CoLeFunDa: Explainable silent vulnerability fix identification

CoLeFunDa: Explainable silent vulnerability fix identification

It is common practice for OSS users to leverage and monitor security advisories to discover newly disclosed OSS vulnerabilities and their corresponding patches for vulnerability remediation. It is common for vulnerability fixes to be publicly available one week earlier than their disclosure. This ga...

Full description

Saved in:

Bibliographic Details
Main Authors:	ZHOU, Jiayuan, PACHECO, Michael, CHEN, Jinfu, HU, Xing, XIA, Xin, LO, David, HASSAN, Ahmed E.
Format:	text
Language:	English
Published:	Institutional Knowledge at Singapore Management University 2023
Subjects:	Contrastive learning Data augmentation Disclosure policies Down-stream OSS vulnerability Potential impacts Security advisories User need Vulnerability disclosure Vulnerability remediations Databases and Information Systems Information Security
Online Access:	https://ink.library.smu.edu.sg/sis_research/8513 https://ink.library.smu.edu.sg/context/sis_research/article/9516/viewcontent/CoLeFunDa_Explainable_Silent_Vulnerability_Fix_Identification.pdf
Tags:	Add Tag No Tags, Be the first to tag this record!
Institution:	Singapore Management University
Language:	English

Similar Items

Vulnerability analysis of EMAP: An efficient RFID mutual authentication protocol
by: LI, Tieyan, et al.
Published: (2007)

Security slicing for auditing XML, XPath, and SQL injection vulnerabilities
by: THOME, Julian, et al.
Published: (2015)

Enhancing code vulnerability detection via vulnerability-preserving data augmentation
by: LIU, Shangqing, et al.
Published: (2024)

VulCurator: a vulnerability-fixing commit detector
by: NGUYEN, Truong Giang, et al.
Published: (2022)

Security slicing for auditing common injection vulnerabilities
by: THOME, Julian, et al.
Published: (2017)

Towards understanding Android system vulnerabilities: Techniques and insights
by: WU, Daoyuan, et al.
Published: (2019)

Automatic vulnerability detection and repair
by: MA, Siqi
Published: (2018)

Finding real world software vulnerabilities using ChatGPT
by: Wong, Sean Chun Foh
Published: (2024)

An empirical study of blockchain system vulnerabilities: modules, types, and patterns
by: YI, Xiao, et al.
Published: (2022)

Towards a hybrid framework for detecting input manipulation vulnerabilities
by: DING, Sun, et al.
Published: (2013)

Multi-Granularity Detector for Vulnerability Fixes
by: NGUYEN, Truong Giang, et al.
Published: (2023)

Finding RESTful API vulnerabilities using ChatGPT
by: Ho, Kenneth Jun Minn
Published: (2024)

On-the-fly Android static analysis with applications in vulnerability discovery
by: WU, Daoyuan
Published: (2019)

VuRLE: Automatic vulnerability detection and repair by learning from examples
by: MA SIQI,, et al.
Published: (2017)

sFuzz: An efficient adaptive fuzzer for solidity smart contracts
by: NGUYEN, Tai D., et al.
Published: (2020)

Learning program semantics for vulnerability detection via vulnerability-specific inter-procedural slicing
by: WU, Bozhi, et al.
Published: (2023)

SoFi: Reflection-augmented fuzzing for JavaScript engines
by: HE, Xiaoyu, et al.
Published: (2021)

Towards practical binary code similarity detection: vulnerability verification via patch semantic analysis
by: Yang, Shouguo, et al.
Published: (2024)

Orchestration or automation: Authentication flaw detection in Android apps
by: MA, Siqi, et al.
Published: (2022)

EXPLORING A TRANSDIAGNOSTIC COGNITIVE VULNERABILITY TO INTERNALIZING SYMPTOMS IN ADOLESCENTS
by: RUTH POH YI NING
Published: (2019)

Web application vulnerability prediction using hybrid program analysis and machine learning
by: SHAR, Lwin Khin, et al.
Published: (2014)

Mining input sanitization patterns for predicting SQL injection and cross site scripting vulnerabilities
by: SHAR, Lwin Khin, et al.
Published: (2012)

Techniques for identifying mobile platform vulnerabilities and detecting policy-violating applications
by: SU, Mon Kywe
Published: (2016)

Test mimicry to assess the exploitability of library vulnerabilities
by: KANG, Hong Jin, et al.
Published: (2022)

Vulnerability assessment of Tsunami affected tourism community: a case study of Koh Phi Phi, Thailand.
by: Kannapa Pongponrat
Published: (2015)

Automated removal of cross site scripting vulnerabilities in web applications
by: SHAR, Lwin Khin, et al.
Published: (2011)

Trans-boundary variations of urban drought vulnerability and its impact on water resource management in Singapore and Johor, Malaysia
by: Chuah, Chong Joon, et al.
Published: (2019)

Spatial heterogeneous of ecological vulnerability in arid and semi-arid area: A case of the Ningxia Hui autonomous region, China
by: Li, R., et al.
Published: (2021)

Remote sensing and GIS-based flood vulnerability assessment of human settlements: A case study of Gangetic West Bengal, India
by: Sanyal, J., et al.
Published: (2011)

An integrated approach for effective injection vulnerability analysis of web applications through security slicing and hybrid constraint solving
by: THOME, Julian, et al.
Published: (2018)

Simulation-based vulnerability assessment in transit systems with cascade failures
by: Chen, Hongyu, et al.
Published: (2022)

Software composition analysis for vulnerability detection: An empirical study on Java projects
by: ZHAO, Lida, et al.
Published: (2023)

A closer look at the security risks in the Rust ecosystem
by: ZHENG, Xiaoye, et al.
Published: (2023)

TOWARDS SECURE SMART CONTRACTS: A DEEP LEARNING APPROACH FOR DETECTING SECURITY THREATS
by: TAMER ABDELAZIZ ABDELMEGID MOHAMED
Published: (2024)

Automated identification of libraries from vulnerability data: can we do better?
by: HARYONO, Stefanus A., et al.
Published: (2022)

Vulnerability modeling, assessment, and improvement in urban metro systems: a probabilistic system dynamics approach
by: Chen, Hongyu, et al.
Published: (2022)

Discoursing Disasters: Vulnerability and Gaps in Rationalities
by: Rodriguez, Agustin Martin G
Published: (2016)

Metabolic alterations and vulnerabilities in hepatocellular carcinoma
by: Tenen, Daniel G., et al.
Published: (2022)

JoanAudit: A tool for auditing common injection vulnerabilities
by: THOME, Julian, et al.
Published: (2017)

Dimension index method for climate change vulnerability assessment
by: Duong, Hong Son, et al.
Published: (2017)