English
Related papers

Related papers: Malicious Source Code Detection Using Transformer

200 papers

Security is critical to the adoption of open source software (OSS), yet few automated solutions currently exist to help detect and prevent malicious contributions from infecting open source repositories. On GitHub, a primary host of OSS,…

Software Engineering · Computer Science 2021-03-11 Danielle Gonzalez , Thomas Zimmermann , Patrice Godefroid , Max Schaefer

With the advent of Software Defined Networks (SDNs), there has been a rapid advancement in the area of cloud computing. It is now scalable, cheaper, and easier to manage. However, SDNs are more prone to security vulnerabilities as compared…

Cryptography and Security · Computer Science 2019-10-03 Mahmoud Said Elsayed , Nhien-An Le-Khac , Soumyabrata Dev , Anca Delia Jurcut

Deep neural networks are vulnerable to a range of adversaries. A particularly pernicious class of vulnerabilities are backdoors, where model predictions diverge in the presence of subtle triggers in inputs. An attacker can implant a…

Machine Learning · Computer Science 2022-12-20 Goutham Ramakrishnan , Aws Albarghouthi

Bug localization in object oriented program ha s always been an important issue in softeware engineering. In this paper, I propose a source level bug localization technique for object oriented embedded programs. My proposed technique,…

Software Engineering · Computer Science 2011-09-02 Partha Pratim Ray

Malicious software packages in open-source ecosystems, such as PyPI, pose growing security risks. Unlike traditional vulnerabilities, these packages are intentionally designed to deceive users, making detection challenging due to evolving…

Software Engineering · Computer Science 2025-04-21 Motunrayo Ibiyo , Thinakone Louangdy , Phuong T. Nguyen , Claudio Di Sipio , Davide Di Ruscio

Software supply-chain attacks are an important and ongoing concern in the open source software ecosystem. These attacks maintain the standard functionality that a component implements, but additionally hide malicious functionality activated…

Cryptography and Security · Computer Science 2025-12-17 Evangelos Lamprou , Julian Dai , Grigoris Ntousakis , Martin C. Rinard , Nikos Vasilakis

Smart contracts are a major tool in Ethereum transactions. Therefore hackers can exploit them by adding code vulnerabilities to their sources and using these vulnerabilities for performing malicious transactions. This paper presents two…

Cryptography and Security · Computer Science 2024-08-19 Natan Katz

Package managers such as NPM, Maven, and PyPI play a pivotal role in open-source software (OSS) ecosystems, streamlining the distribution and management of various freely available packages. The fine-grained details within software packages…

Software Engineering · Computer Science 2024-04-18 Xiaoyan Zhou , Feiran Liang , Zhaojie Xie , Yang Lan , Wenjia Niu , Jiqiang Liu , Haining Wang , Qiang Li

Protocol detection is the process of determining the application layer protocol in the context of network security monitoring, which requires a timely and precise decision to enable protocol-specific deep packet inspection. This task has…

Networking and Internet Architecture · Computer Science 2019-12-10 Jan Grashöfer , Christian Titze , Hannes Hartenstein

Over the years, open-source software systems have become prey to threat actors. Even as open-source communities act quickly to patch the breach, code vulnerability screening should be an integral part of agile software development from the…

Cryptography and Security · Computer Science 2024-01-09 Nafis Tanveer Islam , Gonzalo De La Torre Parra , Dylan Manuel , Elias Bou-Harb , Peyman Najafirad

One of the pivotal security threats for the embedded computing systems is malicious software a.k.a malware. With efficiency and efficacy, Machine Learning (ML) has been widely adopted for malware detection in recent times. Despite being…

Cryptography and Security · Computer Science 2024-04-16 Sreenitha Kasarapu , Sanket Shukla , Rakibul Hassan , Avesta Sasan , Houman Homayoun , Sai Manoj Pudukotai Dinakarrao

Network trace signature matching is one reliable approach to detect active Remote Control Trojan, (RAT). Compared to statistical-based detection of malicious network traces in the face of known RATs, the signature-based method can achieve…

Cryptography and Security · Computer Science 2021-04-07 Cong Dong , Zhigang Lu , Zelin Cui , Baoxu Liu , Kai Chen

LLM-based code agents(e.g., ChatGPT Codex) are increasingly deployed as detector for code review and security auditing tasks. Although CoT-enhanced LLM vulnerability detectors are believed to provide improved robustness against obfuscated…

Cryptography and Security · Computer Science 2025-12-25 Haoyang Li , Mingjin Li , Jinxin Zuo , Siqi Li , Xiao Li , Hao Wu , Yueming Lu , Xiaochuan He

Hackers may create malicious solidity programs and deploy it in the Ethereum block chain. These malicious smart contracts try to attack legitimate programs by exploiting its vulnerabilities such as reentrancy, tx.origin attack, bad…

Cryptography and Security · Computer Science 2025-12-10 Roopak Surendran

In this paper we present an elaborated graph-based algorithmic technique for efficient malware detection. More precisely, we utilize the system-call dependency graphs (or, for short ScD graphs), obtained by capturing taint analysis traces…

Cryptography and Security · Computer Science 2014-12-31 Stavros D. Nikolopoulos , Iosif Polenakis

Using open-source dependencies is essential in modern software development. However, this practice implies significant trust in third-party code, while there is little support for developers to assess this trust. As a consequence, attacks…

Software Engineering · Computer Science 2025-09-08 Raphina Liu , Sofia Bobadilla , Benoit Baudry , Martin Monperrus

With the celebrated success of deep learning, some attempts to develop effective methods for detecting malicious PowerShell programs employ neural nets in a traditional natural language processing setup while others employ convolutional…

Software Engineering · Computer Science 2018-10-23 Gili Rusak , Abdullah Al-Dujaili , Una-May O'Reilly

With the wave of high-profile supply chain attacks targeting development and client organizations, supply chain security has recently become a focal point. As a result, there is an elevated discussion on securing the development environment…

The continuous increase in malware samples, both in sophistication and number, presents many challenges for organizations and analysts, who must cope with thousands of new heterogeneous samples daily. This requires robust methods to quickly…

Cryptography and Security · Computer Science 2025-03-26 Theodoros Apostolopoulos , Vasilios Koutsokostas , Nikolaos Totosis , Constantinos Patsakis , Georgios Smaragdakis

The dramatic growth in smartphone malware shows that malicious program developers are shifting from traditional PC systems to smartphone devices. Therefore, security researchers are also moving towards proposing novel antimalware methods to…

Cryptography and Security · Computer Science 2019-06-13 Sajad Homayoun , Ali Dehghantanha , Reza M. Parizi , Kim-Kwang Raymond Choo