English
Related papers

Related papers: VERCATION: Precise Vulnerable Open-source Software…

200 papers

Software is prone to security vulnerabilities. Program analysis tools to detect them have limited effectiveness in practice due to their reliance on human labeled specifications. Large language models (or LLMs) have shown impressive code…

Cryptography and Security · Computer Science 2025-04-08 Ziyang Li , Saikat Dutta , Mayur Naik

Recent advances in automated vulnerability detection have achieved potential results in helping developers determine vulnerable components. However, after detecting vulnerabilities, investigating to fix vulnerable code is a non-trivial…

Software Engineering · Computer Science 2023-06-27 Hieu Dinh Vo , Son Nguyen

Ensuring that large language models (LLMs) can effectively assess, detect, explain, and remediate software vulnerabilities is critical for building robust and secure software systems. We introduce VADER, a human-evaluated benchmark designed…

Cryptography and Security · Computer Science 2025-05-27 Ethan TS. Liu , Austin Wang , Spencer Mateega , Carlos Georgescu , Danny Tang

Modern software systems often rely on conditional compilation to support optional features and multiple deployment scenarios. In configurable systems, compilation errors may arise only under specific combinations of features, remaining…

Software Engineering · Computer Science 2026-01-26 Rohit Gheyi , Lucas Albuquerque , Márcio Ribeiro , Eduardo Almeida , Danyllo Albuquerque , Mirko Perkusich

Efficient bug triaging procedures are an important precondition for successful collaborative software engineering projects. Triaging bugs can become a laborious task particularly in open source software (OSS) projects with a large base of…

Software Engineering · Computer Science 2013-03-04 Marcelo Serrano Zanetti , Ingo Scholtes , Claudio Juan Tessone , Frank Schweitzer

This paper presents a framework that selectively triggers security reviews for incoming source code changes. Functioning as a review bot within a code review service, the framework can automatically request additional security reviews at…

Cryptography and Security · Computer Science 2024-05-28 Keun Soo Yim

Ransomware is a significant global threat, with easy deployment due to the prevalent ransomware-as-a-service model. Machine learning algorithms incorporating the use of opcode characteristics and Support Vector Machine have been…

Cryptography and Security · Computer Science 2018-07-30 James Baldwin , Ali Dehghantanha

Data-driven research on the automated discovery and repair of security vulnerabilities in source code requires comprehensive datasets of real-life vulnerable code and their fixes. To assist in such research, we propose a method to…

Software Engineering · Computer Science 2022-02-08 Guru Prasad Bhandari , Amara Naseer , Leon Moonen

Security vulnerabilities are increasingly prevalent in modern software and they are widely consequential to our society. Various approaches to defending against these vulnerabilities have been proposed, among which those leveraging deep…

Cryptography and Security · Computer Science 2024-02-28 Yu Nong , Mohammed Aldeen , Long Cheng , Hongxin Hu , Feng Chen , Haipeng Cai

Large Language Models (LLMs) have strong capabilities in code comprehension, but fine-tuning costs and semantic alignment issues limit their project-specific optimization; conversely, code models such CodeBERT are easy to fine-tune, but it…

Software Engineering · Computer Science 2024-07-22 Ziliang Wang , Ge Li , Jia Li , Yingfei Xiong , Jia Li , Meng Yan , Zhi Jin

Open-source software (OSS) greatly facilitates program development for developers. However, the high number of vulnerabilities in open-source software is a major concern, including in Golang, a relatively new programming language. In…

Software Engineering · Computer Science 2024-01-18 Jinchang Hu , Lyuye Zhang , Chengwei Liu , Sen Yang , Song Huang , Yang Liu

Tracking vulnerabilities inherited from third-party open-source software is a well-known challenge, often addressed by tracing the threads of dependency information. However, vulnerabilities can also propagate through forking: a code…

Cryptography and Security · Computer Science 2026-01-29 Romain Lefeuvre , Charly Reux , Stefano Zacchiroli , Olivier Barais , Benoit Combemale

Developing automated and smart software vulnerability detection models has been receiving great attention from both research and development communities. One of the biggest challenges in this area is the lack of code samples for all…

Software Engineering · Computer Science 2023-03-14 Khadija Hanifi , Ramin F Fouladi , Basak Gencer Unsalver , Goksu Karadag

Software vulnerabilities, caused by unintentional flaws in source codes, are the main root cause of cyberattacks. Source code static analysis has been used extensively to detect the unintentional defects, i.e. vulnerabilities, introduced…

Cryptography and Security · Computer Science 2022-11-17 Arash Mahyari

Detecting security vulnerabilities in source code remains challenging, particularly due to class imbalance in real-world datasets where vulnerable functions are under-represented. Existing learning-based methods often optimise for recall,…

Cryptography and Security · Computer Science 2025-07-24 Radowanul Haque , Aftab Ali , Sally McClean , Naveed Khan

Large Language Models (LLMs) have emerged as a popular choice in vulnerability detection studies given their foundational capabilities, open source availability, and variety of models, but have limited scalability due to extensive compute…

Software Engineering · Computer Science 2026-04-01 Miles Farmer , Ekincan Ufuktepe , Anne Watson , Hialo Muniz Carvalho , Vadim Okun , Zineb Maasaoui , Kannappan Palaniappan

Large Language Models (LLMs) have shown promise in software engineering tasks, but evaluating their effectiveness in vulnerability detection is challenging due to the lack of high-quality datasets. Most existing datasets are limited to…

Software Engineering · Computer Science 2025-05-27 Md Basim Uddin Ahmed , Nima Shiri Harzevili , Jiho Shin , Hung Viet Pham , Song Wang

The rapid advancement of Large Language Models (LLMs) presents new opportunities for automated software vulnerability detection, a crucial task in securing modern codebases. This paper presents a comparative study on the effectiveness of…

Software Engineering · Computer Science 2026-01-05 Md Hasan Saju , Maher Muhtadi , Akramul Azim

Python applications depend on third-party native libraries that may be vendored within package distributions or installed on the host system. When vulnerabilities are discovered in these native libraries, determining which Python packages…

Security practitioners maintain vulnerability reports (e.g., GitHub Advisory) to help developers mitigate security risks. An important task for these databases is automatically extracting structured information mentioned in the report,…

Cryptography and Security · Computer Science 2024-05-21 Tianyu Chen , Lin Li , Liuchuan Zhu , Zongyang Li , Xueqing Liu , Guangtai Liang , Qianxiang Wang , Tao Xie
‹ Prev 1 8 9 10 Next ›