Search Results for author:
Found 14 papers, 7 papers with code
Are Latent Vulnerabilities Hidden Gems for Software Vulnerability Prediction? An Empirical Study
To bridge these gaps, we conduct a large-scale study on the latent vulnerable functions in two commonly used SV datasets and their utilization for function-level and line-level SV predictions.
METAL: Metamorphic Testing Framework for Analyzing Large-Language Model Qualities
Through the experiments conducted with three prominent LLMs, we have confirmed that the METAL framework effectively evaluates essential QAs on primary LLM tasks and reveals the quality risks in LLMs.
Interpretability and Transparency-Driven Detection and Transformation of Textual Adversarial Examples (IT-DT)
It focuses on interpretability and transparency in detecting and transforming textual adversarial examples.
On the Use of Fine-grained Vulnerable Code Statements for Software Vulnerability Assessment Models
We show that vulnerable statements are 5. 8 times smaller in size, yet exhibit 7. 5-114. 5% stronger assessment performance (Matthews Correlation Coefficient (MCC)) than non-vulnerable statements.
Automated Security Assessment for the Internet of Things
This security model automatically assesses the security of the IoT network by capturing potential attack paths.
DeepCVA: Automated Commit-level Vulnerability Assessment with Deep Multi-task Learning
It is increasingly suggested to identify Software Vulnerabilities (SVs) in code commits to give early warnings about potential security risks.
A Survey on Data-driven Software Vulnerability Assessment and Prioritization
Software Vulnerabilities (SVs) are increasing in complexity and scale, posing great security risks to many software systems.
ReinforceBug: A Framework to Generate Adversarial Textual Examples
Adversarial Examples (AEs) generated by perturbing original training examples are useful in improving the robustness of Deep Learning (DL) based models.
End-Users' Knowledge and Perception about Security of Mobile Health Apps: A Case Study with Two Saudi Arabian mHealth Providers
Findings indicate that majority of the end-users are aware of the existing security features provided by the apps (e. g., restricted app permissions); however, they desire usable security (e. g., biometric authentication) and are concerned about privacy of their health information (e. g., data anonymization).
Cryptography and Security Software Engineering
Machine Learning for Detecting Data Exfiltration: A Review
Objective: This paper aims at systematically reviewing ML-based data exfiltration countermeasures to identify and classify ML approaches, feature engineering techniques, evaluation datasets, and performance metrics used for these countermeasures.
Challenges in Docker Development: A Large-scale Study Using Stack Overflow
As a fast-growing technology, it is important to identify the Docker-related topics that are most popular as well as existing challenges and difficulties that developers face.
Reliability and Robustness analysis of Machine Learning based Phishing URL Detectors
Therefore, the security vulnerabilities of these systems, in general, remain primarily unknown which calls for testing the robustness of these systems.
PUMiner: Mining Security Posts from Developer Question and Answer Websites with PU Learning
Using PUMiner, we provide the largest and up-to-date security content on Q&A websites for practitioners and researchers.
Deep Learning for Source Code Modeling and Generation: Models, Applications and Challenges
Deep Learning (DL) techniques for Natural Language Processing have been evolving remarkably fast.
