English
Related papers

Related papers: From Attack Descriptions to Vulnerabilities: A Sen…

200 papers

Modern infrastructures rely on software systems that remain vulnerable to cyberattacks. These attacks frequently exploit vulnerabilities documented in repositories such as MITRE's Common Vulnerabilities and Exposures (CVE). However, Cyber…

Cryptography and Security · Computer Science 2026-02-27 Refat Othman

Identifying the vulnerabilities exploited during cyberattacks is essential for enabling timely responses and effective mitigation in software security. This paper directly examines the process of predicting software vulnerabilities,…

Cryptography and Security · Computer Science 2026-02-24 Refat Othman , Diaeddin Rimawi , Bruno Rossi , Barbara Russo

Vulnerabilities in software security can remain undiscovered even after being exploited. Linking attacks to vulnerabilities helps experts identify and respond promptly to the incident. This paper introduces VULDAT, a classification tool…

Cryptography and Security · Computer Science 2024-07-12 Refat Othman , Bruno Rossi , Barbara Russo

Weaknesses in computer systems such as faults, bugs and errors in the architecture, design or implementation of software provide vulnerabilities that can be exploited by attackers to compromise the security of a system. Common Weakness…

Machine Learning · Computer Science 2021-02-24 Siddhartha Shankar Das , Edoardo Serra , Mahantesh Halappanavar , Alex Pothen , Ehab Al-Shaer

In recent years, a proliferation of cyber-security threats and diversity has been on the rise culminating in an increase in their reporting and analysis. To counter that, many non-profit organizations have emerged in this domain, such as…

Cryptography and Security · Computer Science 2023-04-24 Ashraf Haddad , Najwa Aaraj , Preslav Nakov , Septimiu Fabian Mare

Software vulnerabilities have been continually disclosed and documented. An important practice in documenting vulnerabilities is to describe the key vulnerability aspects, such as vulnerability type, root cause, affected product, impact,…

Software Engineering · Computer Science 2020-08-07 Hao Guo , Zhenchang Xing , Xiaohong Li

Preventing vulnerability exploits is a critical software maintenance task, and software engineers often rely on Common Vulnerability and Exposure (CVEs) reports for information about vulnerable systems and libraries. These reports include…

Software Engineering · Computer Science 2019-10-01 Danielle Gonzalez , Holly Hastings , Mehdi Mirakhorli

Manual vulnerability scoring, such as assigning Common Vulnerability Scoring System (CVSS) scores, is a resource-intensive process that is often influenced by subjective interpretation. This study investigates the potential of…

Cryptography and Security · Computer Science 2026-01-06 Sima Jafarikhah , Daniel Thompson , Eva Deans , Hossein Siadati , Yi Liu

Due to the ever-increasing threat of cyber-attacks to critical cyber infrastructure, organizations are focusing on building their cybersecurity knowledge base. A salient list of cybersecurity knowledge is the Common Vulnerabilities and…

Cryptography and Security · Computer Science 2021-08-05 Benjamin Ampel , Sagar Samtani , Steven Ullman , Hsinchun Chen

Understanding software vulnerabilities and their resolutions is crucial for securing modern software systems. This study presents a novel traceability model that links a pair of sentences describing at least one of the three types of…

Software Engineering · Computer Science 2025-03-17 Amiao Gao , Zenong Zhang , Simin Wang , Liguo Huang , Shiyi Wei , Vincent Ng

Cyber-security vulnerabilities are usually published in form of short natural language descriptions (e.g., in form of MITRE's CVE list) that over time are further manually enriched with labels such as those defined by the Common…

Cryptography and Security · Computer Science 2023-10-11 Mark-Oliver Stehr , Minyoung Kim

The rapid increase in cybersecurity vulnerabilities necessitates automated tools for analyzing and classifying vulnerability reports. This paper presents a novel Vulnerability Report Classifier that leverages the BERT (Bidirectional Encoder…

Cryptography and Security · Computer Science 2025-03-28 Himanshu Tiwari

Software vulnerabilities are now reported at an unprecedented speed due to the recent development of automated vulnerability hunting tools. However, fixing vulnerabilities still mainly depends on programmers' manual efforts. Developers need…

Cryptography and Security · Computer Science 2022-03-23 Jianlei Chi , Yu Qu , Ting Liu , Qinghua Zheng , Heng Yin

The increasing complexity and volume of software systems have heightened the importance of identifying and mitigating security vulnerabilities. The existing software vulnerability datasets frequently fall short in providing comprehensive,…

Cryptography and Security · Computer Science 2026-04-06 Murtuza Shahzad , Joseph Wilson , Ibrahim Al Azher , Hamed Alhoori , Mona Rahimi

It is increasingly suggested to identify Software Vulnerabilities (SVs) in code commits to give early warnings about potential security risks. However, there is a lack of effort to assess vulnerability-contributing commits right after they…

Software Engineering · Computer Science 2021-08-19 Triet H. M. Le , David Hin , Roland Croft , M. Ali Babar

There is an increasing trend to mine vulnerabilities from software repositories and use machine learning techniques to automatically detect software vulnerabilities. A fundamental but unresolved research question is: how do different…

Software Engineering · Computer Science 2024-06-07 Esma Mouine , Yan Liu , Lu Xiao , Rick Kazman , Xiao Wang

This paper addresses a critical challenge in cybersecurity: the gap between vulnerability information represented by Common Vulnerabilities and Exposures (CVEs) and the resulting cyberattack actions. CVEs provide insights into…

Cryptography and Security · Computer Science 2023-09-07 Ehsan Aghaei , Ehab Al-Shaer

Security incidents and data breaches are increasing rapidly, and only a fraction of them is being reported. Public vulnerability databases, e.g., national vulnerability database (NVD) and common vulnerability and exposure (CVE), have been…

Cryptography and Security · Computer Science 2022-10-05 Hattan Althebeiti , David Mohaisen

Many studies have developed Machine Learning (ML) approaches to detect Software Vulnerabilities (SVs) in functions and fine-grained code statements that cause such SVs. However, there is little work on leveraging such detection outputs for…

Software Engineering · Computer Science 2022-03-17 Triet H. M. Le , M. Ali Babar

Software vulnerabilities are a serious and crucial concern. Typically, in a program or function consisting of hundreds or thousands of source code statements, there are only a few statements causing the corresponding vulnerabilities. Most…

Cryptography and Security · Computer Science 2024-06-13 Van Nguyen , Trung Le , Chakkrit Tantithamthavorn , Michael Fu , John Grundy , Hung Nguyen , Seyit Camtepe , Paul Quirk , Dinh Phung
‹ Prev 1 2 3 10 Next ›