English
Related papers

Related papers: Reading Between the Code Lines: On the Use of Self…

200 papers

There has been a significant amount of interest regarding the use of diversity-based testing techniques in software testing over the past two decades. Diversity-based testing (DBT) technique uses similarity metrics to leverage the…

Software Engineering · Computer Science 2025-04-18 Islam T. Elgendy , Robert M. Hierons , Phil McMinn

In the age of big data and machine learning, at a time when the techniques and methods of software development are evolving rapidly, a problem has arisen: programmers can no longer detect all the security flaws and vulnerabilities in their…

Software Engineering · Computer Science 2021-08-05 Amirreza Bagheri , Péter Hegedűs

Software vulnerabilities in source code pose serious cybersecurity risks, prompting a shift from traditional detection methods (e.g., static analysis, rule-based matching) to AI-driven approaches. This study presents a systematic review of…

Software Engineering · Computer Science 2025-06-13 Samiha Shimmi , Hamed Okhravi , Mona Rahimi

Cache-based side channels enable a dedicated attacker to reveal program secrets by measuring the cache access patterns. Practical attacks have been shown against real-world crypto algorithm implementations such as RSA, AES, and ElGamal. By…

Cryptography and Security · Computer Science 2019-06-03 Shuai Wang , Yuyan Bao , Xiao Liu , Pei Wang , Danfeng Zhang , Dinghao Wu

Preventing vulnerability exploits is a critical software maintenance task, and software engineers often rely on Common Vulnerability and Exposure (CVEs) reports for information about vulnerable systems and libraries. These reports include…

Software Engineering · Computer Science 2019-10-01 Danielle Gonzalez , Holly Hastings , Mehdi Mirakhorli

Programmers often add meaningful information about program semantics when naming program entities such as variables, functions, and macros. However, static analysis tools typically discount this information when they look for bugs in a…

Programming Languages · Computer Science 2020-09-22 Roger Scott , Joseph Ranieri , Lucja Kot , Vineeth Kashyap

Large Language Models have become integral to software development, yet they frequently generate vulnerable code. Existing code vulnerability detection benchmarks employ binary classification, lacking the CWE-level specificity required for…

Software Engineering · Computer Science 2026-01-06 Muntasir Adnan , Carlos C. N. Kuhn

Context: Software metrics, as one form of static analyses, is a commonly used approach in software engineering in order to understand the state of a software system, in particular to identify potential areas prone to defects. Family-based…

Software Engineering · Computer Science 2021-10-13 Sascha El-Sharkawy , Adam Krafczyk , Klaus Schmid

Static Application Security Testing (SAST) tools play a vital role in modern software development by automatically detecting potential vulnerabilities in source code. However, their effectiveness is often limited by a high rate of false…

Software Engineering · Computer Science 2026-03-12 Tom Ohlmer , Michael Schlichtig , Eric Bodden

A system vulnerability analysis technique (SVAT) for the analysis of complex mission critical systems (CMCS) that cannot be taken offline or subjected to the risks posed by traditional penetration testing was previously developed. This…

Cryptography and Security · Computer Science 2024-09-18 Matthew Tassava , Cameron Kolodjski , Jeremy Straub

AI coding assistants are now used to generate production code in security-sensitive domains, yet the exploitability of their outputs remains unquantified. We address this gap with Broken by Default: a formal verification study of 3,500 code…

Cryptography and Security · Computer Science 2026-04-09 Dominik Blain , Maxime Noiseux

Software analytics can be improved by surveying; i.e. rechecking and (possibly) revising the labels offered by prior analysis. Surveying is a time-consuming task and effective surveyors must carefully manage their time. Specifically, they…

Software Engineering · Computer Science 2019-05-22 Fahmid M. Fahid , Zhe Yu , Tim Menzies

Software analytics (SA) is frequently proposed as a tool to support practitioners in software engineering (SE) tasks. We have observed that several secondary studies on SA have been published. Some of these studies have overlapping aims and…

Software Engineering · Computer Science 2025-09-18 Muhammad Laiq , Nauman bin Ali , Jürgen Börstler , Emelie Engström

Static analysis is widely used for software assurance. However, static analysis tools can report an overwhelming number of warnings, many of which are false positives. Applying static analysis to a new version, a large number of warnings…

Software Engineering · Computer Science 2023-05-05 Xiuyuan Guo , Ashwin Kallingal Joshy , Benjamin Steenhoek , Wei Le , Lori Flynn

Advanced attack campaigns span across multiple stages and stay stealthy for long time periods. There is a growing trend of attackers using off-the-shelf tools and pre-installed system applications (such as \emph{powershell} and \emph{wmic})…

Cryptography and Security · Computer Science 2019-05-21 Aditya Kuppa , Slawomir Grzonkowski , Muhammad Rizwan Asghar , Nhien-An Le-Khac

Automatic synthesis of hardware components from declarative specifications is an ambitious endeavor in computer aided design. Existing synthesis algorithms are often implemented with Binary Decision Diagrams (BDDs), inheriting their…

Logic in Computer Science · Computer Science 2013-11-15 Roderick Bloem , Robert Koenighofer , Martina Seidl

This report examines the synergy between Large Language Models (LLMs) and Static Application Security Testing (SAST) to improve vulnerability discovery. Traditional SAST tools, while effective for proactive security, are limited by high…

Cryptography and Security · Computer Science 2025-11-06 Vaibhav Agrawal , Kiarash Ahi

Most existing pre-trained language models for source code focus on learning the static code text, typically augmented with static code structures (abstract syntax tree, dependency graphs, etc.). However, program semantics will not be fully…

Software Engineering · Computer Science 2023-06-14 Yangruibo Ding , Ben Steenhoek , Kexin Pei , Gail Kaiser , Wei Le , Baishakhi Ray

Technical Debt analysis is increasing in popularity as nowadays researchers and industry are adopting various tools for static code analysis to evaluate the quality of their code. Despite this, empirical studies on software projects are…

Software Engineering · Computer Science 2019-08-05 Valentina Lenarduzzi , Nyyti Saarimäki , Davide Taibi

Currently, while software engineers write code for various modules, quite often, various types of errors - coding, logic, semantic, and others (most of which are not caught by compilation and other tools) get introduced. Some of these bugs…

Software Engineering · Computer Science 2020-04-28 Anshul Tanwar , Krishna Sundaresan , Parmesh Ashwath , Prasanna Ganesan , Sathish Kumar Chandrasekaran , Sriram Ravi
‹ Prev 1 8 9 10 Next ›