English
Related papers

Related papers: FP-Predictor - False Positive Prediction for Stati…

200 papers

Static Analysis (SA) tools are used to identify potential weaknesses in code and fix them in advance, while the code is being developed. In legacy codebases with high complexity, these rules-based static analysis tools generally report a…

Software vulnerabilities pose significant security challenges and potential risks to society, necessitating extensive efforts in automated vulnerability detection. There are two popular lines of work to address automated vulnerability…

Software Engineering · Computer Science 2024-07-24 Xin Zhou , Duc-Manh Tran , Thanh Le-Cong , Ting Zhang , Ivana Clairine Irsan , Joshua Sumarlin , Bach Le , David Lo

Static analysis tools come in many forms andconfigurations, allowing them to handle various tasks in a (secure) development process: code style linting, bug/vulnerability detection, verification, etc., and adapt to the specific requirements…

Graph Neural Networks (GNNs) have emerged as potent tools for predicting outcomes in graph-structured data. Despite their efficacy, a significant drawback of GNNs lies in their limited ability to provide robust uncertainty estimates, posing…

Machine Learning · Computer Science 2025-03-26 S. Akansha

Code obfuscation is widely adopted in modern software development to protect intellectual property and hinder reverse engineering, but it also provides attackers with a powerful means to conceal malicious logic inside otherwise legitimate…

Cryptography and Security · Computer Science 2026-04-02 Francesco Pagano , Lorenzo Pisu , Leonardo Regano , Davide Maiorca , Alessio Merlo , Giorgio Giacinto

Graph is a flexible and effective tool to represent complex structures in practice and graph neural networks (GNNs) have been shown to be effective on various graph tasks with randomly separated training and testing data. In real…

Machine Learning · Computer Science 2021-10-11 Shengyu Zhang , Kun Kuang , Jiezhong Qiu , Jin Yu , Zhou Zhao , Hongxia Yang , Zhongfei Zhang , Fei Wu

Automatic static analysis tools (ASATs), such as Findbugs, have a high false alarm rate. The large number of false alarms produced poses a barrier to adoption. Researchers have proposed the use of machine learning to prune false alarms and…

Software Engineering · Computer Science 2022-02-15 Hong Jin Kang , Khai Loong Aw , David Lo

Predicting the performance of production code prior to actually executing or benchmarking it is known to be highly challenging. In this paper, we propose a predictive model, dubbed TEP-GNN, which demonstrates that high-accuracy performance…

Software Engineering · Computer Science 2022-08-26 Hazem Peter Samoaa , Antonio Longa , Mazen Mohamad , Morteza Haghir Chehreghani , Philipp Leitner

The current cybersecurity landscape is increasingly complex, with traditional Static Application Security Testing (SAST) tools struggling to capture complex and emerging vulnerabilities due to their reliance on rule-based matching.…

Cryptography and Security · Computer Science 2024-11-25 Mete Keltek , Rong Hu , Mohammadreza Fani Sani , Ziyue Li

Graph Neural Networks (GNNs) have emerged as powerful tools for predicting outcomes in graph-structured data. However, a notable limitation of GNNs is their inability to provide robust uncertainty estimates, which undermines their…

Machine Learning · Computer Science 2024-10-10 S. Akansha

This study explores the effectiveness of graph neural networks (GNNs) for vulnerability detection in software code, utilizing a real-world dataset of Java vulnerability-fixing commits. The dataset's structure, based on the number of…

Cryptography and Security · Computer Science 2024-06-19 Ravil Mussabayev

(Note: This work is a preprint.) Static analysis (SA) tools produce many diagnostic alerts indicating that source code in C or C++ may be defective and potentially vulnerable to security exploits. Many of these alerts are false positives.…

Software Engineering · Computer Science 2025-08-06 David Svoboda , Lori Flynn , William Klieber , Michael Duggan , Nicholas Reimer , Joseph Sible

Graph Neural Networks (GNNs) has been widely used in a variety of fields because of their great potential in representing graph-structured data. However, lacking of rigorous uncertainty estimations limits their application in high-stakes.…

Machine Learning · Computer Science 2025-01-07 Ting Wang , Zhixin Zhou , Rui Luo

Graph neural networks (GNNs) are designed for semi-supervised node classification on graphs where only a subset of nodes have class labels. However, under extreme cases when very few labels are available (e.g., 1 labeled node per class),…

Machine Learning · Computer Science 2023-03-02 Ziang Zhou , Jieming Shi , Shengzhong Zhang , Zengfeng Huang , Qing Li

Context: Static Application Security Testing Tools (SASTTs) identify software vulnerabilities to support the security and reliability of software applications. Interestingly, several studies have suggested that alternative solutions may be…

Software Engineering · Computer Science 2024-03-15 Matteo Esposito , Valentina Falaschi , Davide Falessi

The detection of malware is a critical task for the protection of computing environments. This task often requires extremely low false positive rates (FPR) of 0.01% or even lower, for which modern machine learning has no readily available…

Machine Learning · Computer Science 2021-09-07 Andre T. Nguyen , Edward Raff , Charles Nicholas , James Holt

When deploying machine learning models in high-stakes robotics applications, the ability to detect unsafe situations is crucial. Early warning systems can provide alerts when an unsafe situation is imminent (in the absence of corrective…

Detecting vulnerabilities in source code is a critical task for software security assurance. Graph Neural Network (GNN) machine learning can be a promising approach by modeling source code as graphs. Early approaches treated code elements…

Cryptography and Security · Computer Science 2025-02-25 Yu Luo , Weifeng Xu , Dianxiang Xu

Graph Anomaly Detection (GAD) is critical in security-sensitive domains, yet faces reliability challenges: miscalibrated confidence estimation (underconfidence in normal nodes, overconfidence in anomalies), adversarial vulnerability of…

Machine Learning · Computer Science 2025-04-04 Songran Bai , Xiaolong Zheng , Daniel Dajun Zeng

Context: Static Application Security Testing (SAST) and Runtime Application Security Protection (RASP) are important and complementary techniques used for detecting and enforcing application-level security policies in web applications.…

Programming Languages · Computer Science 2021-07-16 Angel Luis Scull Pupo , Jens Nicolay , Elisa Gonzalez Boix