English
Related papers

Related papers: MAS-SZZ: Multi-Agentic SZZ Algorithm for Vulnerabi…

200 papers

The SZZ algorithm is the dominant technique for identifying bug-inducing commits and underpins many software engineering tasks, such as defect prediction and vulnerability analysis. Despite numerous variants, including recent LLM-based…

Software Engineering · Computer Science 2026-04-06 Yunbo Lyu , Jieke Shi , Hong Jin Kang , Ratnadira Widyasari , Junda He , Yuqing Niu , Chengran Yang , Junkai Chen , Zhou Yang , Julia Lawall , David Lo

The SZZ algorithm is the dominant technique for identifying bug-inducing commits and serves as a foundation for many software engineering studies, such as bug prediction and static code analysis. Researchers have proposed many variants to…

Software Engineering · Computer Science 2025-04-03 Lingxiao Tang , Jiakun Liu , Zhongxin Liu , Xiaohu Yang , Lingfeng Bao

In the multi-commit development model, programmers complete tasks (e.g., implementing a feature) by organizing their work in several commits and packaging them into a commit-set. Analyzing data from developers using this model can be useful…

The SZZ algorithm is used to connect bug-fixing commits to the earlier commits that introduced bugs. This algorithm has many applications and many variants have been devised. However, there are some types of commits that cannot be traced by…

Software Engineering · Computer Science 2024-06-10 Yunbo Lyu , Hong Jin Kang , Ratnadira Widyasari , Julia Lawall , David Lo

The SZZ algorithm represents a standard way to identify bug fixing commits as well as inducing counterparts. It forms the basis for data sets used in numerous empirical studies. Since its creation, multiple extensions have been proposed to…

Software Engineering · Computer Science 2022-09-29 Peter Bludau , Alexander Pretschner

The SZZ algorithm for identifying bug-inducing changes has been widely used to evaluate defect prediction techniques and to empirically investigate when, how, and by whom bugs are introduced. Over the years, researchers have proposed…

Software Engineering · Computer Science 2021-02-10 Giovanni Rosa , Luca Pascarella , Simone Scalabrino , Rosalia Tufano , Gabriele Bavota , Michele Lanza , Rocco Oliveto

Many software engineering maintenance tasks require linking a commit that induced a bug with the commit that later fixed that bug. Several existing SZZ algorithms provide a way to identify the potential commit that induced a bug when given…

Software Engineering · Computer Science 2024-11-20 Salomé Perez-Rosero , Robert Dyer , Samuel W. Flint , Shane McIntosh , Witawas Srisa-an

Identifying Bug-Inducing Commits (BICs) is fundamental for understanding software defects and enabling downstream tasks such as defect prediction and automated program repair. Yet existing SZZ-based approaches rely on git blame, restricting…

Software Engineering · Computer Science 2026-05-11 Yu Shi , Hao Li , Bram Adams , Ahmed E. Hassan

Software vulnerabilities pose critical security threats, with nearly 50,000 CVEs reported in 2025. While Large Language Models (LLMs) show promise for automated vulnerability detection, three key challenges remain. First, LLM-generated…

Cryptography and Security · Computer Science 2026-05-22 Ze Sheng , Zhicheng Chen , Qingxiao Xu , Kewen Zhu , Jeff Huang

\'Sliwerski, Zimmermann, and Zeller (SZZ) just won the 2026 ACM SIGSOFT Impact Award for asking: When do changes induce fixes? Their paper from 2005 served as the foundation for a wide array of approaches aimed at identifying…

Software Engineering · Computer Science 2026-04-01 Niklas Risse , Marcel Böhme

The lack of reliable sources of detailed information on the vulnerabilities of open-source software (OSS) components is a major obstacle to maintaining a secure software supply chain and an effective vulnerability management process.…

Cryptography and Security · Computer Science 2025-03-18 Antonino Sabetta , Michele Bezzi

Secure code review is critical at the pre-commit stage, where vulnerabilities must be caught early under tight latency and limited-context constraints. Existing SAST-based checks are noisy and often miss immature, context-dependent…

Cryptography and Security · Computer Science 2026-01-28 Wachiraphan Charoenwet , Kla Tantithamthavorn , Patanamon Thongtanunam , Hong Yi Lin , Minwoo Jeong , Ming Wu

The rapid advancement of Large Language Models (LLMs) presents new opportunities for automated software vulnerability detection, a crucial task in securing modern codebases. This paper presents a comparative study on the effectiveness of…

Software Engineering · Computer Science 2026-01-05 Md Hasan Saju , Maher Muhtadi , Akramul Azim

Defects, or bugs, often form during software development. Identifying the root cause of defects is essential to improve code quality, evaluate testing methods, and support defect prediction. Examples of defect-inducing changes can be found…

Software Engineering · Computer Science 2023-09-08 Kalvin Eng , Abram Hindle , Alexander Senchenko

Large language model (LLM) based web agents are increasingly deployed to automate complex online tasks by directly interacting with web sites and performing actions on users' behalf. While these agents offer powerful capabilities, their…

Cryptography and Security · Computer Science 2026-02-11 Georgios Syros , Evan Rose , Brian Grinstead , Christoph Kerschbaumer , William Robertson , Cristina Nita-Rotaru , Alina Oprea

Critical open source software systems undergo significant validation in the form of lengthy fuzz campaigns. The fuzz campaigns typically conduct a biased random search over the domain of program inputs, to find inputs which crash the…

Cryptography and Security · Computer Science 2024-11-22 Yuntong Zhang , Jiawei Wang , Dominic Berzin , Martin Mirchev , Dongge Liu , Abhishek Arya , Oliver Chang , Abhik Roychoudhury

The sources of reliable, code-level information about vulnerabilities that affect open-source software (OSS) are scarce, which hinders a broad adoption of advanced tools that provide code-level detection and assessment of vulnerable OSS…

Software Engineering · Computer Science 2021-05-10 Therese Fehrer , Rocío Cabrera Lozoya , Antonino Sabetta , Dario Di Nucci , Damian A. Tamburri

Open-source software (OSS) vulnerability management process is important nowadays, as the number of discovered OSS vulnerabilities is increasing over time. Monitoring vulnerability-fixing commits is a part of the standard process to prevent…

Cryptography and Security · Computer Science 2022-09-08 Truong Giang Nguyen , Thanh Le-Cong , Hong Jin Kang , Xuan-Bach D. Le , David Lo

As LLM-based Multi-Agent Systems (MAS) are increasingly deployed for complex tasks, ensuring their reliability has become a pressing challenge. Since MAS coordinate through unstructured natural language rather than rigid protocols, they are…

Software Engineering · Computer Science 2026-02-24 Jin Jia , Zhiling Deng , Zhuangbin Chen , Yingqi Wang , Zibin Zheng

Detecting vulnerability fix commits in open-source software is crucial for maintaining software security. To help OSS identify vulnerability fix commits, several automated approaches are developed. However, existing approaches like…

Software Engineering · Computer Science 2025-01-28 Xu Yang , Wenhan Zhu , Michael Pacheco , Jiayuan Zhou , Shaowei Wang , Xing Hu , Kui Liu
‹ Prev 1 2 3 10 Next ›