Researchers have recently achieved significant advances in deep learning techniques,
which in turn has substantially advanced other research disciplines, such as natural …

In this work we systematically review the recent advancements in software engineering with
language models, covering 70+ models, 40+ evaluation tasks, 180+ datasets, and 900 …

Modern software and networks underpin our digital society, yet the rapid growth of
vulnerabilities that are uncovered within these threaten our cyber security posture …

Coverage-guided fuzzing has become mainstream in fuzzing to automatically expose
program vulnerabilities. Recently, a group of fuzzers are proposed to adopt a random search …

Real-world programs expecting structured inputs often has a format-parsing stage gating the
deeper program space. Neither a mutation-based approach nor a generative approach can …

Existing software composition analysis (SCA) techniques for the C/C++ ecosystem tend to
identify the reused components through feature matching between target software project …

As a widely-used platform to support various Java-bytecode-based applications, Java Virtual
Machine (JVM) incurs severe performance loss caused by its real-time program …

To date, various hybrid fuzzers have been proposed for maximal program vulnerability
exposure by integrating the power of fuzzing strategies and concolic executors. While the …

While third-party libraries (TPLs) are extensively reused to enhance productivity during
software development, they can also introduce potential security risks such as vulnerability …

While the Java Virtual Machine (JVM) plays a vital role in ensuring correct executions of
Java applications, testing JVMs via generating and running class files on them can be rather …