English
Related papers

Related papers: AIBugHunter: A Practical Tool for Predicting, Clas…

200 papers

The art of finding software vulnerabilities has been covered extensively in the literature and there is a huge body of work on this topic. In contrast, the intentional insertion of exploitable, security-critical bugs has received little…

Cryptography and Security · Computer Science 2020-07-07 Jannik Pewny , Thorsten Holz

Software vulnerabilities can pose severe harms to a computing system. They can lead to system crash, privacy leakage, or even physical damage. Correctly identifying vulnerabilities among enormous software codes in a timely manner is so far…

Cryptography and Security · Computer Science 2022-11-24 Jin Wang , Hui Xiao , Shuwen Zhong , Yinhao Xiao

[Context:] The acceptance of candidate patches in automated program repair has been typically based on testing oracles. Testing requires typically a costly process of building the application while ML models can be used to quickly classify…

Software Engineering · Computer Science 2025-04-10 Maria Camporese , Fabio Massacci

Software supply chain vulnerabilities arise when attackers exploit weaknesses by injecting vulnerable code into widely used packages or libraries within software repositories. While most existing approaches focus on identifying vulnerable…

Cryptography and Security · Computer Science 2025-06-25 Sajal Halder , Muhammad Ejaz Ahmed , Seyit Camtepe

Software security vulnerabilities allow attackers to perform malicious activities to disrupt software operations. Recent Transformer-based language models have significantly advanced vulnerability detection, surpassing the capabilities of…

Cryptography and Security · Computer Science 2024-06-11 Aidan Z. H. Yang , Haoye Tian , He Ye , Ruben Martins , Claire Le Goues

Debugging ML software (i.e., the detection, localization and fixing of faults) poses unique challenges compared to traditional software largely due to the probabilistic nature and heterogeneity of its development process. Various methods…

Software Engineering · Computer Science 2025-03-06 Thanh-Dat Nguyen , Haoye Tian , Bach Le , Patanamon Thongtanunam , Shane McIntosh

Software vulnerabilities in source code pose serious cybersecurity risks, prompting a shift from traditional detection methods (e.g., static analysis, rule-based matching) to AI-driven approaches. This study presents a systematic review of…

Software Engineering · Computer Science 2025-06-13 Samiha Shimmi , Hamed Okhravi , Mona Rahimi

Testing is the most widely employed method to find vulnerabilities in real-world software programs. Compositional analysis, based on symbolic execution, is an automated testing method to find vulnerabilities in medium- to large-scale…

Software Engineering · Computer Science 2018-07-25 Saahil Ognawala , Ricardo Nales Amato , Alexander Pretschner , Pooja Kulkarni

To address the extremely concerning problem of software vulnerability, system security is often entrusted to Machine Learning (ML) algorithms. Despite their now established detection capabilities, such models are limited by design to…

Machine Learning · Computer Science 2025-10-14 Marco Pintore , Giorgio Piras , Angelo Sotgiu , Maura Pintor , Battista Biggio

The lack of comprehensive sources of accurate vulnerability data represents a critical obstacle to studying and understanding software vulnerabilities (and their corrections). In this paper, we present an approach that combines heuristics…

Software Engineering · Computer Science 2025-03-18 Daan Hommersom , Antonino Sabetta , Bonaventura Coppola , Dario Di Nucci , Damian A. Tamburri

Software vulnerabilities bear enterprises significant costs. Despite extensive efforts in research and development of software vulnerability detection methods, uncaught vulnerabilities continue to put software owners and users at risk. Many…

Deep learning (DL) techniques are on the rise in the software engineering research community. More and more approaches have been developed on top of DL models, also due to the unprecedented amount of software-related data that can be used…

Software Engineering · Computer Science 2021-03-23 Alejandro Mazuera-Rozo , Anamaria Mojica-Hanke , Mario Linares-Vásquez , Gabriele Bavota

This paper proposes a pipeline for quantitatively evaluating interactive Large Language Models (LLMs) using publicly available datasets. We carry out an extensive technical evaluation of LLMs using Big-Vul covering four different common…

Software Engineering · Computer Science 2024-07-09 Xin Yin , Chao Ni , Shaohua Wang

Malware, a persistent cybersecurity threat, increasingly targets interconnected digital systems such as desktop, mobile, and IoT platforms through sophisticated attack vectors. By exploiting these vulnerabilities, attackers compromise the…

Cryptography and Security · Computer Science 2025-10-09 Matteo Brosolo , Asmitha K. A. , Mauro Conti , Rafidha Rehiman K. A. , Muhammed Shafi K. P. , Serena Nicolazzo , Antonino Nocera , Vinod P

Timely identification of issue reports reflecting software vulnerabilities is crucial, particularly for Internet-of-Things (IoT) where analysis is slower than non-IoT systems. While Machine Learning (ML) and Large Language Models (LLMs)…

Software Engineering · Computer Science 2025-11-05 Sogol Masoumzadeh

Software testing and verification are critical for ensuring the reliability and security of modern software systems. Traditionally, formal verification techniques, such as model checking and theorem proving, have provided rigorous…

Software Engineering · Computer Science 2025-03-17 Norbert Tihanyi , Tamas Bisztray , Mohamed Amine Ferrag , Bilel Cherif , Richard A. Dubniczky , Ridhi Jain , Lucas C. Cordeiro

In software, a vulnerability is a defect in a program that attackers might utilize to acquire unauthorized access, alter system functions, and acquire information. These vulnerabilities arise from programming faults, design flaws, incorrect…

Software Engineering · Computer Science 2024-11-28 Md. Fahim Sultan , Tasmin Karim , Md. Shazzad Hossain Shaon , Mohammad Wardat , Mst Shapna Akter

The large transformer-based language models demonstrate excellent performance in natural language processing. By considering the transferability of the knowledge gained by these models in one domain to other related domains, and the…

Cryptography and Security · Computer Science 2022-09-07 Chandra Thapa , Seung Ick Jang , Muhammad Ejaz Ahmed , Seyit Camtepe , Josef Pieprzyk , Surya Nepal

Recent results of machine learning for automatic vulnerability detection (ML4VD) have been very promising. Given only the source code of a function $f$, ML4VD techniques can decide if $f$ contains a security flaw with up to 70% accuracy.…

Cryptography and Security · Computer Science 2025-01-16 Niklas Risse , Marcel Böhme

Bug severity prediction is important in software maintenance, because it helps the development teams to prioritize bugs that have a significant impact on the operation, stability and security of the system. In large software projects bug…

Software Engineering · Computer Science 2026-03-03 Nafisha Tamanna Nice