English
Related papers

Related papers: LLM-Powered Code Vulnerability Repair with Reinfor…

200 papers

Security vulnerability repair is a difficult task that is in dire need of automation. Two groups of techniques have shown promise: (1) large code language models (LLMs) that have been pre-trained on source code for tasks such as code…

Software Engineering · Computer Science 2024-04-03 Yi Wu , Nan Jiang , Hung Viet Pham , Thibaud Lutellier , Jordan Davis , Lin Tan , Petr Babkin , Sameena Shah

The code generation capabilities of large language models(LLMs) have emerged as a critical dimension in evaluating their overall performance. However, prior research has largely overlooked the security risks inherent in the generated code.…

Cryptography and Security · Computer Science 2025-06-23 Xinghang Li , Jingzhe Ding , Chao Peng , Bing Zhao , Xiang Gao , Hongwan Gao , Xinchen Gu

Large Language Models (LLMs) are widely used for automated code generation. Their reliance on infrequently updated pretraining data leaves them unaware of newly discovered vulnerabilities and evolving security standards, making them prone…

Software Engineering · Computer Science 2026-03-03 Manisha Mukherjee , Vincent J. Hellendoorn

Large Language Models (LLMs) are increasingly deployed for code generation in high-stakes software development, yet their limited transparency in security reasoning and brittleness to evolving vulnerability patterns raise critical…

Software Engineering · Computer Science 2026-03-03 Manisha Mukherjee , Vincent J. Hellendoorn

Software developers frequently hard-code credentials such as passwords, generic secrets, private keys, and generic tokens in software repositories, even though it is strictly advised against due to the severe threat to the security of the…

Cryptography and Security · Computer Science 2025-06-17 Chidera Biringa , Gokhan Kul

Large language models (LLMs) have recently demonstrated strong potential for automated program repair (APR). However, existing LLM-based techniques primarily rely on coarse-grained external feedback (e.g.,test results) to guide iterative…

Software Engineering · Computer Science 2025-11-25 Jiaolong Kong , Xiaofei Xie , Yiheng Xiong , Yuekun Wang , Jian Wang

Security in code generation remains a pivotal challenge when applying large language models (LLMs). This paper introduces RefleXGen, an innovative method that significantly enhances code security by integrating Retrieval-Augmented…

Software Engineering · Computer Science 2025-10-29 Bin Wang , Hui Li , AoFan Liu , BoTao Yang , Ao Yang , YiLu Zhong , Weixiang Huang , Yanping Zhang , Runhuai Huang , Weimin Zeng

Reinforcement learning is increasingly used for code-centric tasks. These tasks include code generation, summarization, understanding, repair, testing, and optimization. This trend is growing faster with large language models and autonomous…

Software Engineering · Computer Science 2026-01-28 Md Rayhanul Masud , Azmine Toushik Wasi , Salman Rahman , Md Rizwan Parvez

Large Language Models are a promising tool for automated vulnerability detection, thanks to their success in code generation and repair. However, despite widespread adoption, a critical question remains: Are LLMs truly effective at…

Cryptography and Security · Computer Science 2025-04-21 Yue Li , Xiao Li , Hao Wu , Minghui Xu , Yue Zhang , Xiuzhen Cheng , Fengyuan Xu , Sheng Zhong

Identifying security issues early is encouraged to reduce the latent negative impacts on software systems. Code review is a widely-used method that allows developers to manually inspect modified code, catching security issues during a…

Software Engineering · Computer Science 2024-05-10 Wachiraphan Charoenwet , Patanamon Thongtanunam , Van-Thuan Pham , Christoph Treude

Large Language Models (LLMs) are widely adopted for assisting in software development tasks, yet their performance evaluations have narrowly focused on the functional correctness of generated code. Human programmers, however, require…

Software Engineering · Computer Science 2024-12-06 Yun Peng , Akhilesh Deepak Gotmare , Michael Lyu , Caiming Xiong , Silvio Savarese , Doyen Sahoo

Software vulnerabilities are a serious and crucial concern. Typically, in a program or function consisting of hundreds or thousands of source code statements, there are only a few statements causing the corresponding vulnerabilities. Most…

Cryptography and Security · Computer Science 2024-06-13 Van Nguyen , Trung Le , Chakkrit Tantithamthavorn , Michael Fu , John Grundy , Hung Nguyen , Seyit Camtepe , Paul Quirk , Dinh Phung

As Large Language Models (LLMs) evolve in understanding and generating code, accurately evaluating their reliability in analyzing source code vulnerabilities becomes increasingly vital. While studies have examined LLM capabilities in tasks…

Software Engineering · Computer Science 2025-05-28 Yansong Li , Paula Branco , Alexander M. Hoole , Manish Marwah , Hari Manassery Koduvely , Guy-Vincent Jourdan , Stephan Jou

This work-in-progress research-to-practice paper explores the integration of Large Language Models (LLMs) into the code-review process for open-source software projects developed in computer science and software engineering courses. The…

Software Engineering · Computer Science 2025-08-19 Dhruv Kolhatkar , Soubhagya Akkena , Edward F. Gehringer

This study investigates the reliability of code generation by Large Language Models (LLMs), focusing on identifying and analyzing defects in the generated code. Despite the advanced capabilities of LLMs in automating code generation,…

Software Engineering · Computer Science 2024-08-27 Ali Mohammadi Esfahani , Nafiseh Kahani , Samuel A. Ajila

With the rapid development of blockchain technology, smart contract security has become a critical challenge. Existing smart contract vulnerability detection methods face three main issues: (1) Insufficient quality of datasets, lacking…

Cryptography and Security · Computer Science 2024-11-12 Lei Yu , Shiqi Chen , Hang Yuan , Peng Wang , Zhirong Huang , Jingyuan Zhang , Chenjie Shen , Fengjun Zhang , Li Yang , Jiajia Ma

Source code vulnerability detection aims to identify inherent vulnerabilities to safeguard software systems from potential attacks. Many prior studies overlook diverse vulnerability characteristics, simplifying the problem into a binary…

Cryptography and Security · Computer Science 2024-04-16 Shangqing Liu , Wei Ma , Jian Wang , Xiaofei Xie , Ruitao Feng , Yang Liu

Large Language Models (LLMs) are increasingly used for cybersecurity threat analysis, but their deployment in security-sensitive environments raises trust and safety concerns. With over 21,000 vulnerabilities disclosed in 2025, manual…

Cryptography and Security · Computer Science 2025-09-04 Reza Fayyazi , Michael Zuzak , Shanchieh Jay Yang

Large Language Models (LLMs) have transformed AI but often struggle with tasks that require domain-specific reasoning and logical alignment. Traditional fine-tuning methods do not leverage the vast amount of symbolic domain-knowledge…

Computation and Language · Computer Science 2026-02-27 Piyush Jha , Prithwish Jana , Pranavkrishna Suresh , Arnav Arora , Vijay Ganesh

Although LLMs have shown promising potential in vulnerability detection, this study reveals their limitations in distinguishing between vulnerable and similar-but-benign patched code (only 0.06 - 0.14 accuracy). It shows that LLMs struggle…

Software Engineering · Computer Science 2025-06-18 Xueying Du , Geng Zheng , Kaixin Wang , Yi Zou , Yujia Wang , Wentai Deng , Jiayi Feng , Mingwei Liu , Bihuan Chen , Xin Peng , Tao Ma , Yiling Lou