English
Related papers

Related papers: Predicting Likely-Vulnerable Code Changes: Machine…

200 papers

The deep learning approach to detecting malicious software (malware) is promising but has yet to tackle the problem of dataset shift, namely that the joint distribution of examples and their labels associated with the test set is different…

Cryptography and Security · Computer Science 2021-12-15 Deqiang Li , Tian Qiu , Shuo Chen , Qianmu Li , Shouhuai Xu

One single code change can significantly influence a wide range of software systems and their users. For example, 1) adding a new feature can spread defects in several modules, while 2) changing an API method can improve the performance of…

Software Engineering · Computer Science 2016-06-13 Daoyuan Li , Li Li , Dongsun Kim , Tegawendé F. Bissyandé , David Lo , Yves Le Traon

A critical part of creating code suggestion systems is the pre-training of Large Language Models on vast amounts of source code and natural language text, often of questionable origin or quality. This may contribute to the presence of bugs…

Software Engineering · Computer Science 2025-06-23 Mahmoud Jahanshahi , Audris Mockus

In software development, the predominant emphasis on functionality often supersedes security concerns, a trend gaining momentum with AI-driven automation tools like GitHub Copilot. These tools significantly improve developers' efficiency in…

Recent advancements in generative AI have led to the widespread adoption of large language models (LLMs) in software engineering, addressing numerous long-standing challenges. However, a comprehensive study examining the capabilities of…

Software Engineering · Computer Science 2025-03-04 Ting Zhang , Chengran Yang , Yindu Su , Martin Weyssow , Hung Nguyen , Tan Bui , Hong Jin Kang , Yikun Li , Eng Lieh Ouh , Lwin Khin Shar , David Lo

Version control systems are commonly used to manage open-source software, in which each commit may introduce new vulnerabilities or fix existing ones. Researchers have developed various tools for detecting vulnerabilities in code commits,…

Software Engineering · Computer Science 2025-01-08 Zhaonan Wu , Yanjie Zhao , Chen Wei , Zirui Wan , Yue Liu , Haoyu Wang

Large language models (LLMs) for automatic code generation have achieved breakthroughs in several programming tasks. Their advances in competition-level programming problems have made them an essential pillar of AI-assisted pair…

Cryptography and Security · Computer Science 2023-10-24 Hossein Hajipour , Keno Hassler , Thorsten Holz , Lea Schönherr , Mario Fritz

Detecting security vulnerabilities in software before they are exploited has been a challenging problem for decades. Traditional code analysis methods have been proposed, but are often ineffective and inefficient. In this work, we model…

Cryptography and Security · Computer Science 2021-05-07 Noah Ziems , Shaoen Wu

Software vulnerabilities bear enterprises significant costs. Despite extensive efforts in research and development of software vulnerability detection methods, uncaught vulnerabilities continue to put software owners and users at risk. Many…

Developers usually use TPLs to facilitate the development of the projects to avoid reinventing the wheels, however, the vulnerable TPLs indeed cause severe security threats. The majority of existing research only considered whether projects…

Software Engineering · Computer Science 2024-09-05 Fangyuan Zhang , Lingling Fan , Sen Chen , Miaoying Cai , Sihan Xu , Lida Zhao

As the role of information and communication technologies gradually increases in our lives, source code security becomes a significant issue to protect against malicious attempts Furthermore with the advent of data-driven techniques, there…

Cryptography and Security · Computer Science 2023-02-03 Maryam Taeb

Software vulnerabilities continue to undermine the reliability and security of modern systems, particularly as software complexity outpaces the capabilities of traditional detection methods. This study introduces a genetic algorithm-based…

Software Engineering · Computer Science 2025-08-11 Yanusha Mehendran , Maolin Tang , Yi Lu

Software vulnerabilities are major risks to software systems. Recently, researchers have proposed many deep learning approaches to detect software vulnerabilities. However, their accuracy is limited in practice. One of the main causes is…

Software Engineering · Computer Science 2025-11-13 Zeru Cheng , Yanjing Yang , He Zhang , Lanxin Yang , Jinghao Hu , Jinwei Xu , Bohan Liu , Haifeng Shen

The rapid rise of cyber-crime activities and the growing number of devices threatened by them place software security issues in the spotlight. As around 90% of all attacks exploit known types of security issues, finding vulnerable…

Cryptography and Security · Computer Science 2024-05-14 Rudolf Ferenc , Péter Hegedűs , Péter Gyimesi , Gábor Antal , Dénes Bán , Tibor Gyimóthy

Many tools and libraries are readily available to build and operate distributed Web applications. While the setup of operational environments is comparatively easy, practice shows that their continuous secure operation is more difficult to…

Cryptography and Security · Computer Science 2012-07-13 Matteo Maria Casalino , Michele Mangili , Henrik Plate , Serena Elisa Ponta

Mobile applications rely on complex backends that introduce significant security risks, yet developers often lack the tools to assess these risks effectively. This paper presents AndroScanner, an automated pipeline for detecting…

Cryptography and Security · Computer Science 2026-04-17 Harini Dandu

Software vulnerabilities remain a significant risk factor in achieving security objectives within software development organizations. This is especially true where either proprietary or open-source software (OSS) is included in the…

Software Engineering · Computer Science 2025-09-23 James J. Cusick

Zero-day vulnerabilities can be accidentally or maliciously placed in code and can remain in place for years. In this study, we address an aspect of their longevity by considering the likelihood that they will be discovered in the code…

Cryptography and Security · Computer Science 2018-09-03 Andrew J. Lohn

To cope with the increasing variability and sophistication of modern attacks, machine learning has been widely adopted as a statistically-sound tool for malware detection. However, its security against well-crafted attacks has not only been…

Cryptography and Security · Computer Science 2017-05-01 Ambra Demontis , Marco Melis , Battista Biggio , Davide Maiorca , Daniel Arp , Konrad Rieck , Igino Corona , Giorgio Giacinto , Fabio Roli

Software vulnerabilities (SVs) have become a common, serious and crucial concern due to the ubiquity of computer software. Many machine learning-based approaches have been proposed to solve the software vulnerability detection (SVD)…

Cryptography and Security · Computer Science 2022-09-22 Van Nguyen , Trung Le , Chakkrit Tantithamthavorn , John Grundy , Hung Nguyen , Dinh Phung