English
Related papers

Related papers: SECOMlint: A linter for Security Commit Messages

200 papers

With the rapid increasing number of open source software (OSS), the majority of the software vulnerabilities in the open source components are fixed silently, which leads to the deployed software that integrated them being unable to get a…

Cryptography and Security · Computer Science 2022-07-20 Bozhi Wu , Shangqing Liu , Ruitao Feng , Xiaofei Xie , Jingkai Siow , Shang-Wei Lin

Undefined behavior in C often causes devastating security vulnerabilities. One practical mitigation is compartmentalization, which allows developers to structure large programs into mutually distrustful compartments with clearly specified…

The informativeness of security-related commit messages is crucial for patch triage: when high, it enables the rapid distribution and deployment of security fixes. Prior research (Reis et al., 2023) reported, however, that commit messages…

Software Engineering · Computer Science 2026-04-23 Syful Islam , Stefano Zacchiroli

Large language models (LLMs) are becoming increasingly prevalent in modern software systems, interfacing between the user and the Internet to assist with tasks that require advanced language understanding. To accomplish these tasks, the LLM…

Cryptography and Security · Computer Science 2025-07-04 Sizhe Chen , Arman Zharmagambetov , Saeed Mahloujifar , Kamalika Chaudhuri , David Wagner , Chuan Guo

Commit messages (CMs) are an essential part of version control. By providing important context in regard to what has changed and why, they strongly support software maintenance and evolution. But writing good CMs is difficult and often…

Software Engineering · Computer Science 2023-09-12 David Faragó , Michael Färber , Christian Petrov

Prompt injection attacks, where untrusted data contains an injected prompt to manipulate the system, have been listed as the top security threat to LLM-integrated applications. Model-level prompt injection defenses have shown strong…

Cryptography and Security · Computer Science 2026-02-09 Sizhe Chen , Arman Zharmagambetov , David Wagner , Chuan Guo

We present \texttt{secml}, an open-source Python library for secure and explainable machine learning. It implements the most popular attacks against machine learning, including test-time evasion attacks to generate adversarial examples…

Machine Learning · Computer Science 2022-05-16 Maura Pintor , Luca Demetrio , Angelo Sotgiu , Marco Melis , Ambra Demontis , Battista Biggio

The ever increasing complexity of hardware platforms poses a challenge to systems programmers. Correctly programming a multitude of components, providing functionality and security, is difficult: semantics of individual units are described…

Cryptography and Security · Computer Science 2026-04-21 Ben Fiedler , Samuel Gruetter , Timothy Roscoe

In recent years, there has been a growing focus on scrutinizing the security of cellular networks, often attributing security vulnerabilities to issues in the underlying protocol design descriptions. These protocol design specifications,…

Cryptography and Security · Computer Science 2024-07-19 Mirza Masfiqur Rahman , Imtiaz Karim , Elisa Bertino

SEAndroid enforcement is now mandatory for Android devices. In order to provide the desired level of security for their products, Android OEMs need to be able to minimize their mistakes in writing SEAndroid policies. However, existing…

Cryptography and Security · Computer Science 2017-03-14 Elena Reshetova , Filippo Bonazzi , N. Asokan

Effective cyber threat recognition and prevention demand comprehensible forecasting systems, as prior approaches commonly offer limited and, ultimately, unconvincing information. We introduce Simplified Plaintext Language (SPLAIN), a…

Computation and Language · Computer Science 2023-11-27 Vera A. Kazakova , Jena D. Hwang , Bonnie J. Dorr , Yorick Wilks , J. Blake Gage , Alex Memory , Mark A. Clark

The rapid advancement of information technology has introduced a noticeable shift from traditional offline practices to more efficient and interconnected online environments. This transition, while offering convenience, has also increased…

Cryptography and Security · Computer Science 2026-05-20 Mohammed Mahir Rahman , Shahzad Memon , Tauseef Ahmed , Ameer Al-Nemrat

Semantic communication (SemCom) is regarded as a promising and revolutionary technology in 6G, aiming to transcend the constraints of ``Shannon's trap" by filtering out redundant information and extracting the core of effective data.…

Cryptography and Security · Computer Science 2025-03-27 Rui Meng , Song Gao , Dayu Fan , Haixiao Gao , Yining Wang , Xiaodong Xu , Bizhu Wang , Suyu Lv , Zhidi Zhang , Mengying Sun , Shujun Han , Chen Dong , Xiaofeng Tao , Ping Zhang

Large Language Models (LLMs) have shown great promise in vulnerability identification. As C/C++ comprises half of the Open-Source Software (OSS) vulnerabilities over the past decade and updates in OSS mainly occur through commits, enhancing…

Cryptography and Security · Computer Science 2024-09-12 Zeqing Qin , Yiwei Wu , Lansheng Han

Open source software (OSS) is integral to modern product development, and any vulnerability within it potentially compromises numerous products. While developers strive to apply security patches, pinpointing these patches among extensive…

Cryptography and Security · Computer Science 2024-09-16 Jinhong Yu , Yi Chen , Di Tang , Xiaozhong Liu , XiaoFeng Wang , Chen Wu , Haixu Tang

Semantic communication (SemCom) redefines wireless communication from reproducing symbols to transmitting task-relevant semantics. However, this AI-native architecture also introduces new vulnerabilities, as semantic failures may arise from…

Cryptography and Security · Computer Science 2026-03-05 Lan Zhang , Chengsi Liang , Zeming Zhuang , Yao Sun , Fang Fang , Xiaoyong Yuan , Dusit Niyato

Semantic communication (SemCom) has emerged as a promising paradigm for future wireless networks by prioritizing task-relevant meaning over raw data delivery, thereby reducing communication overhead and improving efficiency. However,…

Cryptography and Security · Computer Science 2026-04-24 Weixuan Chen , Qianqian Yang , Yuanyuan Jia , Junyu Pan , Shuo Shao , Jincheng Dai , Meixia Tao , Ping Zhang

Security patches in open-source software, providing security fixes to identified vulnerabilities, are crucial in protecting against cyberattacks. Despite the National Vulnerability Database (NVD) publishes identified vulnerabilities, a vast…

Cryptography and Security · Computer Science 2021-06-08 Yaqin Zhou , Jing Kai Siow , Chenyu Wang , Shangqing Liu , Yang Liu

How do we update AI memory of user intent as intent changes? We consider how an AI interface may assist the integration of new information into a repository of natural language data. Inspired by software engineering concepts like impact…

Human-Computer Interaction · Computer Science 2025-04-15 Priyan Vaithilingam , Munyeong Kim , Frida-Cecilia Acosta-Parenteau , Daniel Lee , Amine Mhedhbi , Elena L. Glassman , Ian Arawjo

Existing benchmarks for evaluating the security risks and capabilities (e.g., vulnerability detection) of code-generating large language models (LLMs) face several key limitations: (1) limited coverage of risk and capabilities; (2) reliance…

Cryptography and Security · Computer Science 2025-09-22 Yuzhou Nie , Zhun Wang , Yu Yang , Ruizhe Jiang , Yuheng Tang , Xander Davies , Yarin Gal , Bo Li , Wenbo Guo , Dawn Song
‹ Prev 1 2 3 10 Next ›