Interpreters for GNN-based vulnerability detection: Are we there yet?
Traditional vulnerability detection methods have limitations due to their need for extensive
manual labor. Using automated means for vulnerability detection has attracted research …
manual labor. Using automated means for vulnerability detection has attracted research …
Vulnerabilities and Security Patches Detection in OSS: A Survey
R Lin, Y Fu, W Yi, J Yang, J Cao, Z Dong, F **e… - ACM Computing …, 2024 - dl.acm.org
Over the past decade, Open Source Software (OSS) has experienced rapid growth and
widespread adoption, attributed to its openness and editability. However, this expansion has …
widespread adoption, attributed to its openness and editability. However, this expansion has …
GraphSPD: Graph-based security patch detection with enriched code semantics
With the increasing popularity of open-source software, embedded vulnerabilities have been
widely propagating to downstream software. Due to different maintenance policies, software …
widely propagating to downstream software. Due to different maintenance policies, software …
Patchdb: A large-scale security patch dataset
Security patches, embedding both vulnerable code and the corresponding fixes, are of great
significance to vulnerability detection and software maintenance. However, the existing …
significance to vulnerability detection and software maintenance. However, the existing …
Enhancing vulnerability detection via AST decomposition and neural sub-tree encoding
The explosive growth of software vulnerabilities poses a serious threat to the system security
and has become one of the urgent problems of the day. However, existing vulnerability …
and has become one of the urgent problems of the day. However, existing vulnerability …
Llm-powered code vulnerability repair with reinforcement learning and semantic reward
In software development, the predominant emphasis on functionality often supersedes
security concerns, a trend gaining momentum with AI-driven automation tools like GitHub …
security concerns, a trend gaining momentum with AI-driven automation tools like GitHub …
ModX: binary level partially imported third-party library detection via program modularization and semantic matching
With the rapid growth of software, using third-party libraries (TPLs) has become increasingly
popular. The prosperity of the library usage has provided the software engineers with a …
popular. The prosperity of the library usage has provided the software engineers with a …
Locating the security patches for disclosed oss vulnerabilities with vulnerability-commit correlation ranking
Security patches play an important role in defending against the security threats brought by
the increasing OSS vulnerabilities. However, the collection of security patches still remains a …
the increasing OSS vulnerabilities. However, the collection of security patches still remains a …
Survey of source code vulnerability analysis based on deep learning
C Liang, Q Wei, J Du, Y Wang, Z Jiang - Computers & Security, 2025 - Elsevier
Amidst the rapid development of the software industry and the burgeoning open-source
culture, vulnerability detection within the software security domain has emerged as an ever …
culture, vulnerability detection within the software security domain has emerged as an ever …
Tracer: Signature-based static analysis for detecting recurring vulnerabilities
Similar software vulnerabilities recur because developers reuse existing vulnerable code, or
make similar mistakes when implementing the same logic. Recently, various analysis …
make similar mistakes when implementing the same logic. Recently, various analysis …