English
Related papers

Related papers: Code-centric Learning-based Just-In-Time Vulnerabi…

200 papers

Large Language Models (LLMs) have achieved strong performance across natural language and multimodal tasks, yet their practical deployment remains constrained by inference latency and kernel launch overhead, particularly in interactive,…

Machine Learning · Computer Science 2026-04-28 Divakar Kumar Yadav , Tian Zhao

Software vulnerabilities often persist or re-emerge even after being fixed, revealing the complex interplay between code evolution and socio-technical factors. While source code metrics provide useful indicators of vulnerabilities, software…

Software Engineering · Computer Science 2026-01-21 Samiha Shimmi , Nicholas M. Synovic , Mona Rahimi , George K. Thiruvathukal

Static Application Security Testing (SAST) enables organizations to detect vulnerabilities in code early; however, major SAST platforms do not include visual aids and present little insight on correlations between tainted data chains. We…

Cryptography and Security · Computer Science 2025-05-23 Naeem Budhwani , Mohammad Faghani , Hayden Richard

Smart contracts govern billions of dollars in decentralized finance (DeFi), yet automated vulnerability detection remains challenging because many vulnerabilities are tightly coupled with project-specific business logic. We observe that…

Cryptography and Security · Computer Science 2026-03-30 Ziqiao Kong , Wanxu Xia , Chong Wang , Yi Lu , Pan Li , Shaohua Li , Zong Cao , Yang Liu

Regression testing in Continuous Integration (CI) pipelines is increasingly costly due to the growing size and execution frequency of test suites. Test Case Prioritization (TCP) mitigates this problem by reordering tests to expose faults…

Software Engineering · Computer Science 2026-04-29 Lorenzo Abbondante , Gerardo Canfora

The absolute majority of software today is developed collaboratively using collaborative version control tools such as Git. It is a common practice that once a vulnerability is detected and fixed, the developers behind the software issue a…

Cryptography and Security · Computer Science 2023-02-07 Nitzan Farhi , Noam Koenigstein , Yuval Shavitt

With the pervasive integration of computer applications across industries, the presence of vulnerabilities within code bases poses significant risks. The diversity of software ecosystems coupled with the intricate nature of modern software…

Software Engineering · Computer Science 2025-06-16 Bowen Tian , Zhengyang Xu , Mingqiang Wu , Songning Lai , Yutai Yue

Dr$.$Jit is a new just-in-time compiler for physically based rendering and its derivative. Dr$.$Jit expedites research on these topics in two ways: first, it traces high-level simulation code (e.g., written in Python) and aggressively…

Graphics · Computer Science 2026-05-26 Wenzel Jakob , Sébastien Speierer , Nicolas Roussel , Delio Vicini

Automatically locating vulnerable statements in source code is crucial to assure software security and alleviate developers' debugging efforts. This becomes even more important in today's software ecosystem, where vulnerable code can flow…

Software Engineering · Computer Science 2022-01-14 Yangruibo Ding , Sahil Suneja , Yunhui Zheng , Jim Laredo , Alessandro Morari , Gail Kaiser , Baishakhi Ray

Modern software development is based on a series of rapid incremental changes collaboratively made to large source code repositories by developers with varying experience and expertise levels. The ZeroIn project is aimed at analyzing the…

Software Engineering · Computer Science 2022-04-19 Kalyan Perumalla , Aradhana Soni , Rupam Dey , Steven Rich

Vulnerability identification is crucial to protect the software systems from attacks for cyber security. It is especially important to localize the vulnerable functions among the source code to facilitate the fix. However, it is a…

Software Engineering · Computer Science 2019-09-10 Yaqin Zhou , Shangqing Liu , Jingkai Siow , Xiaoning Du , Yang Liu

Software repositories such as Git have become a relevant source of information for software engineer researcher. For instance, the detection of Commits that fulfill a given criterion (e.g., bugfixing commits) is one of the most frequent…

Software Engineering · Computer Science 2019-06-11 Matias Martinez , Martin Monperrus

In this paper, we investigate the strategies adopted by Solidity developers to fix security vulnerabilities in smart contracts. Vulnerabilities are categorized using the DASP TOP 10 taxonomy, and fixing strategies are extracted from GitHub…

Software is prone to security vulnerabilities. Program analysis tools to detect them have limited effectiveness in practice due to their reliance on human labeled specifications. Large language models (or LLMs) have shown impressive code…

Cryptography and Security · Computer Science 2025-04-08 Ziyang Li , Saikat Dutta , Mayur Naik

We present the Code Documentation and Analysis Tool (CoDAT). CoDAT is a tool designed to maintain consistency between the various levels of code documentation, e.g. if a line in a code sketch is changed, the comment that documents the…

Software Engineering · Computer Science 2024-07-17 Paul Attie , Anas Obeidat , Nathaniel Oh , Ian Yelle

In the context of Just-In-Time Software Defect Prediction (JIT-SDP), Concept drift (CD) can occur due to changes in the software development process, the complexity of the software, or changes in user behavior that may affect the stability…

Software Engineering · Computer Science 2023-05-29 Zeynab Chitsazian , Saeed Sedighian Kashi , Amin Nikanjam

Cyber-physical software continually interacts with its physical environment for adaptation in order to deliver smart services. However, the interactions can be subject to various errors when the software's assumption on its environment no…

Software Engineering · Computer Science 2018-07-09 Yi Qin , Tao Xie , Chang Xu , Angello Astorga , Jian Lu

Dynamic code, i.e., code that is created or modified at runtime, is ubiquitous in today's world. The behavior of dynamic code can depend on the logic of the dynamic code generator in subtle and non-obvious ways, with significant security…

Cryptography and Security · Computer Science 2019-10-31 Jesse Bartels , Jon Stephens , Saumya Debray

Large Language Models (LLMs) have strong capabilities in code comprehension, but fine-tuning costs and semantic alignment issues limit their project-specific optimization; conversely, code models such CodeBERT are easy to fine-tune, but it…

Software Engineering · Computer Science 2024-07-22 Ziliang Wang , Ge Li , Jia Li , Yingfei Xiong , Jia Li , Meng Yan , Zhi Jin

Smart contracts deployed on blockchain platforms are vulnerable to various security vulnerabilities. However, only a small number of Ethereum contracts have released their source code, so vulnerability detection at the bytecode level is…

Cryptography and Security · Computer Science 2026-02-03 Jiuyang Bu , Wenkai Li , Zongwei Li , Zeng Zhang , Xiaoqi Li