Search Results

Vulnerability detection is a critical research topic. However, the performance of existing neural network-based approaches requires further improvement. The emergence of large language models (LLMs) has demonstrated their superior performance in ...

As software systems evolve to meet the changing needs of users, understanding the source code becomes a critical step in the process. Clustering techniques, also known as modularization techniques, offer a solution to breaking down complex source code ...

In recent years, numerous Machine Learning (ML) models, including Deep Learning (DL) and classic ML models, have been developed to detect software vulnerabilities. However, there is a notable lack of comprehensive and systematic surveys that summarize, ...

Existing software vulnerability detection methods based on deep-learning and large language models are effective in the identification of vulnerable source code snippets. Their effectiveness, however, decreases when applied to localize the ...

A large literature exists that investigates the use of learning models for vulnerabilities detection. Even if it is well-recognized that the presence of code weaknesses (CWEs) in code fragments can make them vulnerable, most of the effort has been ...

Passwords play a crucial role in authentication, ensuring that only authorised entities can access sensitive information. However, user password choices are often weak and predictable, making them susceptible to cyber-attacks. Additionally, hard-...

Seismic data visualization in 3D space is a valuable interpretation tool. Several open-source visualization tools are available. However, little explanation is provided about the inner working of visualization process. The current work discusses ...

• Low-level structure of seismic visualization explained in detail with code.
• Texture and shader notions are discussed in application to 3D seismic visualization.
• “Hello world” equivalent source code for 3D seismic data ...

Recently, automatic vulnerability detection approaches based on machine learning (ML) have outperformed traditional rule-based approaches in terms of detection performance. Existing ML-based approaches typically concentrate on function or line ...

The proliferation of the Internet of Things (IoT) paradigm has ushered in a new era of connectivity and convenience. Consequently, rapid IoT expansion has introduced unprecedented security challenges , among which source code vulnerabilities ...

Vulnerability identification is crucial to protecting software systems from attacks. Although numerous learning-based solutions have been suggested to assist in vulnerability identification, these approaches often face challenges due to the ...

Recently, software variants are adopted to build software product lines in the industry. In this adoption, the available assets (features, source code, design documents, etc.) are reused to build a software product line rather than ...

Software vulnerabilities have confused software developers for a long time. Vulnerability classification is thus crucial, through which we can know the specific type of vulnerability and then conduct targeted ...

Vulnerability severity assessment is an important part of vulnerability management that can help security personnel determine the priority of vulnerability repair work.

Aiming ...

Although Technical Debt (TD) has increasingly gained attention in recent years, most studies exploring TD are based on a single source (e.g., source code, code comments or issue trackers).

Adversarial training has been employed by researchers to protect AI models of source code. However, it is still unknown how adversarial training methods in this field compare to each other in effectiveness and robustness. This study ...

• Defining four dimensions to classify adversarial training methods in code domain

Specifying properties over the behaviour of components of Cyber-Physical Systems usually focuses on the behaviour of signals, i.e., the behaviour of the physical part of the system, leaving the behaviour of the cyber components implicit. There ...

Software code comprehension is strongly dependent on identifier names; therefore, software developers spend a lot of time assigning suitable names to identifiers. Manually suggesting a good name is a time taking and hard problem for ...

• We have proposed a novel approach for class name prediction in tokenized manner.

Free trade agreements are increasingly used to construct an additional layer of protection for source code of software. This comes in the shape of a new prohibition for governments to require access to, or transfer of, source code of software, subject to ...

Software Architecture (SA) and Source Code (SC) are two intertwined artefacts that represent the interdependent design decisions made at different levels of abstractions - High-Level (HL) and Low-Level (LL). An ...

Recently, fork-based development has shown to be an easy and straightforward technique to reuse the source code of existing projects (upstream projects and their forks) in open source communities (for example, ...