English
Related papers

Related papers: Taint-Style Vulnerability Detection and Confirmati…

200 papers

With their increasing capabilities, Large Language Models (LLMs) are now used across many industries. They have become useful tools for software engineers and support a wide range of development tasks. As LLMs are increasingly used in…

Machine Learning · Computer Science 2026-03-17 Marc Damie , Murat Bilgehan Ertan , Domenico Essoussi , Angela Makhanu , Gaëtan Peter , Roos Wensveen

Software vulnerability management has become increasingly critical as modern systems scale in size and complexity. However, existing automated approaches remain insufficient. Traditional static analysis methods struggle to precisely capture…

Software Engineering · Computer Science 2026-01-27 Zelong Zheng , Jiayuan Zhou , Xing Hu , Yi Gao , Shengyi Pan

The widespread adoption of web applications has made their security a critical concern and has increased the need for systematic ways to assess whether they can be considered trustworthy. However, "trust" assessment remains an open problem…

Cryptography and Security · Computer Science 2026-03-26 Oleksandr Yarotskyi , José D'Abruzzo Pereira , João R. Campos

Large Language Models(LLMs) have been actively integrated into modern software systems as critical components. LLM-in-the-loop vulnerabilities, where vulnerabilities are introduced by LLMs and their dependent downstream components, such as…

Software Engineering · Computer Science 2026-05-29 Yujie Ma , Jialin Rong , Chenxi Yang , Lili Quan , Xiaofei Xie , Yongqiang Lyu , Qiang Hu

Revealing the underlying causal mechanisms in the real world is crucial for scientific and technological progress. Despite notable advances in recent decades, the lack of high-quality data and the reliance of traditional causal discovery…

Machine Learning · Computer Science 2026-02-17 Huaming Du , Tao Hu , Yijie Huang , Yu Zhao , Guisong Liu , Tao Gu , Gang Kou , Carl Yang

The integration of open-source third-party library dependencies in Java development introduces significant security risks when these libraries contain known vulnerabilities. Existing Software Composition Analysis (SCA) tools struggle to…

Software Engineering · Computer Science 2025-07-25 Wang Lingxiang , Quanzhi Fu , Wenjia Song , Gelei Deng , Yi Liu , Dan Williams , Ying Zhang

Large Language Models (LLMs) have shown promise in software vulnerability detection, particularly on function-level benchmarks like Devign and BigVul. However, real-world detection requires interprocedural analysis, as vulnerabilities often…

Cryptography and Security · Computer Science 2025-03-19 Alperen Yildiz , Sin G. Teo , Yiling Lou , Yebo Feng , Chong Wang , Dinil M. Divakaran

Large Language Models (LLMs) are emerging as transformative tools for software vulnerability detection, addressing critical challenges in the security domain. Traditional methods, such as static and dynamic analysis, often falter due to…

Cryptography and Security · Computer Science 2025-02-19 Ze Sheng , Zhicheng Chen , Shuning Gu , Heqing Huang , Guofei Gu , Jeff Huang

The significant increase in software production, driven by the acceleration of development cycles over the past two decades, has led to a steady rise in software vulnerabilities, as shown by statistics published yearly by the CVE program.…

Software Engineering · Computer Science 2025-12-11 Dyna Soumhane Ouchebara , Stéphane Dupont

Log-based insider threat detection (ITD) detects malicious user activities by auditing log entries. Recently, large language models (LLMs) with strong common sense knowledge have emerged in the domain of ITD. Nevertheless, diverse activity…

Cryptography and Security · Computer Science 2024-08-20 Chengyu Song , Linru Ma , Jianming Zheng , Jinzhi Liao , Hongyu Kuang , Lin Yang

Software vulnerabilities, caused by unintentional flaws in source code, are a primary root cause of cyberattacks. Static analysis of source code has been widely used to detect these unintentional defects introduced by software developers.…

Software Engineering · Computer Science 2024-08-08 Andrew A Mahyari

Graph Neural Networks (GNNs) show great promise for Network Intrusion Detection Systems (NIDS), particularly in IoT environments, but suffer performance degradation due to distribution drift and lack robustness against realistic adversarial…

Cryptography and Security · Computer Science 2025-06-27 Zhonghao Zhan , Huichi Zhou , Hamed Haddadi

Taint-style vulnerabilities comprise a majority of fuzzer discovered program faults. These vulnerabilities usually manifest as memory access violations caused by tainted program input. Although fuzzers have helped uncover a majority of…

Cryptography and Security · Computer Science 2017-06-02 Bhargava Shastry , Federico Maggi , Fabian Yamaguchi , Konrad Rieck , Jean-Pierre Seifert

Software is prone to security vulnerabilities. Program analysis tools to detect them have limited effectiveness in practice due to their reliance on human labeled specifications. Large language models (or LLMs) have shown impressive code…

Cryptography and Security · Computer Science 2025-04-08 Ziyang Li , Saikat Dutta , Mayur Naik

TThis paper argues that \textbf{a comprehensive vulnerability analysis is essential for building trustworthy Large Language Model-based Multi-Agent Systems (LLM-MAS)}. These systems, which consist of multiple LLM-powered agents working…

Cryptography and Security · Computer Science 2026-05-19 Pengfei He , Yue Xing , Juanhui Li , Shen Dong , Zhenwei Dai , Xianfeng Tang , Hui Liu , Han Xu , Zhen Xiang , Charu C. Aggarwal , Hui Liu

Autonomous Large Language Model (LLM) agents are increasingly deployed to conduct complex tasks by interacting with external tools, APIs, and memory stores. However, processing untrusted external data exposes these agents to severe security…

Cryptography and Security · Computer Science 2026-04-28 Yuandao Cai , Wensheng Tang , Cheng Wen , Shengchao Qin

Large vision-language model (LVLM)-based web agents are emerging as powerful tools for automating complex online tasks. However, when deployed in real-world environments, they face serious security risks, motivating the design of security…

Cryptography and Security · Computer Science 2026-04-15 Zonghao Ying , Yangguang Shao , Jianle Gan , Gan Xu , Wenxin Zhang , Quanchen Zou , Junzheng Shi , Zhenfei Yin , Mingchuan Zhang , Aishan Liu , Xianglong Liu

Code vulnerability detection (CVD) is essential for addressing and preventing system security issues, playing a crucial role in ensuring software security. Previous learning-based vulnerability detection methods rely on either fine-tuning…

Computation and Language · Computer Science 2025-01-07 Xuefeng Jiang , Lvhua Wu , Sheng Sun , Jia Li , Jingjing Xue , Yuwei Wang , Tingting Wu , Min Liu

Large Language Models (LLMs) have training corpora containing large amounts of program code, greatly improving the model's code comprehension and generation capabilities. However, sound comprehensive research on detecting program…

Cryptography and Security · Computer Science 2024-08-22 Yu Liu , Lang Gao , Mingxin Yang , Yu Xie , Ping Chen , Xiaojin Zhang , Wei Chen

Increasing complexity in software systems places a growing demand on reasoning tools that unlock vulnerabilities manifest in source code. Many current approaches focus on vulnerability analysis as a classifying task, oversimplifying the…

Artificial Intelligence · Computer Science 2025-09-23 Ala Jararweh , Michael Adams , Avinash Sahu , Abdullah Mueen , Afsah Anwar