English
Related papers

Related papers: Vulnerable Source Code Detection using SonarCloud …

200 papers

Open Source Software (OSS) security and resilience are worldwide phenomena hampering economic and technological innovation. OSS vulnerabilities can cause unauthorized access, data breaches, network disruptions, and privacy violations,…

Software Engineering · Computer Science 2024-01-17 Nafis Tanveer Islam , Gonzalo De La Torre Parra , Dylan Manual , Murtuza Jadliwala , Peyman Najafirad

Background: Leaking sensitive information - such as API keys, tokens, and credentials - in source code remains a persistent security threat. Traditional regex and entropy-based tools often generate high false positives due to limited…

Software Engineering · Computer Science 2025-07-29 Md Nafiu Rahman , Sadif Ahmed , Zahin Wahab , S M Sohan , Rifat Shahriyar

Software vulnerabilities can cause numerous problems, including crashes, data loss, and security breaches. These issues greatly compromise quality and can negatively impact the market adoption of software applications and systems.…

The use of open-source software (OSS) is ever-increasing, and so is the number of open-source vulnerabilities being discovered and publicly disclosed. The gains obtained from the reuse of community-developed libraries may be offset by the…

Cryptography and Security · Computer Science 2025-03-18 Serena E. Ponta , Henrik Plate , Antonino Sabetta

Background. Developers spend more time fixing bugs and refactoring the code to increase the maintainability than developing new features. Researchers investigated the code quality impact on fault-proneness focusing on code smells and code…

Software Engineering · Computer Science 2021-03-23 Francesco Lomio , Sergio Moreschini , Valentina Lenarduzzi

Large Language Models (LLMs) transform artificial intelligence, driving advancements in natural language understanding, text generation, and autonomous systems. The increasing complexity of their development and deployment introduces…

Cryptography and Security · Computer Science 2025-02-19 Shenao Wang , Yanjie Zhao , Zhao Liu , Quanchen Zou , Haoyu Wang

Software vulnerabilities are a serious and crucial concern. Typically, in a program or function consisting of hundreds or thousands of source code statements, there are only a few statements causing the corresponding vulnerabilities. Most…

Cryptography and Security · Computer Science 2024-06-13 Van Nguyen , Trung Le , Chakkrit Tantithamthavorn , Michael Fu , John Grundy , Hung Nguyen , Seyit Camtepe , Paul Quirk , Dinh Phung

The art of finding software vulnerabilities has been covered extensively in the literature and there is a huge body of work on this topic. In contrast, the intentional insertion of exploitable, security-critical bugs has received little…

Cryptography and Security · Computer Science 2020-07-07 Jannik Pewny , Thorsten Holz

In recent years, defect prediction has received a great deal of attention in the empirical software engineering world. Predicting software defects before the maintenance phase is very important not only to decrease the maintenance costs but…

Software Engineering · Computer Science 2018-08-31 Ahmet Okutan

Large language models (LLMs) have demonstrated strong capabilities in code generation, yet they remain prone to producing security vulnerabilities. Existing approaches commonly suffer from two key limitations: the scarcity of high-quality…

Cryptography and Security · Computer Science 2026-03-02 Jiazheng Quan , Xiaodong Li , Bin Wang , Guo An , Like Liu , Degen Huang , Lin Liu , Chengbin Hou

Existing benchmarks for evaluating the security risks and capabilities (e.g., vulnerability detection) of code-generating large language models (LLMs) face several key limitations: (1) limited coverage of risk and capabilities; (2) reliance…

Cryptography and Security · Computer Science 2025-09-22 Yuzhou Nie , Zhun Wang , Yu Yang , Ruizhe Jiang , Yuheng Tang , Xander Davies , Yarin Gal , Bo Li , Wenbo Guo , Dawn Song

The Software Bill of Materials (SBOM) is a critical tool for securing the software supply chain (SSC), but its practical utility is undermined by inaccuracies in both its generation and its application in vulnerability scanning. This paper…

Cryptography and Security · Computer Science 2026-04-20 Li Zhou , Marc Dacier , Charalambos Konstantinou

Software vulnerabilities are a fundamental reason for the prevalence of cyber attacks and their identification is a crucial yet challenging problem in cyber security. In this paper, we apply and compare different machine learning algorithms…

Software Engineering · Computer Science 2024-04-16 Talaya Farasat , Joachim Posegga

With the recent unprecedented advancements in Artificial Intelligence (AI) computing, progress in Large Language Models (LLMs) is accelerating rapidly, presenting challenges in establishing clear guidelines, particularly in the field of…

Cryptography and Security · Computer Science 2024-09-04 Nafis Tanveer Islam , Joseph Khoury , Andrew Seong , Elias Bou-Harb , Peyman Najafirad

Security bugs are errors in code that, when exploited, can lead to serious software vulnerabilities. These bugs could allow an attacker to take over an application and steal information. One of the ways to address this issue is by means of…

Software Engineering · Computer Science 2021-02-23 Tiago Espinha Gasiba , Samra Hodzic , Ulrike Lechner , Maria Pinto-Albuquerque

The pervasive nature of software vulnerabilities has emerged as a primary factor for the surge in cyberattacks. Traditional vulnerability detection methods, including rule-based, signature-based, manual review, static, and dynamic analysis,…

Software Engineering · Computer Science 2025-03-07 Md Nizam Uddin , Yihe Zhang , Xiali Hei

As software becomes increasingly complex and prone to vulnerabilities, automated vulnerability detection is critically important, yet challenging. Given the significant successes of large language models (LLMs) in various tasks, there is…

Artificial Intelligence · Computer Science 2023-12-25 Zeyu Gao , Hao Wang , Yuchen Zhou , Wenyu Zhu , Chao Zhang

The Department of Homeland Security in the United States estimates that 90% of software vulnerabilities can be traced back to defects in design and software coding. The financial impact of these vulnerabilities has been shown to exceed 380…

Software Engineering · Computer Science 2021-02-11 Tiago Espinha Gasiba , Ulrike Lechner , Maria Pinto-Albuquerque , Daniel Mendez

With the increasing reliance on software and automation nowadays, tight deadlines, limited resources, and prioritization of functionality over security can lead to insecure coding practices. When not handled properly, these constraints…

Software Engineering · Computer Science 2025-07-16 Chaima Boufaied , Taher Ghaleb , Zainab Masood

Decentralized applications (DApps) face significant security risks due to vulnerabilities in smart contracts, with traditional detection methods struggling to address emerging and machine-unauditable flaws. This paper proposes a novel…

Cryptography and Security · Computer Science 2026-02-03 Jiuyang Bu , Wenkai Li , Zongwei Li , Zeng Zhang , Xiaoqi Li