English
Related papers

Related papers: Vulnerable Source Code Detection using SonarCloud …

200 papers

Deep learning (DL) models have become increasingly popular in identifying software vulnerabilities. Prior studies found that vulnerabilities across different vulnerable programs may exhibit similar vulnerable scopes, implicitly forming…

Cryptography and Security · Computer Science 2023-06-13 Michael Fu , Trung Le , Van Nguyen , Chakkrit Tantithamthavorn , Dinh Phung

The software product is a source of cyber-attacks that target organizations by using their software supply chain as a distribution vector. As the reliance of software projects on open-source or proprietary modules is increasing drastically,…

Cryptography and Security · Computer Science 2023-05-24 Betul Gokkaya , Leonardo Aniello , Basel Halak

This paper presents the source code analysis of a file reader server socket program (connection-oriented sockets) developed in Java, to illustrate the identification, impact analysis and solutions to remove five important software security…

Cryptography and Security · Computer Science 2014-12-02 Natarajan Meghanathan

Security vulnerabilities present in a code that has been written in diverse programming languages are among the most critical yet complicated aspects of source code to detect. Static analysis tools based on rule-based patterns usually do…

Cryptography and Security · Computer Science 2025-08-19 Hael Abdulhakim Ali Humran , Ferdi Sonmez

This paper introduces an innovative approach that combines Large Language Models (LLMs) with Formal Verification strategies for automatic software vulnerability repair. Initially, we employ Bounded Model Checking (BMC) to identify…

Software Engineering · Computer Science 2024-07-01 Norbert Tihanyi , Ridhi Jain , Yiannis Charalambous , Mohamed Amine Ferrag , Youcheng Sun , Lucas C. Cordeiro

Large language models (LLMs) have been widely adopted in modern software development lifecycles, where they are increasingly used to automate and assist code generation, significantly improving developer productivity and reducing…

Cryptography and Security · Computer Science 2026-02-05 Hoang Long Do , Nasrin Sohrabi , Muneeb Ul Hassan

Automation of code reviews using AI models has garnered substantial attention in the software engineering community as a strategy to reduce the cost and effort associated with traditional peer review processes. These models are typically…

Software Engineering · Computer Science 2025-04-24 Leonardo Centellas-Claros , Juan J. Alonso-Lecaros , Juan Pablo Sandoval Alcocer , Andres Neyem

Identifying and addressing security issues during the early phase of the development lifecycle is critical for mitigating the long-term negative impacts on software systems. Code review serves as an effective practice that enables…

Software Engineering · Computer Science 2025-10-31 Fang Liu , Simiao Liu , Yinghao Zhu , Xiaoli Lian , Li Zhang

The rapid advancement of Large Language Models (LLMs) has enhanced software development processes, minimizing the time and effort required for coding and enhancing developer productivity. However, despite their potential benefits, code…

Cryptography and Security · Computer Science 2025-04-30 Swaroop Dora , Deven Lunkad , Naziya Aslam , S. Venkatesan , Sandeep Kumar Shukla

Context: Static code analysis (SCA) tools play a vital role in software development, reducing the cost and time required for code reviews. However, high false-positive and false-negative rates are reported for the best tools in the…

Software Engineering · Computer Science 2026-03-03 Lakmal Deshapriya , Sherlock A. Licorish , Brendon J. Woodford

Application security is an essential part of developing modern software, as lots of attacks depend on vulnerabilities in software. The number of attacks is increasing globally due to technological advancements. Companies must include…

Cryptography and Security · Computer Science 2023-05-18 Mohamed Mjd Alhafi , Mohammad Hammade , Khloud Al Jallad

The detection of software vulnerabilities (or vulnerabilities for short) is an important problem that has yet to be tackled, as manifested by the many vulnerabilities reported on a daily basis. This calls for machine learning methods for…

Machine Learning · Computer Science 2021-01-27 Zhen Li , Deqing Zou , Shouhuai Xu , Hai Jin , Yawei Zhu , Zhaoxuan Chen

Software supply chains (SSCs) are complex systems composed of dynamic, heterogeneous technical and social components which collectively achieve the production and maintenance of software artefacts. Attacks on SSCs are increasing, yet…

Software Engineering · Computer Science 2026-03-30 Thomas Welsh , Kristófer Finnsson , Brynjólfur Stefánsson , Helmut Neukirchen

Information protection is becoming a focal point for designing, creating and implementing software applications within highly integrated technology environments. The use of a safe coding technique in the software development process is…

Software Engineering · Computer Science 2020-12-11 Isaac Chin Eian , Lim Ka Yong , Majesty Yeap Xiao Li , Noor Affan Bin Noor Hasmaddi , Fatima-tuz-Zahra

Software vulnerabilities in source code pose serious cybersecurity risks, prompting a shift from traditional detection methods (e.g., static analysis, rule-based matching) to AI-driven approaches. This study presents a systematic review of…

Software Engineering · Computer Science 2025-06-13 Samiha Shimmi , Hamed Okhravi , Mona Rahimi

Smart contract vulnerabilities caused significant economic losses in blockchain applications. Large Language Models (LLMs) provide new possibilities for addressing this time-consuming task. However, state-of-the-art LLM-based detection…

Cryptography and Security · Computer Science 2025-01-14 ZeKe Xiao , Qin Wang , Hammond Pearce , Shiping Chen

Large Language Models (LLMs) have revolutionized code generation, achieving exceptional results on various established benchmarking frameworks. However, concerns about data contamination - where benchmark data inadvertently leaks into…

Hardware Architecture · Computer Science 2025-06-13 Zeng Wang , Minghao Shao , Jitendra Bhandari , Likhitha Mankali , Ramesh Karri , Ozgur Sinanoglu , Muhammad Shafique , Johann Knechtel

Code quality is an attribute composed of various metrics, such as complexity, readability, testability, interoperability, reusability, and the use of good or bad practices, among others. Static code analysis tools aim to measure a set of…

Software Engineering · Computer Science 2024-10-07 Igor Regis da Silva Simões , Elaine Venson

Vulnerability discovery and exploits detection are two wide areas of study in software engineering. This preliminary work tries to combine existing methods with machine learning techniques to define a metric classification of vulnerable…

Software Engineering · Computer Science 2014-07-23 Gabriele Modena

Large language models can generate runnable software artifacts, but their security remains difficult to evaluate end to end. This study examines that problem through a Detect--Repair--Verify (DRV) workflow, in which vulnerabilities are…

Software Engineering · Computer Science 2026-03-26 Cheng Cheng