An empirical study of secret security patch in open source software

[Free GPT-4]
[PDF] arxiv.org

Silent vulnerable dependency alert prediction with vulnerability key aspect explanation

J Sun, Z **ng, Q Lu, X Xu, L Zhu… - 2023 IEEE/ACM 45th …, 2023 - ieeexplore.ieee.org
Due to convenience, open-source software is widely used. For beneficial reasons, open-
source maintainers often fix the vulnerabilities silently, exposing their users unaware of the …
Save Cite Cited by 10 Related articles All 5 versionsFree GPT-4
[Free GPT-4]
[PDF] arxiv.org

Multilevel semantic embedding of software patches: a fine-to-coarse grained approach towards security patch detection

X Tang, S Ezzini, H Tian, Y Song, J Klein… - arxiv preprint arxiv …, 2023 - arxiv.org
The growth of open-source software has increased the risk of hidden vulnerabilities that can
affect downstream software applications. This concern is further exacerbated by software …
Save Cite Cited by 4 Related articles All 4 versionsFree GPT-4 View as HTML
[Free GPT-4]
[PDF] arxiv.org

Learning Graph-based Patch Representations for Identifying and Assessing Silent Vulnerability Fixes

M Han, L Wang, J Chang, B Li… - 2024 IEEE 35th …, 2024 - ieeexplore.ieee.org
Software projects are dependent on many third-party libraries, therefore high-risk
vulnerabilities can propagate through the dependency chain to downstream projects. Owing …
Save Cite Related articles All 3 versionsFree GPT-4
[Free GPT-4]
[PDF] acm.org

Strengthening Supply Chain Security with Fine-grained Safe Patch Identification

C Luo, W Meng, S Wang - Proceedings of the IEEE/ACM 46th …, 2024 - dl.acm.org
Enhancing supply chain security is crucial, often involving the detection of patches in
upstream software. However, current security patch analysis works yield relatively low recall …
Save Cite Related articles All 6 versionsFree GPT-4

AI-Enhanced Software Vulnerability and Security Patch Analysis

X Wang - 2023 - search.proquest.com
With the increasing popularity of open-source software (OSS), their embedded
vulnerabilities have been widely propagating to downstream software. Although timely …
Save Cite Cited by 2 Related articles
[Free GPT-4]
[PDF] uvic.ca

Understanding the social aspects of software security

S Yousefi - 2021 - dspace.library.uvic.ca
Context: Security is a critical non-functional requirement that remains to be adequately
addressed in software development. Security breaches occur with surprising regularity and …
Save Cite Related articles All 3 versionsFree GPT-4 View as HTML
[Free GPT-4]
[PDF] openreview.net

Semantic Patch Embedding for Security Detection: A Fine-to-Coarse Grained Approach

X Tang, Y Song, H Tian, Z Chen, J Klein… - The Second Tiny Papers … - openreview.net
The surge in open-source software usage has heightened the risk of concealed
vulnerabilities impacting downstream applications. Compounded by vendors silently …
Save Cite Related articles View as HTML
[Free GPT-4]
[PDF] infocomm-journal.com

面向项目版本差异性的漏洞识别技术研究

黄诚, 孙明旭, 段仁语, 吴苏晟, 陈斌 - 网络与信息安全学报, 2022 - infocomm-journal.com
开源代码托管**台为软件开发行业带来了活力和机遇, 但存在诸多安全隐患.
开源代码的不规范性, 项目依赖库的复杂性, 漏洞披露**台收集漏洞的被动性等问题都影响着 …
Save Cite Related articles All 3 versionsFree GPT-4

[CITATION][C] Improving Quality of Programming and Software through Knowledge Graph Construction and Application

SUN Jiamou - 2023 - The Australian National University
Save Cite Related articles
[Free GPT-4]
[PDF] zju.edu.cn

[CITATION][C] 开源软件供应链安全研究综述

纪守领, 王琴应, 陈安莹, 赵彬彬, 叶童, 张旭鸿… - 软件学报, 2022
Save Cite Cited by 2 Related articles All 6 versionsFree GPT-4