English
Related papers

Related papers: EvalSVA: Multi-Agent Evaluators for Next-Gen Softw…

200 papers

The integration of open-source third-party library dependencies in Java development introduces significant security risks when these libraries contain known vulnerabilities. Existing Software Composition Analysis (SCA) tools struggle to…

Software Engineering · Computer Science 2025-07-25 Wang Lingxiang , Quanzhi Fu , Wenjia Song , Gelei Deng , Yi Liu , Dan Williams , Ying Zhang

Automating software vulnerability detection (SVD) remains a critical challenge in an era of increasingly complex and interdependent software systems. Despite significant advances in Large Language Models (LLMs) for code analysis, prevailing…

Software Engineering · Computer Science 2025-03-25 Arastoo Zibaeirad , Marco Vieira

TThis paper argues that \textbf{a comprehensive vulnerability analysis is essential for building trustworthy Large Language Model-based Multi-Agent Systems (LLM-MAS)}. These systems, which consist of multiple LLM-powered agents working…

Cryptography and Security · Computer Science 2026-05-19 Pengfei He , Yue Xing , Juanhui Li , Shen Dong , Zhenwei Dai , Xianfeng Tang , Hui Liu , Han Xu , Zhen Xiang , Charu C. Aggarwal , Hui Liu

Software vulnerabilities can result in catastrophic cyberattacks that increasingly threaten business operations. Consequently, ensuring the safety of software systems has become a paramount concern for both private and public sectors.…

Software Engineering · Computer Science 2024-12-10 Boyu Zhang , Triet H. M. Le , M. Ali Babar

Traditional vulnerability detection methods rely heavily on predefined rule matching, which often fails to capture vulnerabilities accurately. With the rise of large language models (LLMs), leveraging their ability to understand code…

Cryptography and Security · Computer Science 2025-11-26 Xiang Li , Yueci Su , Jiahao Liu , Zhiwei Lin , Yuebing Hou , Peiming Gao , Yuanchao Zhang

Software vulnerabilities (SVs) pose a critical threat to safety-critical systems, driving the adoption of AI-based approaches such as machine learning and deep learning for software vulnerability detection. Despite promising results, most…

Cryptography and Security · Computer Science 2025-10-07 Van Nguyen , Surya Nepal , Xingliang Yuan , Tingmin Wu , Fengchao Chen , Carsten Rudolph

Software Engineering researchers are increasingly using Natural Language Processing (NLP) techniques to automate Software Vulnerabilities (SVs) assessment using the descriptions in public repositories. However, the existing NLP-based…

Software Engineering · Computer Science 2021-03-23 Triet H. M. Le , Bushra Sabir , M. Ali Babar

Machine learning and Large language models (LLMs) for vulnerability detection has received significant attention in recent years. Unfortunately, state-of-the-art techniques show that LLMs are unsuccessful in even distinguishing the…

Cryptography and Security · Computer Science 2025-08-05 Mohammed Sayagh , Mohammad Ghafari

This, with the ever-increasing sophistication of cyberwar, calls for novel solutions. In this regard, Large Language Models (LLMs) have emerged as a highly promising tool for defensive and offensive cybersecurity-related strategies. While…

Cryptography and Security · Computer Science 2026-03-03 Abdulrahman S Almuhaidib , Azlan Mohd Zain , Zalmiyah Zakaria , Izyan Izzati Kamsani , Abdulaziz S Almuhaidib

Software vulnerabilities are major risks to software systems. Recently, researchers have proposed many deep learning approaches to detect software vulnerabilities. However, their accuracy is limited in practice. One of the main causes is…

Software Engineering · Computer Science 2025-11-13 Zeru Cheng , Yanjing Yang , He Zhang , Lanxin Yang , Jinghao Hu , Jinwei Xu , Bohan Liu , Haifeng Shen

Evaluating and improving the security capabilities of code agents requires high-quality, executable vulnerability tasks. However, existing works rely on costly, unscalable manual reproduction and suffer from outdated data distributions. To…

Cryptography and Security · Computer Science 2026-05-19 Xianzhen Luo , Jingyuan Zhang , Shiqi Zhou , Rain Huang , Chuan Xiao , Qingfu Zhu , Zhiyuan Ma , Xing Yue , Yang Yue , Wencong Zeng , Wanxiang Che

Large Language Models (LLMs) have shown promise in tasks like code translation, prompting interest in their potential for automating software vulnerability detection (SVD) and patching (SVP). To further research in this area, establishing a…

Software Engineering · Computer Science 2024-09-18 Arastoo Zibaeirad , Marco Vieira

Detecting vulnerabilities in source code remains critical yet challenging, as conventional static analysis tools construct inaccurate program representations, while existing LLM-based approaches often miss essential vulnerability context…

Software Engineering · Computer Science 2026-04-14 Yiheng Cao , Yihao Chen , Xin Hu , Bihuan Chen , Jiayi Deng , Zhuotong Zhou , Susheng Wu , Yiheng Huang , Xueying Du , Xingman Chen , Miaohua Li , Xin Peng

Software security vulnerabilities allow attackers to perform malicious activities to disrupt software operations. Recent Transformer-based language models have significantly advanced vulnerability detection, surpassing the capabilities of…

Cryptography and Security · Computer Science 2024-06-11 Aidan Z. H. Yang , Haoye Tian , He Ye , Ruben Martins , Claire Le Goues

Testing is the most widely employed method to find vulnerabilities in real-world software programs. Compositional analysis, based on symbolic execution, is an automated testing method to find vulnerabilities in medium- to large-scale…

Software Engineering · Computer Science 2018-07-25 Saahil Ognawala , Ricardo Nales Amato , Alexander Pretschner , Pooja Kulkarni

Manual vulnerability scoring, such as assigning Common Vulnerability Scoring System (CVSS) scores, is a resource-intensive process that is often influenced by subjective interpretation. This study investigates the potential of…

Cryptography and Security · Computer Science 2026-01-06 Sima Jafarikhah , Daniel Thompson , Eva Deans , Hossein Siadati , Yi Liu

By utilizing more computational resources at test-time, large language models (LLMs) can improve without additional training. One common strategy uses verifiers to evaluate candidate outputs. In this work, we propose a novel scaling…

Artificial Intelligence · Computer Science 2025-02-28 Shalev Lifshitz , Sheila A. McIlraith , Yilun Du

Agent evaluation requires assessing complex multi-step behaviors involving tool use and intermediate reasoning, making it costly and expertise-intensive. A natural question arises: can frontier coding assistants reliably automate this…

Large Language Models (LLMs) have training corpora containing large amounts of program code, greatly improving the model's code comprehension and generation capabilities. However, sound comprehensive research on detecting program…

Cryptography and Security · Computer Science 2024-08-22 Yu Liu , Lang Gao , Mingxin Yang , Yu Xie , Ping Chen , Xiaojin Zhang , Wei Chen

Open-source libraries are widely used in modern software development, introducing significant security vulnerabilities. While static analysis tools can identify potential vulnerabilities at scale, they often generate overwhelming reports…

Software Engineering · Computer Science 2026-04-08 Siyi Chen , Tianhan Luo , Shijian Wu , Xiangyu Liu , Yilin Zhou , Qi Li , Wenyuan Xu