Multi-Granularity Detector for Vulnerability Fixes

Multi-Granularity Detector for Vulnerability Fixes

With the increasing reliance on Open Source Software, users are exposed to third-party library vulnerabilities. Software Composition Analysis (SCA) tools have been created to alert users of such vulnerabilities. SCA requires the identification of vulnerability-fixing commits. Prior works have propos...

Full description

Saved in:

Bibliographic Details
Main Authors:	NGUYEN, Truong Giang, CONG, Thanh Le, KANG, Hong Jin, WIDYASARI, Ratnadira, YANG, Chengran, ZHAO, Zhipeng, XU, Bowen, ZHOU, Jiayuan, XIA, Xin, HASSAN, Ahmed E., David LO, LO, David
Format:	text
Language:	English
Published:	Institutional Knowledge at Singapore Management University 2023
Subjects:	Vulnerability-fixing commit classification Machine learning Deep learning Software security Artificial Intelligence and Robotics Information Security
Online Access:	https://ink.library.smu.edu.sg/sis_research/8508 https://ink.library.smu.edu.sg/context/sis_research/article/9511/viewcontent/2305.13884.pdf
Tags:	Add Tag No Tags, Be the first to tag this record!
Institution:	Singapore Management University
Language:	English

Similar Items

VulCurator: a vulnerability-fixing commit detector
by: NGUYEN, Truong Giang, et al.
Published: (2022)

HERMES: using commit-issue linking to detect vulnerability-fixing commits
by: NGUYEN, Truong Giang, et al.
Published: (2022)

CoLeFunDa: Explainable silent vulnerability fix identification
by: ZHOU, Jiayuan, et al.
Published: (2023)

Security slicing for auditing common injection vulnerabilities
by: THOME, Julian, et al.
Published: (2017)

Combining Software Metrics and Text Features for Vulnerable File Prediction
by: ZHANG, Yun, et al.
Published: (2015)

Security slicing for auditing XML, XPath, and SQL injection vulnerabilities
by: THOME, Julian, et al.
Published: (2015)

JoanAudit: A tool for auditing common injection vulnerabilities
by: THOME, Julian, et al.
Published: (2017)

Automated removal of cross site scripting vulnerabilities in web applications
by: SHAR, Lwin Khin, et al.
Published: (2011)

Enhancing code vulnerability detection via vulnerability-preserving data augmentation
by: LIU, Shangqing, et al.
Published: (2024)

CHRONOS: Time-aware zero-shot identification of libraries from vulnerability reports
by: LYU, Yunbo, et al.
Published: (2023)

VuRLE: Automatic vulnerability detection and repair by learning from examples
by: MA SIQI,, et al.
Published: (2017)

Towards understanding Android system vulnerabilities: Techniques and insights
by: WU, Daoyuan, et al.
Published: (2019)

TOWARDS SECURE SMART CONTRACTS: A DEEP LEARNING APPROACH FOR DETECTING SECURITY THREATS
by: TAMER ABDELAZIZ ABDELMEGID MOHAMED
Published: (2024)

Test mimicry to assess the exploitability of library vulnerabilities
by: KANG, Hong Jin, et al.
Published: (2022)

Vulnerability analysis of EMAP: An efficient RFID mutual authentication protocol
by: LI, Tieyan, et al.
Published: (2007)

Automated identification of libraries from vulnerability data: can we do better?
by: HARYONO, Stefanus A., et al.
Published: (2022)

An empirical study of blockchain system vulnerabilities: modules, types, and patterns
by: YI, Xiao, et al.
Published: (2022)

Automated identification of libraries from vulnerability data
by: YANG, Chen, et al.
Published: (2020)

Value at risk for Philippine fixed income market
by: Rodriguez, Joshanna Mae Carteciano
Published: (2013)

A closer look at the security risks in the Rust ecosystem
by: ZHENG, Xiaoye, et al.
Published: (2023)

Learning program semantics for vulnerability detection via vulnerability-specific inter-procedural slicing
by: WU, Bozhi, et al.
Published: (2023)

Techniques for identifying mobile platform vulnerabilities and detecting policy-violating applications
by: SU, Mon Kywe
Published: (2016)

Web application vulnerability prediction using hybrid program analysis and machine learning
by: SHAR, Lwin Khin, et al.
Published: (2014)

Orchestration or automation: Authentication flaw detection in Android apps
by: MA, Siqi, et al.
Published: (2022)

Mining input sanitization patterns for predicting SQL injection and cross site scripting vulnerabilities
by: SHAR, Lwin Khin, et al.
Published: (2012)

On-the-fly Android static analysis with applications in vulnerability discovery
by: WU, Daoyuan
Published: (2019)

Towards a hybrid framework for detecting input manipulation vulnerabilities
by: DING, Sun, et al.
Published: (2013)

A machine learning approach for vulnerability curation
by: CHEN, Yang, et al.
Published: (2020)

Student Vulnerabilities and Confidence in Learning in the Context of the COVID-19 Pandemic
by: Bartolic, Silvia K, et al.
Published: (2022)

Model gene network by semi-fixed Bayesian network
by: Liu, T.-F., et al.
Published: (2013)

Empirical evaluation of hyper-parameter optimization techniques for deep learning-based malware detectors
by: SHAR, Lwin Khin, et al.
Published: (2024)

Predicting viral rumors and vulnerable users with graph-based neural multi-task learning for infodemic surveillance
by: ZHANG, Xuan, et al.
Published: (2024)

DronLomaly: Runtime log-based anomaly detector for DJI drones
by: MINN, Wei, et al.
Published: (2024)

Experimental comparison of features, analyses, and classifiers for Android malware detection
by: SHAR, Lwin Khin, et al.
Published: (2023)

Smart Learning to Find Dumb Contracts
by: Tamer Abdelaziz, et al.
Published: (2023)

SoFi: Reflection-augmented fuzzing for JavaScript engines
by: HE, Xiaoyu, et al.
Published: (2021)

Topic recommendation for GitHub repositories: How far can extreme multi-label learning go?
by: WIDYASARI, Ratnadira, et al.
Published: (2023)

CDRep: Automatic repair of cryptographic-misuses in Android applications
by: MA, Siqi, et al.
Published: (2016)

Discovering Temporal Patterns in Multiple Granularities
by: LI, Yingjiu, et al.
Published: (2000)

An improved vulnerability exploitation prediction model with novel cost function and custom trained word vector embedding
by: Mohammad Shamsul Hoque, et al.
Published: (2022)