English
Related papers

Related papers: From Detection to Prevention: Explaining Security-…

200 papers

Despite various approaches being employed to detect vulnerabilities, the number of reported vulnerabilities shows an upward trend over the years. This suggests the problems are not caught before the code is released, which could be caused…

Cryptography and Security · Computer Science 2025-02-14 Karl Tamberg , Hayretdin Bahsi

Software vulnerabilities, caused by unintentional flaws in source code, are a primary root cause of cyberattacks. Static analysis of source code has been widely used to detect these unintentional defects introduced by software developers.…

Software Engineering · Computer Science 2024-08-08 Andrew A Mahyari

While automated vulnerability detection techniques have made promising progress in detecting security vulnerabilities, their scalability and applicability remain challenging. The remarkable performance of Large Language Models (LLMs), such…

Cryptography and Security · Computer Science 2024-10-24 Avishree Khare , Saikat Dutta , Ziyang Li , Alaia Solko-Breslin , Rajeev Alur , Mayur Naik

Large language models (LLMs) are widely used in software development. However, the code generated by LLMs often contains vulnerabilities. Several secure code generation methods have been proposed to address this issue, but their current…

Cryptography and Security · Computer Science 2025-11-14 Shih-Chieh Dai , Jun Xu , Guanhong Tao

Large Language Models (LLMs) have emerged as powerful tools for automating programming tasks, including security-related ones. However, they can also introduce vulnerabilities during code generation, fail to detect existing vulnerabilities,…

Cryptography and Security · Computer Science 2026-03-18 Enna Basic , Alberto Giaretta

Large language models (LLMs) have brought significant advancements to code generation, benefiting both novice and experienced developers. However, their training using unsanitized data from open-source repositories, like GitHub, introduces…

Software Engineering · Computer Science 2023-10-26 Jiexin Wang , Liuwen Cao , Xitong Luo , Zhiping Zhou , Jiayuan Xie , Adam Jatowt , Yi Cai

Software is prone to security vulnerabilities. Program analysis tools to detect them have limited effectiveness in practice due to their reliance on human labeled specifications. Large language models (or LLMs) have shown impressive code…

Cryptography and Security · Computer Science 2025-04-08 Ziyang Li , Saikat Dutta , Mayur Naik

The significant increase in software production driven by automation and faster development lifecycles has resulted in a corresponding surge in software vulnerabilities. In parallel, the evolving landscape of software vulnerability…

Cryptography and Security · Computer Science 2024-08-30 Yuejun Guo , Constantinos Patsakis , Qiang Hu , Qiang Tang , Fran Casino

Large language models (LLMs) excel in many tasks of software engineering, yet progress in leveraging them for vulnerability discovery has stalled in recent years. To understand this phenomenon, we investigate LLMs through the lens of…

Cryptography and Security · Computer Science 2025-09-24 Felix Weissberg , Lukas Pirch , Erik Imgrund , Jonas Möller , Thorsten Eisenhofer , Konrad Rieck

Loop vulnerabilities are one major risky construct in software development. They can easily lead to infinite loops or executions, exhaust resources, or introduce logical errors that degrade performance and compromise security. The problem…

Software Engineering · Computer Science 2026-01-23 Adeyemi Adeseye , Aisvarya Adeseye

Context: Traditional software security analysis methods struggle to keep pace with the scale and complexity of modern codebases, requiring intelligent automation to detect, assess, and remediate vulnerabilities more efficiently and…

Software Engineering · Computer Science 2026-01-14 Shaznin Sultana , Sadia Afreen , Nasir U. Eisty

In this paper, we present a challenging code reasoning task: vulnerability detection. Large Language Models (LLMs) have shown promising results in natural-language and math reasoning, but state-of-the-art (SOTA) models reported only 54.5%…

Software Engineering · Computer Science 2025-01-09 Benjamin Steenhoek , Md Mahbubur Rahman , Monoshi Kumar Roy , Mirza Sanjida Alam , Hengbo Tong , Swarna Das , Earl T. Barr , Wei Le

Due to the growing number of cyber attacks against computer systems, we need to pay special attention to the security of our software systems. In order to maximize the effectiveness, excluding the human component from this process would be…

Cryptography and Security · Computer Science 2021-05-18 Tamás Viszkok , Péter Hegedűs , Rudolf Ferenc

Large Language Models (LLMs) are emerging as transformative tools for software vulnerability detection, addressing critical challenges in the security domain. Traditional methods, such as static and dynamic analysis, often falter due to…

Cryptography and Security · Computer Science 2025-02-19 Ze Sheng , Zhicheng Chen , Shuning Gu , Heqing Huang , Guofei Gu , Jeff Huang

With the recent advancement of Large Language Models (LLMs), generating functionally correct code has become less complicated for a wide array of developers. While using LLMs has sped up the functional development process, it poses a heavy…

Cryptography and Security · Computer Science 2024-02-01 Nafis Tanveer Islam , Mohammad Bahrami Karkevandi , Peyman Najafirad

With the increasing popularity of plugin-based software systems, ensuring the security of plugins has become a critical concern. When users install plugins or browse websites with plugins from an untrusted source, how can we be sure that…

Software Engineering · Computer Science 2024-05-14 Naisheng Liang , Alex Potanin

Code vulnerability detection (CVD) is essential for addressing and preventing system security issues, playing a crucial role in ensuring software security. Previous learning-based vulnerability detection methods rely on either fine-tuning…

Computation and Language · Computer Science 2025-01-07 Xuefeng Jiang , Lvhua Wu , Sheng Sun , Jia Li , Jingjing Xue , Yuwei Wang , Tingting Wu , Min Liu

Large language models (LLMs) have become proficient at sophisticated code-generation tasks, yet remain ineffective at reliably detecting or avoiding code vulnerabilities. Does this deficiency stem from insufficient learning about code…

Cryptography and Security · Computer Science 2025-07-15 Weichen Yu , Ravi Mangal , Terry Zhuo , Matt Fredrikson , Corina S. Pasareanu

With the growing popularity of Large Language Models (LLMs) in software engineers' daily practices, it is important to ensure that the code generated by these tools is not only functionally correct but also free of vulnerabilities. Although…

Software Engineering · Computer Science 2024-09-06 Mohammed Latif Siddiq , Joanna C. S. Santos , Sajith Devareddy , Anna Muller

Large Language Models (LLMs) show remarkable capabilities in understanding natural language and generating complex code. However, as practitioners adopt CodeLLMs for increasingly critical development tasks, research reveals that these…

Cryptography and Security · Computer Science 2026-03-13 Maximilian Wendlinger , Daniel Kowatsch , Konstantin Böttinger , Philip Sperl
‹ Prev 1 2 3 10 Next ›