entrusted to Machine Learning (ML) algorithms. Despite their now established detection capabilities, such models are limited by design to…

Machine Learning · Computer Science 2025-10-14 Marco Pintore , Giorgio Piras , Angelo Sotgiu , Maura Pintor , Battista Biggio

Software vulnerabilities continue to undermine the reliability and security of modern systems, particularly as software complexity outpaces the capabilities of traditional detection methods. This study introduces a genetic algorithm-based…

Software Engineering · Computer Science 2025-08-11 Yanusha Mehendran , Maolin Tang , Yi Lu

The integration of open-source third-party library dependencies in Java development introduces significant security risks when these libraries contain known vulnerabilities. Existing Software Composition Analysis (SCA) tools struggle to…

Software Engineering · Computer Science 2025-07-25 Wang Lingxiang , Quanzhi Fu , Wenjia Song , Gelei Deng , Yi Liu , Dan Williams , Ying Zhang

Fine-tuning large language models (LLMs) for domain-specific tasks requires training datasets that comprehensively cover the target capabilities a practitioner needs. Yet identifying which capabilities a dataset fails to support, and doing…

In modern software development, vulnerability detection is crucial due to the inevitability of bugs and vulnerabilities in complex software systems. Effective detection and elimination of these vulnerabilities during the testing phase are…

Cryptography and Security · Computer Science 2025-09-29 Christopher Scherb , Luc Bryan Heitz , Hermann Grieder

Deep learning (DL) has been a common thread across several recent techniques for vulnerability detection. The rise of large, publicly available datasets of vulnerabilities has fueled the learning process underpinning these techniques. While…

Software Engineering · Computer Science 2025-01-27 Adriana Sejfia , Satyaki Das , Saad Shafiq , Nenad Medvidović

In software, a vulnerability is a defect in a program that attackers might utilize to acquire unauthorized access, alter system functions, and acquire information. These vulnerabilities arise from programming faults, design flaws, incorrect…

Software Engineering · Computer Science 2024-11-28 Md. Fahim Sultan , Tasmin Karim , Md. Shazzad Hossain Shaon , Mohammad Wardat , Mst Shapna Akter

Reliable confidence estimation is a challenging yet fundamental requirement in many risk-sensitive applications. However, modern deep neural networks are often overconfident for their incorrect predictions, i.e., misclassified samples from…

Computer Vision and Pattern Recognition · Computer Science 2024-03-06 Fei Zhu , Xu-Yao Zhang , Zhen Cheng , Cheng-Lin Liu

Software vulnerability detection is generally supported by automated static analysis tools, which have recently been reinforced by deep learning (DL) models. However, despite the superior performance of DL-based approaches over rule-based…

Software Engineering · Computer Science 2024-05-03 Yanjing Yang , Xin Zhou , Runfeng Mao , Jinwei Xu , Lanxin Yang , Yu Zhangm , Haifeng Shen , He Zhang

Software vulnerability detection (SVD) is a critical challenge in modern systems. Large language models (LLMs) offer natural-language explanations alongside predictions, but most work focuses on binary evaluation, and explanations often…

Software Engineering · Computer Science 2026-02-12 Samal Mukhtar , Yinghua Yao , Zhu Sun , Mustafa Mustafa , Yew Soon Ong , Youcheng Sun

Patch robustness certification is an emerging kind of defense technique against adversarial patch attacks with provable guarantees. There are two research lines: certified recovery and certified detection. They aim to label malicious…

Software Engineering · Computer Science 2024-05-14 Qilin Zhou , Zhengyuan Wei , Haipeng Wang , Bo Jiang , W. K. Chan

Software, while beneficial, poses potential cybersecurity risks due to inherent vulnerabilities. Detecting these vulnerabilities is crucial, and deep learning has shown promise as an effective tool for this task due to its ability to…

Software Engineering · Computer Science 2024-01-17 Imam Nur Bani Yusuf , Lingxiao Jiang