English
Related papers

Related papers: An LLM-based Quantitative Framework for Evaluating…

200 papers

Large language models (LLMs) have developed rapidly in recent years, revolutionizing various fields. Despite their widespread success, LLMs heavily rely on external code dependencies from package management systems, creating a complex and…

Cryptography and Security · Computer Science 2025-09-01 Shuhan Liu , Xing Hu , Xin Xia , David Lo , Xiaohu Yang

Large language models (LLMs) are increasingly embedded in open-source software (OSS) ecosystems, creating complex interactions among natural language prompts, probabilistic model outputs, and execution-capable components. However, it…

Cryptography and Security · Computer Science 2026-04-16 Fariha Tanjim Shifat , Hariswar Baburaj , Ce Zhou , Jaydeb Sarker , Mia Mohammad Imran

As we increasingly depend on software systems, the consequences of breaches in the software supply chain become more severe. High-profile cyber attacks like those on SolarWinds and ShadowHammer have resulted in significant financial and…

Cryptography and Security · Computer Science 2023-08-10 Tanmay Singla , Dharun Anandayuvaraj , Kelechi G. Kalu , Taylor R. Schorlemmer , James C. Davis

Large Language Model (LLM) is changing the software development paradigm and has gained huge attention from both academia and industry. Researchers and developers collaboratively explore how to leverage the powerful problem-solving ability…

Cryptography and Security · Computer Science 2024-11-05 Qiang Hu , Xiaofei Xie , Sen Chen , Lei Ma

Software supply-chain attacks are an important and ongoing concern in the open source software ecosystem. These attacks maintain the standard functionality that a component implements, but additionally hide malicious functionality activated…

Cryptography and Security · Computer Science 2025-12-17 Evangelos Lamprou , Julian Dai , Grigoris Ntousakis , Martin C. Rinard , Nikos Vasilakis

The rise of Large Language Models (LLMs) has led to the widespread deployment of LLM-based systems across diverse domains. As these systems proliferate, understanding the risks associated with their complex supply chains is increasingly…

Software Engineering · Computer Science 2025-07-25 Yujie Ma , Lili Quan , Xiaofei Xie , Qiang Hu , Jiongchi Yu , Yao Zhang , Sen Chen

Command injection vulnerabilities are a significant security threat in dynamic languages like Python, particularly in widely used open-source projects where security issues can have extensive impact. With the proven effectiveness of Large…

Software Engineering · Computer Science 2025-05-22 Yuxuan Wang , Jingshu Chen , Qingyang Wang

This paper proposes a pipeline for quantitatively evaluating interactive Large Language Models (LLMs) using publicly available datasets. We carry out an extensive technical evaluation of LLMs using Big-Vul covering four different common…

Software Engineering · Computer Science 2024-07-09 Xin Yin , Chao Ni , Shaohua Wang

Background: Leaking sensitive information - such as API keys, tokens, and credentials - in source code remains a persistent security threat. Traditional regex and entropy-based tools often generate high false positives due to limited…

Software Engineering · Computer Science 2025-07-29 Md Nafiu Rahman , Sadif Ahmed , Zahin Wahab , S M Sohan , Rifat Shahriyar

Security of software supply chains is necessary to ensure that software updates do not contain maliciously injected code or introduce vulnerabilities that may compromise the integrity of critical infrastructure. Verifying the integrity of…

Despite various approaches being employed to detect vulnerabilities, the number of reported vulnerabilities shows an upward trend over the years. This suggests the problems are not caught before the code is released, which could be caused…

Cryptography and Security · Computer Science 2025-02-14 Karl Tamberg , Hayretdin Bahsi

The significant increase in software production driven by automation and faster development lifecycles has resulted in a corresponding surge in software vulnerabilities. In parallel, the evolving landscape of software vulnerability…

Cryptography and Security · Computer Science 2024-08-30 Yuejun Guo , Constantinos Patsakis , Qiang Hu , Qiang Tang , Fran Casino

While new technologies emerge, human errors always looming. Software supply chain is increasingly complex and intertwined, the security of a service has become paramount to ensuring the integrity of products, safeguarding data privacy, and…

Cryptography and Security · Computer Science 2025-01-22 Vasileios Alevizos , George A Papakostas , Akebu Simasiku , Dimitra Malliarou , Antonis Messinis , Sabrina Edralin , Clark Xu , Zongliang Yue

Open Source Software (OSS) has become a very important and crucial infrastructure worldwide because of the value it provides. OSS typically depends on contributions from developers across diverse backgrounds and levels of experience. Making…

Software Engineering · Computer Science 2025-10-08 Elijah Kayode Adejumo , Brittany Johnson

IT systems are facing an increasing number of security threats, including advanced persistent attacks and future quantum-computing vulnerabilities. The move towards crypto-agility and post-quantum cryptography (PQC) requires a reliable…

Cryptography and Security · Computer Science 2026-03-23 Eduard Hirsch , Kristina Raab , Tobias J. Bauer , Daniel Loebenberger

A software supply chain attack is characterized by the injection of malicious code into a software package in order to compromise dependent systems further down the chain. Recent years saw a number of supply chain attacks that leverage the…

Cryptography and Security · Computer Science 2020-05-20 Marc Ohm , Henrik Plate , Arnold Sykosch , Michael Meier

Large Language Models (LLMs) are emerging as transformative tools for software vulnerability detection, addressing critical challenges in the security domain. Traditional methods, such as static and dynamic analysis, often falter due to…

Cryptography and Security · Computer Science 2025-02-19 Ze Sheng , Zhicheng Chen , Shuning Gu , Heqing Huang , Guofei Gu , Jeff Huang

In the digital era, accidental exposure of sensitive information such as API keys, tokens, and credentials is a growing security threat. While most prior work focuses on detecting secrets in source code, leakage in software issue reports…

Software Engineering · Computer Science 2026-04-17 Sadif Ahmed , Md Nafiu Rahman , Zahin Wahab , Gias Uddin , Rifat Shahriyar

The use of free and open source software (FOSS) components in all software systems is estimated to be above 90%. With such high usage and because of the heterogeneity of FOSS tools, repositories, developers and ecosystem, the level of…

Cryptography and Security · Computer Science 2023-11-21 Luıs Soeiro , Thomas Robert , Stefano Zacchiroli

Large language models (LLMs) are increasingly deployed through open-source and commercial frameworks, enabling individuals and organizations to self-host advanced LLM capabilities. As LLM deployments become prevalent, particularly in…

Cryptography and Security · Computer Science 2025-08-27 Xinyi Hou , Jiahao Han , Yanjie Zhao , Haoyu Wang
‹ Prev 1 2 3 10 Next ›