English
Related papers

Related papers: Boosting Cybersecurity Vulnerability Scanning base…

200 papers

Application security is an essential part of developing modern software, as lots of attacks depend on vulnerabilities in software. The number of attacks is increasing globally due to technological advancements. Companies must include…

Cryptography and Security · Computer Science 2023-05-18 Mohamed Mjd Alhafi , Mohammad Hammade , Khloud Al Jallad

Large Language Models (LLMs) are transforming cybersecurity by enabling intelligent, adaptive, and automated approaches to threat detection, vulnerability assessment, and incident response. With their advanced language understanding and…

Cryptography and Security · Computer Science 2025-07-21 Niveen O. Jaffal , Mohammed Alkhanafseh , David Mohaisen

Automated detection of software vulnerabilities is critical for enhancing security, yet existing methods often struggle with the complexity and diversity of modern codebases. In this paper, we introduce EnStack, a novel ensemble stacking…

Software Engineering · Computer Science 2024-11-26 Shahriyar Zaman Ridoy , Md. Shazzad Hossain Shaon , Alfredo Cuzzocrea , Mst Shapna Akter

With the rapid development of technology and the acceleration of digitalisation, the frequency and complexity of cyber security threats are increasing. Traditional cybersecurity approaches, often based on static rules and predefined…

Cryptography and Security · Computer Science 2025-04-29 Shuang Tian , Tao Zhang , Jiqiang Liu , Jiacheng Wang , Xuangou Wu , Xiaoqiang Zhu , Ruichen Zhang , Weiting Zhang , Zhenhui Yuan , Shiwen Mao , Dong In Kim

Early identification of security issues in software development is vital to minimize their unanticipated impacts. Code review is a widely used manual analysis method that aims to uncover security issues along with other coding issues in…

Software Engineering · Computer Science 2024-07-18 Wachiraphan Charoenwet , Patanamon Thongtanunam , Van-Thuan Pham , Christoph Treude

Our work explores the utilization of deep learning, specifically leveraging the CodeBERT model, to enhance code security testing for Python applications by detecting SQL injection vulnerabilities. Unlike traditional security testing methods…

Cryptography and Security · Computer Science 2025-08-29 Guan-Yan Yang , Yi-Heng Ko , Farn Wang , Kuo-Hui Yeh , Haw-Shiang Chang , Hsueh-Yi Chen

Despite their remarkable success, large language models (LLMs) have shown limited ability on safety-critical code tasks such as vulnerability detection. Typically, static analysis (SA) tools, like CodeQL, CodeGuru Security, etc., are used…

Cryptography and Security · Computer Science 2025-09-15 Ira Ceka , Feitong Qiao , Anik Dey , Aastha Valecha , Gail Kaiser , Baishakhi Ray

Large language models (LLMs) are increasingly used to generate requirements specifications, design documents, code, and test cases. In contrast, much less attention has been given to a more difficult assurance problem: statically verifying…

Software Engineering · Computer Science 2026-05-19 Zhi Quan Zhou , Dave Towey , Tsong Yueh Chen

While the automated detection of cryptographic API misuses has progressed significantly, its precision diminishes for intricate targets due to the reliance on manually defined patterns. Large Language Models (LLMs) offer a promising…

Cryptography and Security · Computer Science 2026-03-19 Yifan Xia , Zichen Xie , Peiyu Liu , Kangjie Lu , Yan Liu , Wenhai Wang , Shouling Ji

Software vulnerability detection is generally supported by automated static analysis tools, which have recently been reinforced by deep learning (DL) models. However, despite the superior performance of DL-based approaches over rule-based…

Software Engineering · Computer Science 2024-05-03 Yanjing Yang , Xin Zhou , Runfeng Mao , Jinwei Xu , Lanxin Yang , Yu Zhangm , Haifeng Shen , He Zhang

Context: Static Application Security Testing Tools (SASTTs) identify software vulnerabilities to support the security and reliability of software applications. Interestingly, several studies have suggested that alternative solutions may be…

Software Engineering · Computer Science 2024-03-15 Matteo Esposito , Valentina Falaschi , Davide Falessi

Despite the transformative impact of Artificial Intelligence (AI) across various sectors, cyber security continues to rely on traditional static and dynamic analysis tools, hampered by high false positive rates and superficial code…

Cryptography and Security · Computer Science 2025-04-28 Rajesh Yarra

In recent years, the importance of smart contract security has been heightened by the increasing number of attacks against them. To address this issue, a multitude of static application security testing (SAST) tools have been proposed for…

Software Engineering · Computer Science 2024-07-02 Kaixuan Li , Yue Xue , Sen Chen , Han Liu , Kairan Sun , Ming Hu , Haijun Wang , Yang Liu , Yixiang Chen

Static Application Security Testing (SAST) tools are integral to modern software development, yet their adoption is undermined by excessive false positives that weaken developer trust and demand costly manual triage. We present ZeroFalse, a…

The irreversible nature of blockchain transactions makes the identification of smart contract vulnerabilities an essential requirement for secure system development. While Large Language Models (LLMs) are increasingly integrated into…

Cryptography and Security · Computer Science 2026-05-13 Stefan-Claudiu Susan , Andrei Arusoaie , Dorel Lucanu

The rapid advancement of Large Language Models (LLMs) has opened up new opportunities for leveraging artificial intelligence in a variety of application domains, including cybersecurity. As the volume and sophistication of cyber threats…

Cryptography and Security · Computer Science 2025-09-23 Hanxiang Xu , Shenao Wang , Ningke Li , Kailong Wang , Yanjie Zhao , Kai Chen , Ting Yu , Yang Liu , Haoyu Wang

This, with the ever-increasing sophistication of cyberwar, calls for novel solutions. In this regard, Large Language Models (LLMs) have emerged as a highly promising tool for defensive and offensive cybersecurity-related strategies. While…

Cryptography and Security · Computer Science 2026-03-03 Abdulrahman S Almuhaidib , Azlan Mohd Zain , Zalmiyah Zakaria , Izyan Izzati Kamsani , Abdulaziz S Almuhaidib

While static analysis is useful in detecting early-stage hardware security bugs, its efficacy is limited because it requires information to form checks and is often unable to explain the security impact of a detected vulnerability. Large…

Cryptography and Security · Computer Science 2025-05-01 Baleegh Ahmad , Hammond Pearce , Ramesh Karri , Benjamin Tan

The increasing complexity of software systems has driven significant advancements in program analysis, as traditional methods unable to meet the demands of modern software development. To address these limitations, deep learning techniques,…

Software Engineering · Computer Science 2025-02-27 Jiayimei Wang , Tao Ni , Wei-Bin Lee , Qingchuan Zhao

Large Language Models (LLMs) are intensively used to assist security analysts in counteracting the rapid exploitation of cyber threats, wherein LLMs offer cyber threat intelligence (CTI) to support vulnerability assessment and incident…

Cryptography and Security · Computer Science 2025-10-03 Luoxi Tang , Yuqiao Meng , Ankita Patra , Weicheng Ma , Muchao Ye , Zhaohan Xi