English
Related papers

Related papers: Taint-Style Vulnerability Detection and Confirmati…

200 papers

Code security and usability are both essential for various coding assistant applications driven by large language models (LLMs). Current code security benchmarks focus solely on single evaluation task and paradigm, such as code completion…

Computation and Language · Computer Science 2025-05-16 Yutao Mou , Xiao Deng , Yuxiao Luo , Shikun Zhang , Wei Ye

LLM agents are evolving rapidly, powered by code execution, tools, and the recently introduced agent skills feature. Skills allow users to extend LLM applications with specialized third-party code, knowledge, and instructions. Although this…

Cryptography and Security · Computer Science 2026-02-26 David Schmotz , Luca Beurer-Kellner , Sahar Abdelnabi , Maksym Andriushchenko

Software vulnerabilities remain a critical security challenge, providing entry points for attackers into enterprise networks. Despite advances in security practices, the lack of high-quality datasets capturing diverse exploit behavior…

Cryptography and Security · Computer Science 2025-11-17 Alireza Lotfi , Charalampos Katsis , Elisa Bertino

The increasing frequency of attacks on Android applications coupled with the recent popularity of large language models (LLMs) necessitates a comprehensive understanding of the capabilities of the latter in identifying potential…

Cryptography and Security · Computer Science 2025-03-18 Vasileios Kouliaridis , Georgios Karopoulos , Georgios Kambourakis

The systems and software powered by Large Language Models (LLMs) and Multi-Modal LLMs (MLLMs) have played a critical role in numerous scenarios. However, current LLM systems are vulnerable to prompt-based attacks, with jailbreaking attacks…

Cryptography and Security · Computer Science 2025-03-18 Xiaoyu Zhang , Cen Zhang , Tianlin Li , Yihao Huang , Xiaojun Jia , Ming Hu , Jie Zhang , Yang Liu , Shiqing Ma , Chao Shen

With the proliferation of Large Language Models (LLMs), the detection of misinformation has become increasingly important and complex. This research proposes an innovative verifiable misinformation detection LLM agent that goes beyond…

Artificial Intelligence · Computer Science 2025-08-06 Zikun Cui , Tianyi Huang , Chia-En Chiang , Cuiqianhe Du

Context: Traditional software security analysis methods struggle to keep pace with the scale and complexity of modern codebases, requiring intelligent automation to detect, assess, and remediate vulnerabilities more efficiently and…

Software Engineering · Computer Science 2026-01-14 Shaznin Sultana , Sadia Afreen , Nasir U. Eisty

Large Language Models (LLMs) and their agent systems have recently demonstrated strong potential in automating code reasoning and vulnerability detection. However, when applied to large-scale firmware, their performance degrades due to the…

Cryptography and Security · Computer Science 2025-11-25 Xiangrui Zhang , Zeyu Chen , Haining Wang , Qiang Li

Code generation large language models (LLMs) are increasingly integrated into modern software development workflows. Recent work has shown that these models are vulnerable to backdoor and poisoning attacks that induce the generation of…

Cryptography and Security · Computer Science 2026-03-19 Shenao Yan , Shimaa Ahmed , Shan Jin , Sunpreet S. Arora , Yiwei Cai , Yizhen Wang , Yuan Hong

The integration of Large Language Models (LLMs) into software engineering has driven a transition from traditional rule-based systems to autonomous agentic systems capable of solving complex problems. However, systematic progress is…

Software Engineering · Computer Science 2025-10-24 Jiale Guo , Suizhi Huang , Mei Li , Dong Huang , Xingsheng Chen , Regina Zhang , Zhijiang Guo , Han Yu , Siu-Ming Yiu , Pietro Lio , Kwok-Yan Lam

The widespread adoption of open-source software (OSS) has accelerated software innovation but also increased security risks due to the rapid propagation of vulnerabilities and silent patch releases. In recent years, large language models…

Cryptography and Security · Computer Science 2025-11-12 Junxiao Han , Zheng Yu , Lingfeng Bao , Jiakun Liu , Yao Wan , Jianwei Yin , Shuiguang Deng , Song Han

Deductive verification provides strong correctness guarantees for code by extracting verification conditions (VCs) and writing formal proofs for them. The expertise-intensive task of VC proving is the main bottleneck in this process, and…

Software Engineering · Computer Science 2026-03-24 Huan Zhao , Haoxin Tu , Zhengyao Liu , Martin Rinard , Abhik Roychoudhury

Detecting vulnerability fix commits in open-source software is crucial for maintaining software security. To help OSS identify vulnerability fix commits, several automated approaches are developed. However, existing approaches like…

Software Engineering · Computer Science 2025-01-28 Xu Yang , Wenhan Zhu , Michael Pacheco , Jiayuan Zhou , Shaowei Wang , Xing Hu , Kui Liu

As Large Language Models (LLMs) evolve in understanding and generating code, accurately evaluating their reliability in analyzing source code vulnerabilities becomes increasingly vital. While studies have examined LLM capabilities in tasks…

Software Engineering · Computer Science 2025-05-28 Yansong Li , Paula Branco , Alexander M. Hoole , Manish Marwah , Hari Manassery Koduvely , Guy-Vincent Jourdan , Stephan Jou

Security vulnerabilities are increasingly prevalent in modern software and they are widely consequential to our society. Various approaches to defending against these vulnerabilities have been proposed, among which those leveraging deep…

Cryptography and Security · Computer Science 2024-02-28 Yu Nong , Mohammed Aldeen , Long Cheng , Hongxin Hu , Feng Chen , Haipeng Cai

As large language models (LLMs) are increasingly adopted for code vulnerability detection, their reliability and robustness across diverse vulnerability types have become a pressing concern. In traditional adversarial settings, code…

Cryptography and Security · Computer Science 2025-12-19 Xiao Li , Yue Li , Hao Wu , Yue Zhang , Yechao Zhang , Fengyuan Xu , Sheng Zhong

Modern software relies on a multitude of automated testing and quality assurance tools to prevent errors, bugs and potential vulnerabilities. This study sets out to provide a head-to-head, quantitative and qualitative evaluation of six…

Software Engineering · Computer Science 2025-08-07 Damian Gnieciak , Tomasz Szandala

Eliminating vulnerabilities from low-level code is vital for securing software. Static analysis is a promising approach for discovering vulnerabilities since it can provide developers early feedback on the code they write. But, it presents…

Cryptography and Security · Computer Science 2016-04-07 Bhargava Shastry , Fabian Yamaguchi , Konrad Rieck , Jean-Pierre Seifert

Software vulnerabilities continue to be ubiquitous, even in the era of AI-powered code assistants, advanced static analysis tools, and the adoption of extensive testing frameworks. It has become apparent that we must not simply prevent…

The increasing frequency and sophistication of cybersecurity vulnerabilities in software systems underscores the need for more robust and effective vulnerability assessment methods. However, existing approaches often rely on highly…

Cryptography and Security · Computer Science 2025-05-21 Shivansh Chopra , Hussain Ahmad , Diksha Goel , Claudia Szabo