English
Related papers

Related papers: StriderSPD: Structure-Guided Joint Representation …

200 papers

Security patch detection (SPD) is crucial for maintaining software security, as unpatched vulnerabilities can lead to severe security risks. In recent years, numerous learning-based SPD approaches have demonstrated promising results on…

Software Engineering · Computer Science 2025-09-09 Qingyuan Li , Binchang Li , Cuiyun Gao , Shuzheng Gao , Zongjie Li

Open-source code is pervasive. In this setting, embedded vulnerabilities are spreading to downstream software at an alarming rate. While such vulnerabilities are generally identified and addressed rapidly, inconsistent maintenance policies…

Cryptography and Security · Computer Science 2024-11-27 Xunzhu Tang , Zhenghan Chen , Kisub Kim , Haoye Tian , Saad Ezzini , Jacques Klein

A timely software update is vital to combat the increasing security vulnerabilities. However, some software vendors may secretly patch their vulnerabilities without creating CVE entries or even describing the security issue in their change…

Cryptography and Security · Computer Science 2023-12-14 Xu He , Shu Wang , Pengbin Feng , Xinda Wang , Shiyu Sun , Qi Li , Kun Sun

Software vendors often silently release security patches without providing sufficient advisories (e.g., Common Vulnerabilities and Exposures) or delayed updates via resources (e.g., National Vulnerability Database). Therefore, it has become…

Software Engineering · Computer Science 2024-12-12 Xin-Cheng Wen , Zirui Lin , Cuiyun Gao , Hongyu Zhang , Yong Wang , Qing Liao

With the increasing usage of open-source software (OSS) components, vulnerabilities embedded within them are propagated to a huge number of underlying applications. In practice, the timely application of security patches in downstream…

Cryptography and Security · Computer Science 2023-01-09 Xinda Wang , Shu Wang , Pengbin Feng , Kun Sun , Sushil Jajodia , Sanae Benchaaboun , Frank Geck

Binary code similarity detection (BCSD) serves as a fundamental technique for various software engineering tasks, e.g., vulnerability detection and classification. Attacks against such models have therefore drawn extensive attention, aiming…

Cryptography and Security · Computer Science 2025-06-09 Mingjie Chen , Tiancheng Zhu , Mingxue Zhang , Yiling He , Minghao Lin , Penghui Li , Kui Ren

Function-level binary code similarity detection is a crucial aspect of cybersecurity. It enables the detection of bugs and patent infringements in released software and plays a pivotal role in preventing supply chain attacks. A practical…

Cryptography and Security · Computer Science 2023-12-27 Sun RuiJin , Guo Shize , Guo Jinhong , Li Wei , Zhan Dazhi , Sun Meng , Pan Zhisong

The growth of open-source software has increased the risk of hidden vulnerabilities that can affect downstream software applications. This concern is further exacerbated by software vendors' practice of silently releasing security patches…

Software Engineering · Computer Science 2023-08-30 Xunzhu Tang , zhenghan Chen , Saad Ezzini , Haoye Tian , Yewei Song , Jacques Klein , Tegawende F. Bissyande

With the rapid increasing number of open source software (OSS), the majority of the software vulnerabilities in the open source components are fixed silently, which leads to the deployed software that integrated them being unable to get a…

Cryptography and Security · Computer Science 2022-07-20 Bozhi Wu , Shangqing Liu , Ruitao Feng , Xiaofei Xie , Jingkai Siow , Shang-Wei Lin

Software vulnerabilities are major risks to software systems. Recently, researchers have proposed many deep learning approaches to detect software vulnerabilities. However, their accuracy is limited in practice. One of the main causes is…

Software Engineering · Computer Science 2025-11-13 Zeru Cheng , Yanjing Yang , He Zhang , Lanxin Yang , Jinghao Hu , Jinwei Xu , Bohan Liu , Haifeng Shen

Software vulnerabilities remain a persistent risk, yet static and dynamic analyses often overlook structural dependencies that shape insecure behaviors. Viewing programs as heterogeneous graphs, we capture control- and data-flow relations…

Software Engineering · Computer Science 2025-10-14 Jugal Gajjar , Kaustik Ranaware , Kamalasankari Subramaniakuppusamy

Software projects are dependent on many third-party libraries, therefore high-risk vulnerabilities can propagate through the dependency chain to downstream projects. Owing to the subjective nature of patch management, software vendors…

Software Engineering · Computer Science 2024-09-16 Mei Han , Lulu Wang , Jianming Chang , Bixin Li , Chunguang Zhang

In modern software ecosystems, 1-day vulnerabilities pose significant security risks due to extensive code reuse. Identifying vulnerable functions in target binaries alone is insufficient; it is also crucial to determine whether these…

Software Engineering · Computer Science 2025-11-04 Siyuan Li , Yaowen Zheng , Hong Li , Jingdong Guo , Chaopeng Dong , Chunpeng Yan , Weijie Wang , Yimo Ren , Limin Sun , Hongsong Zhu

Vulnerability detection is a critical problem in software security and attracts growing attention both from academia and industry. Traditionally, software security is safeguarded by designated rule-based detectors that heavily rely on…

Software Engineering · Computer Science 2024-06-07 Tiehua Zhang , Rui Xu , Jianping Zhang , Yuze Liu , Xin Chen , Jun Yin , Xi Zheng

Fine-tuning large language models often undermines their safety alignment, a problem further amplified by harmful fine-tuning attacks in which adversarial data removes safeguards and induces unsafe behaviors. We propose SPARD, a defense…

Machine Learning · Computer Science 2026-05-28 Shuhao Chen , Weisen Jiang , Yeqi Gong , Shengda Luo , Chengxiang Zhuo , Zang Li , James T. Kwok , Yu Zhang

Split Learning (SL) offers a framework for collaborative model training that respects data privacy by allowing participants to share the same dataset while maintaining distinct feature sets. However, SL is susceptible to backdoor attacks,…

Cryptography and Security · Computer Science 2026-01-27 Zhihao Dou , Dongfei Cui , Weida Wang , Anjun Gao , Yueyang Quan , Mengyao Ma , Viet Vo , Guangdong Bai , Zhuqing Liu , Minghong Fang

Software vulnerabilities (SVs) have become a common, serious and crucial concern due to the ubiquity of computer software. Many machine learning-based approaches have been proposed to solve the software vulnerability detection (SVD)…

Cryptography and Security · Computer Science 2022-09-22 Van Nguyen , Trung Le , Chakkrit Tantithamthavorn , John Grundy , Hung Nguyen , Dinh Phung

Vertical split learning (SL) enables collaborative model training across parties holding complementary features without sharing raw data, but recent work has shown that it is highly vulnerable to poisoning-based backdoor attacks operating…

Cryptography and Security · Computer Science 2026-04-07 Yuhan Shui , Ruobin Jin , Zhihao Dou , Zhiqiang Gao

Split learning enables collaborative deep learning model training while preserving data privacy and model security by avoiding direct sharing of raw data and model details (i.e., sever and clients only hold partial sub-networks and exchange…

Machine Learning · Computer Science 2023-07-19 Mingyuan Fan , Cen Chen , Chengyu Wang , Wenmeng Zhou , Jun Huang

Applying security patches in open source software timely is critical for ensuring the security of downstream applications. However, it is challenging to apply these patches promptly because notifications of patches are often incomplete and…

Cryptography and Security · Computer Science 2024-06-11 Tianyu Chen , Lin Li , Taotao Qian , Jingyi Liu , Wei Yang , Ding Li , Guangtai Liang , Qianxiang Wang , Tao Xie
‹ Prev 1 2 3 10 Next ›