English
Related papers

Related papers: M2CVD: Enhancing Vulnerability Semantic through Mu…

200 papers

Software vulnerabilities present a persistent security challenge, with over 25,000 new vulnerabilities reported in the Common Vulnerabilities and Exposures (CVE) database in 2024 alone. While deep learning based approaches show promise for…

Cryptography and Security · Computer Science 2025-07-23 Ahmed Lekssays , Hamza Mouhcine , Khang Tran , Ting Yu , Issa Khalil

Detecting vulnerabilities in source code remains critical yet challenging, as conventional static analysis tools construct inaccurate program representations, while existing LLM-based approaches often miss essential vulnerability context…

Software Engineering · Computer Science 2026-04-14 Yiheng Cao , Yihao Chen , Xin Hu , Bihuan Chen , Jiayi Deng , Zhuotong Zhou , Susheng Wu , Yiheng Huang , Xueying Du , Xingman Chen , Miaohua Li , Xin Peng

Automated detection of software vulnerabilities is critical for enhancing security, yet existing methods often struggle with the complexity and diversity of modern codebases. In this paper, we introduce EnStack, a novel ensemble stacking…

Software Engineering · Computer Science 2024-11-26 Shahriyar Zaman Ridoy , Md. Shazzad Hossain Shaon , Alfredo Cuzzocrea , Mst Shapna Akter

Language models (LMs) show promise for vulnerability detection but struggle with long, real-world code due to sparse and uncertain vulnerability locations. These issues, exacerbated by token limits, often cause models to miss…

Software Engineering · Computer Science 2025-07-16 Xinran Zheng , Xingzhi Qian , Huichi Zhou , Shuo Yang , Yiling He , Suman Jana , Lorenzo Cavallaro

Detecting vulnerability fix commits in open-source software is crucial for maintaining software security. To help OSS identify vulnerability fix commits, several automated approaches are developed. However, existing approaches like…

Software Engineering · Computer Science 2025-01-28 Xu Yang , Wenhan Zhu , Michael Pacheco , Jiayuan Zhou , Shaowei Wang , Xing Hu , Kui Liu

The advances of deep learning (DL) have paved the way for automatic software vulnerability repair approaches, which effectively learn the mapping from the vulnerable code to the fixed code. Nevertheless, existing DL-based vulnerability…

Software Engineering · Computer Science 2024-03-13 Xin Zhou , Kisub Kim , Bowen Xu , DongGyun Han , David Lo

Recently, deep learning techniques have garnered substantial attention for their ability to identify vulnerable code patterns accurately. However, current state-of-the-art deep learning models, such as Convolutional Neural Networks (CNN),…

Cryptography and Security · Computer Science 2023-02-24 Marwan Omar

The growing trend of vulnerability issues in software development as a result of a large dependence on open-source projects has received considerable attention recently. This paper investigates the effectiveness of Large Language Models…

Software Engineering · Computer Science 2024-09-17 Shaznin Sultana , Sadia Afreen , Nasir U. Eisty

The increasing adoption of Large Language Models (LLMs) in software engineering has sparked interest in their use for software vulnerability detection. However, the rapid development of this field has resulted in a fragmented research…

Software Engineering · Computer Science 2025-12-22 Sabrina Kaniewski , Fabian Schmidt , Markus Enzweiler , Michael Menth , Tobias Heer

Software vulnerabilities remain a critical security challenge, providing entry points for attackers into enterprise networks. Despite advances in security practices, the lack of high-quality datasets capturing diverse exploit behavior…

Cryptography and Security · Computer Science 2025-11-17 Alireza Lotfi , Charalampos Katsis , Elisa Bertino

Software vulnerability detection plays a critical role in ensuring system security, where real-world auditing requires not only determining whether a function is vulnerable but also pinpointing the specific lines responsible. However,…

Cryptography and Security · Computer Science 2026-05-13 Wenxin Tang , Wenbin Li , Junliang Liu , Jingyu Xiao , Xi Xiao , Mingzhe Liu , Jinlong Yang , Xuan Liu , Yuehe Ma , Wang Luo , Qing Li , Lei Wang , Peng Xiangli

Recent results of machine learning for automatic vulnerability detection (ML4VD) have been very promising. Given only the source code of a function $f$, ML4VD techniques can decide if $f$ contains a security flaw with up to 70% accuracy.…

Cryptography and Security · Computer Science 2025-01-16 Niklas Risse , Marcel Böhme

Software vulnerabilities continue to be ubiquitous, even in the era of AI-powered code assistants, advanced static analysis tools, and the adoption of extensive testing frameworks. It has become apparent that we must not simply prevent…

Malicious software attacks are having an increasingly significant economic impact. Commercial malware detection software can be costly, and tools that attribute malware to the specific software vulnerabilities it exploits are largely…

Cryptography and Security · Computer Science 2026-02-03 Eduard Andrei Cristea , Petter Molnes , Jingyue Li

Context: Software vulnerabilities pose a significant threat to modern software systems, as evidenced by the growing number of reported vulnerabilities and cyberattacks. These escalating trends underscore the urgent need for effective…

Software Engineering · Computer Science 2025-07-01 Siyu Chen , Jiongyi Yang , Xiang Chen , Menglin Zheng , Minnan Wei , Xiaolin Ju

The rise of large language models (LLMs) like ChatGPT has significantly improved automated code generation, enhancing software development efficiency. However, this introduces challenges in academia, particularly in distinguishing between…

Software Engineering · Computer Science 2025-01-08 Zhenyu Xu , Victor S. Sheng

Current machine-learning based software vulnerability detection methods are primarily conducted at the function-level. However, a key limitation of these methods is that they do not indicate the specific lines of code contributing to…

Cryptography and Security · Computer Science 2022-03-28 David Hin , Andrey Kan , Huaming Chen , M. Ali Babar

Large Language Models (LLMs) for code generation can replicate insecure patterns from their training data. To mitigate this, a common strategy for security hardening is to fine-tune models using supervision derived from the final…

Software Engineering · Computer Science 2026-04-13 Li Huang , Zhongxin Liu , Yifan Wu , Tao Yin , Dong Li , Jichao Bi , Nankun Mu , Hongyu Zhang , Meng Yan

While recent code-specific large language models (LLMs) have greatly enhanced their code generation capabilities, the safety of these models remains under-explored, posing potential risks as insecure code generated by these models may…

Cryptography and Security · Computer Science 2025-06-09 Xiangzhe Xu , Zian Su , Jinyao Guo , Kaiyuan Zhang , Zhenting Wang , Xiangyu Zhang

With the recent advancement of Large Language Models (LLMs), generating functionally correct code has become less complicated for a wide array of developers. While using LLMs has sped up the functional development process, it poses a heavy…

Cryptography and Security · Computer Science 2024-02-01 Nafis Tanveer Islam , Mohammad Bahrami Karkevandi , Peyman Najafirad