English
Related papers

Related papers: Using Program Knowledge Graph to Uncover Software …

200 papers

Knowledge graphs have shown promise for several cybersecurity tasks, such as vulnerability assessment and threat analysis. In this work, we present a new method for constructing a vulnerability knowledge graph from information in the…

Cryptography and Security · Computer Science 2023-05-16 Anders Mølmen Høst , Pierre Lison , Leon Moonen

Identifying vulnerable code is a precautionary measure to counter software security breaches. Tedious expert effort has been spent to build static analyzers, yet insecure patterns are barely fully enumerated. This work explores a deep…

Artificial Intelligence · Computer Science 2021-09-09 Yufan Zhuang , Sahil Suneja , Veronika Thost , Giacomo Domeniconi , Alessandro Morari , Jim Laredo

Security assessment relies on public information about products, vulnerabilities, and weaknesses. So far, databases in these categories have rarely been analyzed in combination. Yet, doing so could help predict unreported vulnerabilities…

Cryptography and Security · Computer Science 2024-02-13 Zhenpeng Shi , Nikolay Matyunin , Kalman Graffi , David Starobinski

The increasing complexity of modern software systems has led to a rise in vulnerabilities that malicious actors can exploit. Traditional methods of vulnerability detection, such as static and dynamic analysis, have limitations in…

Software Engineering · Computer Science 2025-04-01 Amanpreet Singh Saimbhi

Facing the dynamic complex cyber environments, internal and external cyber threat intelligence, and the increasing risk of cyber-attack, knowledge graphs show great application potential in the cyber security area because of their…

Cryptography and Security · Computer Science 2022-04-12 Kai Liu , Fei Wang , Zhaoyun Ding , Sheng Liang , Zhengfei Yu , Yun Zhou

Software vulnerabilities can pose severe harms to a computing system. They can lead to system crash, privacy leakage, or even physical damage. Correctly identifying vulnerabilities among enormous software codes in a timely manner is so far…

Cryptography and Security · Computer Science 2022-11-24 Jin Wang , Hui Xiao , Shuwen Zhong , Yinhao Xiao

Software projects are dependent on many third-party libraries, therefore high-risk vulnerabilities can propagate through the dependency chain to downstream projects. Owing to the subjective nature of patch management, software vendors…

Software Engineering · Computer Science 2024-09-16 Mei Han , Lulu Wang , Jianming Chang , Bixin Li , Chunguang Zhang

Software vulnerabilities continue to pose significant threats to modern information systems, requiring a timely and accurate risk assessment. Public repositories, such as the National Vulnerability Database and CVE details, are regularly…

Cryptography and Security · Computer Science 2026-04-09 Luat Do , Jiao Yin , Jinli Cao , Hua Wang

Modern software systems are developed in diverse programming languages and often harbor critical vulnerabilities that attackers can exploit to compromise security. These vulnerabilities have been actively targeted in real-world attacks,…

Cryptography and Security · Computer Science 2025-03-27 Zhuoyun Qian , Fangtian Zhong , Qin Hu , Yili Jiang , Jiaqi Huang , Mengfei Ren , Jiguo Yu

The Common Weakness Enumeration (CWE) is a prominent list of software weakness types. This list is used by vulnerability databases to describe the underlying security flaws within analyzed vulnerabilities. This linkage opens the possibility…

Cryptography and Security · Computer Science 2020-06-16 Peter Mell , Assane Gueye

Risk assessment plays a crucial role in ensuring the security and resilience of modern computer systems. Existing methods for conducting risk assessments often suffer from tedious and time-consuming processes, making it challenging to…

Cryptography and Security · Computer Science 2023-07-27 Simon Unger , Ektor Arzoglou , Markus Heinrich , Dirk Scheuermann , Stefan Katzenbeisser

Information on cyber-related crimes, incidents, and conflicts is abundantly available in numerous open online sources. However, processing the large volumes and streams of data is a challenging task for the analysts and experts, and entails…

Cryptography and Security · Computer Science 2022-08-03 Tuomas Takko , Kunal Bhattacharya , Martti Lehto , Pertti Jalasvirta , Aapo Cederberg , Kimmo Kaski

Machine learning techniques are gaining attention in the context of intrusion detection due to the increasing amounts of data generated by monitoring tools, as well as the sophistication displayed by attackers in hiding their activity.…

Cryptography and Security · Computer Science 2023-08-25 Josep Soler Garrido , Dominik Dold , Johannes Frank

Software vulnerabilities present a persistent security challenge, with over 25,000 new vulnerabilities reported in the Common Vulnerabilities and Exposures (CVE) database in 2024 alone. While deep learning based approaches show promise for…

Cryptography and Security · Computer Science 2025-07-23 Ahmed Lekssays , Hamza Mouhcine , Khang Tran , Ting Yu , Issa Khalil

As interconnected systems proliferate, safeguarding complex infrastructures against an escalating array of cyber threats has become an urgent challenge. The increasing number of vulnerabilities, combined with resource constraints, makes…

Cryptography and Security · Computer Science 2025-02-18 Yuning Jiang , Nay Oo , Qiaoran Meng , Hoon Wei Lim , Biplab Sikdar

Large Language Models (LLMs) have emerged as a popular choice in vulnerability detection studies given their foundational capabilities, open source availability, and variety of models, but have limited scalability due to extensive compute…

Software Engineering · Computer Science 2026-04-01 Miles Farmer , Ekincan Ufuktepe , Anne Watson , Hialo Muniz Carvalho , Vadim Okun , Zineb Maasaoui , Kannappan Palaniappan

This study explores the effectiveness of graph neural networks (GNNs) for vulnerability detection in software code, utilizing a real-world dataset of Java vulnerability-fixing commits. The dataset's structure, based on the number of…

Cryptography and Security · Computer Science 2024-06-19 Ravil Mussabayev

Although LLMs have shown promising potential in vulnerability detection, this study reveals their limitations in distinguishing between vulnerable and similar-but-benign patched code (only 0.06 - 0.14 accuracy). It shows that LLMs struggle…

Software Engineering · Computer Science 2025-06-18 Xueying Du , Geng Zheng , Kaixin Wang , Yi Zou , Yujia Wang , Wentai Deng , Jiayi Feng , Mingwei Liu , Bihuan Chen , Xin Peng , Tao Ma , Yiling Lou

Large language models (LLMs) have been proposed as powerful tools for detecting software vulnerabilities, where task-specific fine-tuning is typically employed to provide vulnerability-specific knowledge to the LLMs. However, existing…

Software Engineering · Computer Science 2025-07-22 Ruijun Feng , Hammond Pearce , Pietro Liguori , Yulei Sui

Software vulnerability detection (SVD) is a critical challenge in modern systems. Large language models (LLMs) offer natural-language explanations alongside predictions, but most work focuses on binary evaluation, and explanations often…

Software Engineering · Computer Science 2026-02-12 Samal Mukhtar , Yinghua Yao , Zhu Sun , Mustafa Mustafa , Yew Soon Ong , Youcheng Sun
‹ Prev 1 2 3 10 Next ›