English
Related papers

Related papers: BinCoFer: Three-Stage Purification for Effective C…

200 papers

Third-party libraries (TPLs) are reused frequently in software applications for reducing development cost. However, they could introduce security risks as well. Many TPL detection methods have been proposed to detect TPL reuse in Android…

Cryptography and Security · Computer Science 2022-04-22 Wei Tang , Yanlin Wang , Hongyu Zhang , Shi Han , Ping Luo , Dongmei Zhang

Third-party libraries (TPLs) are extensively utilized by developers to expedite the software development process and incorporate external functionalities. Nevertheless, insecure TPL reuse can lead to significant security risks. Existing…

Software Engineering · Computer Science 2023-09-13 Siyuan Li , Yongpan Wang , Chaopeng Dong , Shouguo Yang , Hong Li , Hao Sun , Zhe Lang , Zuxin Chen , Weijie Wang , Hongsong Zhu , Limin Sun

While third-party libraries are extensively reused to enhance productivity during software development, they can also introduce potential security risks such as vulnerability propagation. Software composition analysis, proposed to identify…

Software Engineering · Computer Science 2024-08-27 Ling Jiang , Junwen An , Huihui Huang , Qiyi Tang , Sen Nie , Shi Wu , Yuqun Zhang

Third-Party Library (TPL) detection, which identifies reused libraries in binary code, is critical for software security analysis. At its core, TPL detection depends on binary decomposition-the process of partitioning a monolithic binary…

Software Engineering · Computer Science 2025-12-10 Ang Jia , He Jiang , Zhilei Ren , Xiaochen Li , Zhipeng Yang , Yaxin Duan , Ming Fan , Ting Liu

With the rapid growth of software, using third-party libraries (TPLs) has become increasingly popular. The prosperity of the library usage has provided the software engineers with handful of methods to facilitate and boost the program…

Software Engineering · Computer Science 2022-04-19 Can Yang , Zhengzi Xu , Hongxu Chen , Yang Liu , Xiaorui Gong , Baoxu Liu

Enforcing open source licenses such as the GNU General Public License (GPL), analyzing a binary for possible vulnerabilities, and code maintenance are all situations where it is useful to be able to determine the source code provenance of a…

Cryptography and Security · Computer Science 2017-11-03 Dhaval Miyani , Zhen Huang , David Lie

Software development comprises the use of multiple Third-Party Libraries (TPLs). However, the irrelevant libraries present in software application's distributable often lead to excessive consumption of resources such as CPU cycles, memory,…

Software Engineering · Computer Science 2022-02-23 Ritu Kapur , Poojith U Rao , Agrim Dewan , Balwinder Sodhi

Nowadays, software development progresses rapidly to incorporate new features. To facilitate such growth and provide convenience for developers when creating and updating software, reusing open-source software (i.e., thirdparty library…

Software Engineering · Computer Science 2024-12-02 Shangzhi Xu , Jialiang Dong , Weiting Cai , Juanru Li , Arash Shaghaghi , Nan Sun , Siqi Ma

While reusing third-party libraries (TPL) facilitates software development, its chaotic management has brought great threats to software maintenance and the unauthorized use of source code also raises ethical problems such as misconduct on…

Software Engineering · Computer Science 2025-08-05 Lida Zhao , Chaofan Li , Yueming Wu , Lyuye Zhang , Jiahui Wu , Chengwei Liu , Sen Chen , Yutao Hu , Zhengzi Xu , Yi Liu , Jingquan Ge , Jun Sun , Yang Liu

The prevalent use of third-party libraries (TPLs) in modern software development introduces significant security and compliance risks, necessitating the implementation of Software Composition Analysis (SCA) to manage these threats. However,…

Software Engineering · Computer Science 2025-03-31 Lyuye Zhang , Chengwei Liu , Jiahui Wu , Shiyang Zhang , Chengyue Liu , Zhengzi Xu , Sen Chen , Yang Liu

Function-level binary code similarity detection is a crucial aspect of cybersecurity. It enables the detection of bugs and patent infringements in released software and plays a pivotal role in preventing supply chain attacks. A practical…

Cryptography and Security · Computer Science 2023-12-27 Sun RuiJin , Guo Shize , Guo Jinhong , Li Wei , Zhan Dazhi , Sun Meng , Pan Zhisong

Much software, whether beneficent or malevolent, is distributed only as binaries, sans source code. Absent source code, understanding binaries' behavior can be quite challenging, especially when compiled under higher levels of compiler…

Software Engineering · Computer Science 2021-09-20 Toufique Ahmed , Premkumar Devanbu , Anand Ashok Sawant

Binary authorship analysis is a significant problem in many software engineering applications. In this paper, we formulate a binary authorship verification task to accurately reflect the real-world working process of software forensic…

Software Engineering · Computer Science 2022-03-10 Qige Song , Yongzheng Zhang , Linshu Ouyang , Yige Chen

We introduce Bin2Vec, a new framework that helps compare software programs in a clear and explainable way. Instead of focusing only on one type of information, Bin2Vec combines what a program looks like (its built-in functions, imports, and…

Software Engineering · Computer Science 2025-12-03 Moussa Moussaoui , Tarik Houichime , Abdelalim Sadiq

A timely software update is vital to combat the increasing security vulnerabilities. However, some software vendors may secretly patch their vulnerabilities without creating CVE entries or even describing the security issue in their change…

Cryptography and Security · Computer Science 2023-12-14 Xu He , Shu Wang , Pengbin Feng , Xinda Wang , Shiyu Sun , Qi Li , Kun Sun

Binary decompilation aims to recover binaries into high-level source code, but existing evaluations mainly rely on syntactic similarity or single-axis readability metrics, which fail to capture practical reusability. We propose a…

Software Engineering · Computer Science 2026-05-29 Puzhuo Liu , Yuhan Huang , Jianlei Chi , Peng Di , Yu Jiang

Clone detection is widely exploited for software vulnerability search. The approaches based on source code analysis cannot be applied to binary clone detection because the same source code can produce significantly different binaries. In…

Cryptography and Security · Computer Science 2022-11-11 Jian Gao , Yu Jiang , Zhe Liu , Xin Yang , Cong Wang , Xun Jiao , Zijiang Yang , Jiaguang Sun

Modern software systems are increasingly dependent on third-party libraries. It is widely recognized that using mature and well-tested third-party libraries can improve developers' productivity, reduce time-to-market, and produce more…

Software Engineering · Computer Science 2016-12-07 Mohamed Aymen Saied , Ali Ouni , Houari Sahraoui , Raula Gaikovina Kula , Katsuro Inoue , David Lo

Recognizing vulnerabilities in stripped binary files presents a significant challenge in software security. Although some progress has been made in generating human-readable information from decompiled binary files with Large Language…

Cryptography and Security · Computer Science 2025-05-29 Nasir Hussain , Haohan Chen , Chanh Tran , Philip Huang , Zhuohao Li , Pravir Chugh , William Chen , Ashish Kundu , Yuan Tian

Developers usually use TPLs to facilitate the development of the projects to avoid reinventing the wheels, however, the vulnerable TPLs indeed cause severe security threats. The majority of existing research only considered whether projects…

Software Engineering · Computer Science 2024-09-05 Fangyuan Zhang , Lingling Fan , Sen Chen , Miaoying Cai , Sihan Xu , Lida Zhao
‹ Prev 1 2 3 10 Next ›