English
Related papers

Related papers: Extracting Recurring Vulnerabilities from Black-Bo…

200 papers

Automatically generated software, especially code produced by Large Language Models (LLMs), is increasingly adopted to accelerate development and reduce manual effort. However, little is known about the long-term reliability of such systems…

Software Engineering · Computer Science 2025-10-29 César Santos , Ermeson Andrade , Roberto Natella

Large language models (LLMs) have become proficient at sophisticated code-generation tasks, yet remain ineffective at reliably detecting or avoiding code vulnerabilities. Does this deficiency stem from insufficient learning about code…

Cryptography and Security · Computer Science 2025-07-15 Weichen Yu , Ravi Mangal , Terry Zhuo , Matt Fredrikson , Corina S. Pasareanu

Although LLMs have shown promising potential in vulnerability detection, this study reveals their limitations in distinguishing between vulnerable and similar-but-benign patched code (only 0.06 - 0.14 accuracy). It shows that LLMs struggle…

Software Engineering · Computer Science 2025-06-18 Xueying Du , Geng Zheng , Kaixin Wang , Yi Zou , Yujia Wang , Wentai Deng , Jiayi Feng , Mingwei Liu , Bihuan Chen , Xin Peng , Tao Ma , Yiling Lou

Large language models (LLMs) have brought significant advancements to code generation, benefiting both novice and experienced developers. However, their training using unsanitized data from open-source repositories, like GitHub, introduces…

Software Engineering · Computer Science 2023-10-26 Jiexin Wang , Liuwen Cao , Xitong Luo , Zhiping Zhou , Jiayuan Xie , Adam Jatowt , Yi Cai

Large Language Models (LLMs) are rapidly transforming the landscape of digital content creation. However, the prevalent black-box Application Programming Interface (API) access to many LLMs introduces significant challenges in…

Cryptography and Security · Computer Science 2026-01-21 Zhiyuan Fu , Junfan Chen , Lan Zhang , Ting Yang , Jun Niu , Hongyu Sun , Ruidong Li , Peng Liu , Jice Wang , Fannv He , Qiuling Yue , Yuqing Zhang

Command injection vulnerabilities are a significant security threat in dynamic languages like Python, particularly in widely used open-source projects where security issues can have extensive impact. With the proven effectiveness of Large…

Software Engineering · Computer Science 2025-05-22 Yuxuan Wang , Jingshu Chen , Qingyang Wang

Autonomous Large Language Model (LLM) agents, exemplified by OpenClaw, demonstrate remarkable capabilities in executing complex, long-horizon tasks. However, their tightly coupled instant-messaging interaction paradigm and high-privilege…

Large Language Models (LLMs) for code generation can replicate insecure patterns from their training data. To mitigate this, a common strategy for security hardening is to fine-tune models using supervision derived from the final…

Software Engineering · Computer Science 2026-04-13 Li Huang , Zhongxin Liu , Yifan Wu , Tao Yin , Dong Li , Jichao Bi , Nankun Mu , Hongyu Zhang , Meng Yan

Prior studies generally focus on software vulnerability detection and have demonstrated the effectiveness of Graph Neural Network (GNN)-based approaches for the task. Considering the various types of software vulnerabilities and the…

Software Engineering · Computer Science 2023-06-13 Xin-Cheng Wen , Cuiyun Gao , Feng Luo , Haoyu Wang , Ge Li , Qing Liao

Large language models (LLMs) are increasingly used to automate feature engineering in tabular learning. Given task-specific information, LLMs can propose diverse feature transformation operations to enhance downstream model performance.…

Machine Learning · Computer Science 2026-01-30 Zhuoyan Li , Aditya Bansal , Jinzhao Li , Shishuang He , Zhuoran Lu , Mutian Zhang , Qin Liu , Yiwei Yang , Swati Jain , Ming Yin , Yunyao Li

Recent advancements in artificial intelligence have enabled processing of larger inputs, leading everyday software developers to increasingly rely on chat-based large language models (LLMs) like GPT-3.5 and GPT-4 to detect vulnerabilities…

Software Engineering · Computer Science 2025-02-12 Francesco Sovrano , Adam Bauer , Alberto Bacchelli

Large language models (LLMs) have achieved record adoption in a short period of time across many different sectors including high importance areas such as education [4] and healthcare [23]. LLMs are open-ended models trained on diverse data…

Cryptography and Security · Computer Science 2024-12-24 Herve Debar , Sven Dietrich , Pavel Laskov , Emil C. Lupu , Eirini Ntoutsi

Large Language Models (LLMs) have demonstrated remarkable capabilities in code generation, but their proficiency in producing secure code remains a critical, under-explored area. Existing benchmarks often fall short by relying on synthetic…

Cryptography and Security · Computer Science 2026-02-02 Yanlin Wang , Ziyao Zhang , Chong Wang , Xinyi Xu , Mingwei Liu , Yong Wang , Jiachi Chen , Zibin Zheng

This paper presents results from the MSR 2021 Hackathon. Our team investigates files/projects that contain known security vulnerabilities and how widespread they are throughout repositories in open source software. These security…

Software Engineering · Computer Science 2021-03-24 David Reid , Kalvin Eng , Chris Bogart , Adam Tutko

The code generation capabilities of Large Language Models (LLMs) have transformed the field of software development. However, this advancement also presents significant security challenges, as LLM-generated code often contains…

Cryptography and Security · Computer Science 2025-10-14 Rupam Patir , Keyan Guo , Haipeng Cai , Hongxin Hu

Large language model (LLM) agents have demonstrated remarkable capabilities in software engineering and cybersecurity tasks, including code generation, vulnerability discovery, and automated testing. One critical but underexplored…

Software Engineering · Computer Science 2025-10-17 Bin Liu , Yanjie Zhao , Guoai Xu , Haoyu Wang

Prompt injection attacks exploit vulnerabilities in large language models (LLMs) to manipulate the model into unintended actions or generate malicious content. As LLM integrated applications gain wider adoption, they face growing…

Cryptography and Security · Computer Science 2024-01-03 Daniel Wankit Yip , Aysan Esmradi , Chun Fai Chan

Large Language Models increasingly power critical infrastructure from healthcare to finance, yet their vulnerability to adversarial manipulation threatens system integrity and user safety. Despite growing deployment, no comprehensive…

Cryptography and Security · Computer Science 2026-03-19 Taiwo Onitiju , Iman Vakilinia

Open agentic systems combine LLM-based planning with external capabilities, persistent memory, and privileged execution. They are used in coding assistants, browser copilots, and enterprise automation. OpenClaw is a visible instance of this…

Cryptography and Security · Computer Science 2026-03-30 Shiping Chen , Qin Wang , Guangsheng Yu , Xu Wang , Liming Zhu

In this study, we evaluated the capability of Large Language Models (LLMs), particularly OpenAI's GPT-4, in detecting software vulnerabilities, comparing their performance against traditional static code analyzers like Snyk and Fortify. Our…

Software Engineering · Computer Science 2023-08-22 David Noever