summary_6dec2018.md

[ { "abstract": "11 Jul 2018 ... learning on source code is a promising approach for automated software vulnerability ... techniques to discover code vulnerability patterns. In this .... build off approaches developed for natural language processing. (NLP) [22].", "title": "[PDF] Automated Vulnerability Detection in Source Code Using ... - arXiv", https://arxiv.org/pdf/1807.04320 },

{ "abstract": "8 Aug 2017 ... ... code as a form of text and leveraging Natural Language Processing (NLP) ... source code file as a collection of code tokens associated with.", "title": "[PDF] Automatic feature learning for vulnerability prediction - arXiv", https://arxiv.org/pdf/1708.02368 },

{ "abstract": "24 Jul 2018 ... tool for C language programs, where the components are functions. We will .... (2) source-code location of the vulnerable instruction, and.", "title": "[PDF] Automatically Assessing Vulnerabilities Discovered by ... - arXiv", https://arxiv.org/pdf/1807.09160 },

{ "abstract": "7 Aug 2018 ... intermediate language representation of the binary's assembly instructions ... values). In dynamic analysis systems, binaries and source code.", "title": "[PDF] Survey of Automated Vulnerability Detection and Exploit ... - arXiv", https://arxiv.org/pdf/1702.06162 },

{ "abstract": "10 Apr 2015 ... programming languages and vulnerability types. The paper is organized ... i.e., the set of changes performed in the source code of the library in ...", "title": "[PDF] Impact assessment for vulnerabilities in open-source ... - arXiv", https://arxiv.org/pdf/1504.04971 },

{ "abstract": "6 Feb 2013 ... The five vulnerabilities we study in this paper are: (1) Resource Injection, (2) Path ... vulnerabilities in software developed in any other programming language. We use the Fortify Source Code Analyzer to conduct the source ...", "title": "Source Code Analysis to Remove Security Vulnerabilities in Java ...", https://arxiv.org/abs/1302.1338 },

{ "abstract": "5 Jan 2018 ... mind with these limitations: Given the source code of a target program, how .... language processing may be suitable for vulnerability detection.", "title": "[PDF] VulDeePecker: A Deep Learning-Based System for Vulnerability ...", https://arxiv.org/pdf/1801.01681 },

{ "abstract": "These source codes contained common security vulnerabilities including: failure to .... many source code languages including: Java, C/C++, PHP, COBOL, ASP,.", "title": "[PDF] Evaluation of Static Analysis Tools for Finding Vulnerabilities ... - arXiv", https://arxiv.org/pdf/1805.09040 },

{ "abstract": "14 Feb 2018 ... With the wealth of open source code available for analysis, there is an ... of bugs that can lead to security vulnerabilities directly from data.", "title": "Automated software vulnerability detection with machine learning", https://arxiv.org/abs/1803.04497 },

{ "abstract": "28 Sep 2017 ... or libraries, including the complicated cross-language data handling ... source code, configuration files, and/or execution environments.", "title": "[PDF] Secure Coding Practices in Java: Challenges and Vulnerabilities", https://arxiv.org/pdf/1709.09970 },

{ "abstract": "28 Mar 2012 ... Buffer Overflow has been the Major threat for security vulnerability in the last ..... the asserted source code that is expressed in Java Language.", "title": "[PDF] software security analysis dynamic and static buffer code ... - arXiv", https://arxiv.org/pdf/1208.3205 },

{ "abstract": "expressions from the source code of a target application to synthe- size patches. ..... vulnerability CVE-2007-1887 [35] in PHP, a scripting language in- terpreter.", "title": "[PDF] Sound Patch Generation for Vulnerabilities - arXiv", https://arxiv.org/pdf/1711.11136 },

{ "abstract": "15 Jan 2017 ... many languages provide extensive support for regular expression matching. ... for reasoning about input sanitization at the source-code level.", "title": "[PDF] Static Detection of DoS Vulnerabilities in Programs that use ... - arXiv", https://arxiv.org/pdf/1701.04045 },

{ "abstract": "12 Jul 2018 ... of Known Vulnerabilities in Open-source Software. [PRE-PRINT]. Serena Elisa .... in natural language, whereas a reliable assessment of the ex- ploitability and the ... comparing the source code of the first and the last commit.", "title": "[PDF] arXiv:1806.05893v3 [cs.CR] 12 Jul 2018", https://arxiv.org/pdf/1806.05893 },

{ "abstract": "28 Oct 2018 ... In our case, bad source code (that contains a vulnerability) takes the ... performance on language translation and correction tasks [3, 4, 5, 6].", "title": "[PDF] Learning to Repair Software Vulnerabilities with Generative ... - arXiv", https://arxiv.org/pdf/1805.07475 },

{ "abstract": "7 Sep 2018 ... and its domain-speci c programming language, Solidity, to provide the rst body .... source code and automatically checks smart contracts for se-.", "title": "[PDF] Empirical Vulnerability Analysis of Automated Smart ... - arXiv", https://arxiv.org/pdf/1809.02702 },

{ "abstract": "6 Jul 2018 ... sources of advisories and vulnerability data, such as the National Vulnerability ... the source code changes introduced by commits as documents written in ... documents written in natural language, classifying them using.", "title": "[PDF] A Practical Approach to the Automatic Classification of Security ...", https://arxiv.org/pdf/1807.02458 },

{ "abstract": "10 Apr 2017 ... als suffer from severe security vulnerabilities, such as cross-site scripting. (XSS) ... alyzed 64,415 PHP codebases hosted on GitHub thus far, and found a ... damental construct for any programming language, we prototype our ...", "title": "[PDF] Leveraging Flawed Tutorials for Seeding Large-Scale Web ...", https://arxiv.org/pdf/1704.02786 },

{ "abstract": "6 Jul 2018 ... Standard sources of advisories and vulnerability data, such as the National Vulnerability ... We treat the source code changes introduced by commits as documents written in natural language, classifying them using standard ...", "title": "A Practical Approach to the Automatic Classification of Security ...", https://arxiv.org/abs/1807.02458 },

{ "abstract": "source software it is reasonable to expect a rise in malicious code ..... programming languages, and embedded devices so vulnerabilities can have a ...", "title": "[PDF] Timelines for In-Code Discovery of Zero-Day Vulnerabilities ... - arXiv", https://arxiv.org/pdf/1808.10062 },

{ "abstract": "18 May 2018 ... Computer Science > Computation and Language ... adversarial learning approach that maps from one discrete source domain to another ... problems similar to code repair, such as grammar correction or sentiment translation.", "title": "Learning to Repair Software Vulnerabilities with Generative ...", https://arxiv.org/abs/1805.07475 },

{ "abstract": "1 Dec 2017 ... annotations on top-level definitions in the source code. The compiler then uses a static ... secret data in applications written in low-level languages ... data, but many other vulnerabilities and attacks have been reported [1, 2, 4 ...", "title": "[PDF] An Instrumenting Compiler for Enforcing Confidentiality in ... - arXiv", https://arxiv.org/pdf/1711.11396 },

{ "abstract": "Fuzzing, Fuzzer, Smart contract, Vulnerability, Test oracle,. Ethereum ... https://github.com/gongbell/ContractFuzzer ... Second, the programming languages (e.g.,.", "title": "[PDF] Fuzzing Smart Contracts for Vulnerability Detection - arXiv", https://arxiv.org/pdf/1807.03932 },

{ "abstract": "2 Aug 2018 ... to the Common Vulnerabilities and Exposures database ... source code with methods applied to artifacts extracted from the ... to any language.", "title": "[PDF] arXiv:1803.04497v2 [cs.SE] 2 Aug 2018", https://arxiv.org/pdf/1803.04497 },

{ "abstract": "10 Sep 2017 ... application source code and the environment in which the .... Table 1: Available exploits in TestREx corpus. Language. Exploits. Source. PHP.", "title": "[PDF] TestREx: a Framework for Repeatable Exploits", https://arxiv.org/pdf/1709.03084 },

{ "abstract": "21 Aug 2018 ... I. INTRODUCTION. Predicting security defects in source code is of significant ... hundreds of vulnerabilities in the Common Weakness Enumer- ation standard ... [11]; and a language modeling technique that represents words.", "title": "[PDF] Towards security defect prediction with AI - arXiv", https://arxiv.org/pdf/1808.09897 },

{ "abstract": "26 Jun 2007 ... ... at runtime, make them vulnerable to malicious code injection. ... and in behaviors related to the use of the Java language. Standard Services are not considered. To support this audit, a Semi-formal Vulnerability Pattern is defined, that ... of the proof-of-concept OSGi Bundles that exploit the vulnerability.", "title": "Java Components Vulnerabilities-An Experimental Classification ...", https://arxiv.org/abs/0706.3812 },

{ "abstract": "add code that will potentially lead to vulnerabilities. We make the following two ... closed-source applications that use SSL within the appli- cation. ... age manifest would require a Turing complete sub-language. Rather, our goal is to provide an ...", "title": "[PDF] An Application Package Configuration Approach to ... - William Enck", https://arxiv.org/pdf/1410.7745 },

{ "abstract": "3 Oct 2018 ... hosting services such as GitHub are full of such packages. These limitations ... target [10], the more recent research has focused on language-.", "title": "[PDF] An Empirical Analysis of Vulnerabilities in Python Packages ... - arXiv", https://arxiv.org/pdf/1810.13310 },

{ "abstract": "19 Jul 2018 ... 1 INTRODUCTION. The Spectre [7] and Meltdown [9] vulnerabilities in modern proces- ... than at the source code level. This is because ... gramming language level as evidenced by the vulnerable code pat- terns detected by ...", "title": "[PDF] oo7: Low-overhead Defense against Spectre Attacks via ... - arXiv", https://arxiv.org/pdf/1807.05843 },

{ "abstract": "30 May 2018 ... A Survey of Automatic Software Vulnerability Detection,. Exploitation and ..... dependence on the source code, the exploit samples being limited by ..... natural-language processing to extract semantic information by analyzing ...", "title": "[PDF] The Coming Era of AlphaHacking? - arXiv", https://arxiv.org/pdf/1805.11001 },

{ "abstract": "8 Oct 2018 ... cryptography, language paradigms and program analysis. Com- pared to ... is available at https://github.com/RigorityJ/rigorityj.2. 4) We gained ...", "title": "[PDF] Deployment-quality Detection of Java Cryptographic Vulnerabilities", https://arxiv.org/pdf/1806.06881 },

{ "abstract": "bring strong security benefits, since a vulnerability in one compo- nent need not ... this feasible in practice, the amount of source code to be verified or audited has to ... our criterion applies to unsafe source languages with undefined behaviors.", "title": "[PDF] When Good Components Go Bad - arXiv", https://arxiv.org/pdf/1802.00588 },

{ "abstract": "14 Mar 2018 ... vulnerabilities: finding contracts that either lock funds indefinitely, leak them ... Machine and its programming language called Solidity. Contracts are ... Ethereum smart contracts, without requiring source code access. In total ...", "title": "[PDF] arXiv:1802.06038v2 [cs.CR] 14 Mar 2018", https://arxiv.org/pdf/1802.06038 },

{ "abstract": "8 Aug 2017 ... created Ghera, an open source repository of vulnerability bench- marks4. ..... possible, the source code of the benchmark should be included as part of the ..... on Programming Language Design and Implementation. ACM ...", "title": "[PDF] Ghera: A Repository of Android App Vulnerability Benchmarks - arXiv", https://arxiv.org/pdf/1708.02380 },

{ "abstract": "5 Jul 2018 ... expert manpower through the analysis of the source code and the acquisition of ... code of solidity (Ethereum smart contract develop language) into. RGB color ... vant vulnerabilities to repair and reduce smart contracts without.", "title": "[PDF] Hunting the Ethereum Smart Contract: Color-inspired ... - arXiv", https://arxiv.org/pdf/1807.01868 },

{ "abstract": "31 Aug 2018 ... and exploring total recall language processing problems in software ..... base looking for the few source code files that contain vulnerabilities.", "title": "[PDF] Total Recall, Language Processing, and Software Engineering - arXiv", https://arxiv.org/pdf/1809.00039 },

{ "abstract": "if a participant faces issues with programming language while completing the task, we ... source code that contained XSS vulnerability and hence fixed the code ...", "title": "[PDF] Fighting Against XSS Attacks - arXiv", https://arxiv.org/pdf/1810.01017 },

{ "abstract": "2 Nov 2017 ... of source code similarity for detecting vulnerabilities [20]. While related, these systems ... written in the same language. As a result, they can rely ...", "title": "[PDF] BinPro: A Tool for Binary Source Code Provenance - arXiv", https://arxiv.org/pdf/1711.00830 },

{ "abstract": "8 Aug 2018 ... across natural languages very well, we regard instructions as words and basic ... reuse and sharing, a single vulnerability at source code level.", "title": "[PDF] Neural Machine Translation Inspired Binary Code Similarity ... - arXiv", https://arxiv.org/pdf/1808.04706 },

{ "abstract": "17 Jan 2018 ... advances in the field of code analysis and vulnerability pre- diction. Our results .... flaws in the source code of a program are referred to as bugs. ..... PHP is a popular server-side scripting language that is used by 83% of all ...", "title": "[PDF] M-STAR: A Modular, Evidence-based Software Trustworthiness ...", https://arxiv.org/pdf/1801.05764 },

{ "abstract": "2 Nov 2017 ... To minimize patch delay vulnerabilities and address the limitations of ..... to show the number of source code files that are changed by patches. ...... handling that is used in programming languages such as C++ and Java.", "title": "[PDF] Talos: Neutralizing Vulnerabilities with Security Workarounds for ...", https://arxiv.org/pdf/1711.00795 },

{ "abstract": "11 Sep 2018 ... Smart contracts are commonly written in a high-level language such as. Ethereum's ..... vulnerability use snippets of Solidity source code.", "title": "[PDF] Vandal: A Scalable Security Analysis Framework for Smart Contracts", https://arxiv.org/pdf/1809.03981 },

{ "abstract": "6 Apr 2016 ... source code where potential vulnerabilities exist, why they are .... LLVM IR is a typed, yet source-language independent representation of a.", "title": "[PDF] Towards Vulnerability Discovery Using Staged Program Analysis", https://arxiv.org/pdf/1508.04627 },

{ "abstract": "3 Apr 2018 ... approach to detect XSS vulnerabilities caused by improper encoding of untrusted .... aid type inference, such efforts all rely on template languages ... source code coverage but suffer from high rate of false positive results due ...", "title": "[PDF] Automated Detecting and Repair of Cross-Site Scripting ... - arXiv", https://arxiv.org/pdf/1804.01862 },

{ "abstract": "1 Jun 2017 ... Taint-style vulnerabilities comprise a majority of fuzzer .... ness of source code security audit that benefits from both the ...... gramming language.", "title": "[PDF] Static Exploration of Taint-Style Vulnerabilities Found by Fuzzing", https://arxiv.org/pdf/1706.00206 },

{ "abstract": "17 Mar 2010 ... We basically try to exploit the case-redundancy in case-insensitive language, while we try hiding data with minimal changes in the source code ...", "title": "Hiding Inside HTML and Other Source Codes", https://arxiv.org/abs/1003.3457 },

{ "abstract": "8 Aug 2018 ... ... binary code without having access to the corresponding source code. A binary, after disassembly, is expressed in an assembly language. ... such as cross-architecture vulnerability discovery and code plagiarism detection.", "title": "Neural Machine Translation Inspired Binary Code Similarity ...", https://arxiv.org/abs/1808.04706 },

{ "abstract": "14 May 2016 ... Scripting (XSS) vulnerability caused by improper encoding of untrusted data. .... approach. First, a template language covers a subset of available ... tests automatically based on application source code using data and control ...", "title": "[PDF] Automatic Web Security Unit Testing: XSS Vulnerability ... - arXiv", https://arxiv.org/pdf/1804.00754 },

{ "abstract": "10 May 2017 ... also show how to combine file-system vulnerabilities and SQL-Injection ... by developers to structure the web app's source code for stronger reusability. ... gramming languages for developing web apps such as PHP [28], JSP ...", "title": "[PDF] A Formal Approach to Exploiting Multi-Stage Attacks based on File ...", https://arxiv.org/pdf/1705.03658 },

{ "abstract": "type inference, such efforts all rely on template languages with stronger type .... line number in the source code if a vulnerability is found as shown in line 6 of ...", "title": "[PDF] Detecting Cross-Site Scripting Vulnerabilities through ... - arXiv", https://arxiv.org/pdf/1804.00755 },

{ "abstract": "PHP License [35]; and the PHP Group provides the complete source code for .... as programming language has areas of potential vulnerabilities such as type ...", "title": "[PDF] Comparing Selected Criteria of Programming Languages ... - arXiv", https://arxiv.org/pdf/1008.3434 },

{ "abstract": "researchers started working on plagiarism detection in different languages since 1990. It was ... such as (1) textual plagiarism and (2) source code plagiarism [4]. .... These methods exploit character-based, word-based, and syntax-based.", "title": "[PDF] Plagiarism: Taxonomy, Tools and Detection Techniques - arXiv", https://arxiv.org/pdf/1801.06323 },

{ "abstract": "27 Mar 2017 ... of vulnerabilities of free/paid apps stem from software libraries, particu- .... modular programming in Java, which is a primary programming language for .... We also searched the origins of the package source code using ...", "title": "[PDF] A Study on the Vulnerabilities of Mobile Apps associated with ...", https://arxiv.org/pdf/1702.03112 },

{ "abstract": "Language (SQL) code to a user input box of a Web form to ... SQL Injection vulnerabilities, attacks, and their prevention ..... The source code and LiveCD are.", "title": "[PDF] A Detailed Survey on Various Aspects of SQL Injection in ... - arXiv", https://arxiv.org/pdf/1203.3324 },

{ "abstract": "16 Oct 2017 ... separating exploit code from natural language characteristics ... bindings [29] for a common open source English dictio- nary [30] are used for ...", "title": "[PDF] Classifying Web Exploits with Topic Modeling - arXiv", https://arxiv.org/pdf/1710.05561 },

{ "abstract": "Java compiler in the other side converts the source code into intermediate code, each platform ...... vulnerabilities in the language design and implementation.", "title": "[PDF] Comparative Studies of 10 Programming Languages within ... - arXiv", https://arxiv.org/pdf/1008.3561 },

{ "abstract": "31 Jul 2018 ... programming), vulnerability analysis, and malicious code detection. ... 1, accepts code in various source languages and converts it to ...", "title": "[PDF] arXiv:1806.07336v2 [cs.LG] 31 Jul 2018", https://arxiv.org/pdf/1806.07336 },

{ "abstract": "12 Jun 2018 ... Abstract—The C and C++ programming languages are noto- riously insecure yet ... the security vulnerabilities they cover, describe their performance ... Static tools analyze the program source code and produce results that ...", "title": "[PDF] SoK: Sanitizing for Security - arXiv", https://arxiv.org/pdf/1806.04355 },

{ "abstract": "10 May 2013 ... source and binary code analysis in search for weaknesses and vulnerabilities. ... mon Vulnerabilities and Exposures) CVE-based vulnerable as well as .... weakness-laden files or compare trained language models with the ...", "title": "[PDF] MARFCAT: Transitioning to Binary and Larger Data Sets of SATE IV", https://arxiv.org/pdf/1207.3718 },

{ "abstract": "source code analyzer for detecting software bugs and security vulnerabilities in ... time including specification tools for (semi-)formal languages such as UML, ...", "title": "[PDF] Formal Verification, Engineering and Business Value - arXiv", https://arxiv.org/pdf/1301.0037 },

{ "abstract": "Natural language elements in source code, e.g., the names of variables and ..... and to work on artificially introducing security vulnerabilities [Dolan-Gavitt et al.", "title": "[PDF] DeepBugs: A Learning Approach to Name-based ... - Software Lab", https://arxiv.org/pdf/1805.11683 },

{ "abstract": "vulnerabilities, botnets, threats for mobile phones, ..... approaches used to obscure the source code of a ... applied at the level of any programming language.", "title": "[PDF] Software Vulnerabilities, Banking Threats, Botnets and ... - arXiv", https://arxiv.org/pdf/1105.1720 },

{ "abstract": "13 Feb 2017 ... ... of simplified Internet is given to understand the vulnerabilities used by IoT botnets to ..... "Anna-senpai" on the English-language hacking commu- ... (Source: [9]) the Mirai source code, the number of IoT infected devices.", "title": "[PDF] Turning Internet of Things(IoT) into Internet of Vulnerabilities (IoV ...", https://arxiv.org/pdf/1702.03681 },

{ "abstract": "applications are using client side scripting languages such as. JavaScript but this ... among newly reported vulnerabilities were XSS, making it the most frequently ..... After reading source code files of LogiCampus Educational. Platform [33], an ...", "title": "[PDF] Consideration Points: Detecting Cross-Site ... - Semantic Scholar", https://arxiv.org/pdf/0908.4188 },

{ "abstract": "The P4 language has no support for specific protocols, rather, the P4 .... Modifying data or code .... be used to find vulnerabilities in open-source P4 applications.", "title": "[PDF] Charting the Security Landscape ofProgrammable Dataplanes - arXiv", https://arxiv.org/pdf/1807.00128 },

{ "abstract": "13 May 2018 ... work drivers, the component driver's source code implic- itly assumes that .... user into phishing websites and exploit vulnerabilities in the operating ..... orientation, language and activity, has been shown to be detectable from ...", "title": "[PDF] When Replacement Smartphone Components Attack - arXiv", https://arxiv.org/pdf/1805.04850 },

{ "abstract": "16 May 2017 ... that employs the proposed method and published it on GitHub. ... dor, product, version, update, edition, language, sw edition, target sw, target ...", "title": "[PDF] Software Vulnerability Analysis Using CPE and CVE", https://arxiv.org/pdf/1705.05347 },

{ "abstract": "paper puts more focus on the impact to vulnerabilities in Enterprise ... are written in Java like language which is ... (c) Other source code: Many times application.", "title": "[PDF] Application Security framework for Mobile App Development - arXiv", https://arxiv.org/pdf/1503.05992 },

{ "abstract": "5 days ago ... mon source of security vulnerability in Android apps. To promote ... around 15. Keywords Security code smells · Vulnerability · Static analysis · Android ...... Kotlin, a new programming language used in the Android platform.", "title": "[PDF] arXiv:1811.12713v1 [cs.CR] 30 Nov 2018", https://arxiv.org/pdf/1811.12713 },

{ "abstract": "12 Jan 2016 ... novel because it exploits exotic language features instead of ad-hoc ... between its source code and binaries, which is highlighted as one of the ...", "title": "[PDF] Translingual Obfuscation", https://arxiv.org/pdf/1601.00763 },

{ "abstract": "29 Jan 2018 ... a novel vulnerability is discussed along with source codes aiming at exploiting it. ... to foreign languages terms (e.g. German) or terms related to.", "title": "[PDF] Early Warnings of Cyber Threats in Online Discussions - arXiv", https://arxiv.org/pdf/1801.09781 },

{ "abstract": "11 Apr 2017 ... language/API developers, to design/improve mechanisms for ... security vulnerabilities, and the lack of secure coding practices for restricting operations in ... The Android OS is an open source mobile OS developed by Google ...", "title": "[PDF] An Empirical Study on Android-related Vulnerabilities - arXiv", https://arxiv.org/pdf/1704.03356 },

{ "abstract": "18 Oct 2018 ... and source code, deep learning methods for Natural Language Processing ... Graph Neural Networks (GNNs) that can, in principle, exploit the ...", "title": "[PDF] Open Vocabulary Learning on Source Code with a Graph-Structured ...", https://arxiv.org/pdf/1810.08305 },

{ "abstract": "vulnerabilities. ... There are two major sources of attacks: the data XML file and the parser ... forbid their use within the code composing the validation function.", "title": "[PDF] Experience in using a typed functional language for the ... - arXiv", https://arxiv.org/pdf/1404.6606 },

{ "abstract": "10 Jun 2015 ... the most common security vulnerabilities of web applications. The most common security ... the students change to the source code of the application. They are asked to ..... from the underlying language. A schematic overview ...", "title": "[PDF] BREW: A Breakable Web Application for IT-Security Classroom Use", https://arxiv.org/pdf/1506.03325 },

{ "abstract": "and have hundreds of thousands of lines of code. .... the exploits from various sources including, but not limited to, books [12, 22], mailing lists [10], websites [18, 17] ... For example, in C language the heap stores variables that are allocated ...", "title": "[PDF] On Vulnerabilities, Constraints and Assumptions - arXiv", https://arxiv.org/pdf/cs/0509076 },

{ "abstract": "7 Feb 2018 ... blockchain. Smart Contracts source code manipulate variables in the same way as tra- ... One such language for Ethereum is Solidity [40] (a .... code vulnerability have been exploited to stole value in criptocurrencies from.", "title": "[PDF] arXiv:1802.01517v2 [cs.SE] 7 Feb 2018", https://arxiv.org/pdf/1802.01517 },

{ "abstract": "9 Aug 2016 ... Existing language models such as n-grams for software code often fail to capture ... not reveal the semantics hidden deeply in source code. On.", "title": "[PDF] A deep language model for software code", https://uk.arxiv.org/pdf/1608.02715v1 },

{ "abstract": "15 Nov 2018 ... overlooked vulnerability within the Electron Framework which is a direct byproduct of shipping ... Enter the explosion of new, fashionable languages and their counterpart .... executable binary and the JavaScript source code.", "title": "[PDF] arXiv:1811.05945v2 [cs.CR] 15 Nov 2018", https://arxiv.org/pdf/1811.05945 },

{ "abstract": "9 May 2018 ... and application vulnerability analyses of each toy using static and dynamic .... We examined the source code for security vulnerabilities, such as ..... language for IoT development would already prevent such regulations from ...", "title": "[PDF] Security and Privacy Analyses of Internet of Things Children's ... - arXiv", https://arxiv.org/pdf/1805.02751 },

{ "abstract": "25 Jan 2016 ... The affected source code seems to orig- inate from the ... The Open Mobile API [9] defines a programming language independent API for.", "title": "[PDF] Vulnerability Report: Executing Arbitrary Code in the Context of the ...", https://arxiv.org/pdf/1601.05833 },

{ "abstract": "5 Sep 2018 ... ries that are specific to programming languages. Although the ... hosting services such as GitHub, and other vulnerability databases, including.", "title": "[PDF] Toward Validation of Textual Information Retrieval Techniques for ...", https://arxiv.org/pdf/1809.01360 },

{ "abstract": "6 Mar 2018 ... Note that smart contracts with security vulnerabilities may lead to financial .... Source code: *.sol. Contracts ... Contract language. Total TXs.", "title": "[PDF] arXiv:1802.06993v2 [cs.CR] 6 Mar 2018", https://arxiv.org/pdf/1802.06993 },

{ "abstract": "Keywords: Ecosystem, Wireless, Standards, Security, OSI, Vulnerabilities. ... weaknesses in source code and operational systems as well as better ... W3C XML Schema Definition Language (XSD) 1.1 Part 1: Structures, W3C Candidate.", "title": "[PDF] Wireless Computing and IT Ecosystems - arXiv", https://arxiv.org/pdf/1311.3548 },

{ "abstract": "Keywords. Google Adsense, Vulnerability, Cross Site Scripting, ... ads are not visible by observing the website source code. ... <script language="JavaScript" ...", "title": "[PDF] A vulnerability in Google AdSense: Automatic extraction of ... - arXiv", https://arxiv.org/pdf/1509.07741 },

{ "abstract": "29 Aug 2017 ... source code to determine the presence of a vulnerability. However, ... language is required as soon as new aspects need to be included.", "title": "[PDF] Deemon: Detecting CSRF with Dynamic Analysis and ... - arXiv", https://arxiv.org/pdf/1708.08786 },

{ "abstract": "16 May 2013 ... false positives when dealing with complex language constructs or non ... Based on this information, the source code is instrumented in order.", "title": "[PDF] Combining Static and Dynamic Analysis for Vulnerability Detection", https://arxiv.org/pdf/1305.3883 },

{ "abstract": "24 May 2018 ... One-sided bug bounty platforms for web vulnerabilities represent an interesting ...... Manual source code inspection often works well for finding new ..... and the hypertext markup language of the web pages affected. In terms of ...", "title": "[PDF] A Bug Bounty Perspective on the Disclosure of Web Vulnerabilities", https://arxiv.org/pdf/1805.09850 },

{ "abstract": "19 Jul 2018 ... OSINT sources such as social media, blogs, and dark web vulnerability markets exist in diverse languages and hinder security analysts .... tacker, DNS, DDOS, code, ciphertext, cryptography, hacked, overflow, breach, sniffer ...", "title": "[PDF] Using Deep Neural Networks to Translate Multi-lingual Threat ...", https://arxiv.org/pdf/1807.07517 },

{ "abstract": "8 Jun 2017 ... We present a new code-search engine named Source Forager. Given a query in the form of a ..... functions tend to have similar natural-language vocabulary. ...... code [15], [27]–[29] is useful in finding known vulnerabilities.", "title": "[PDF] Source Forager: A Search Engine for Similar Source Code", https://arxiv.org/pdf/1706.02769 },

{ "abstract": "Keywords: web attacks, taxonomy, source encoding, intrusion detection, application ... In an effort to create a common reference language for security analysts, a .... Web application-level attacks refer to the vulnerabilities inherent in the code of.", "title": "[PDF] Encoding a Taxonomy of Web Attacks with Different-Length Vectors", https://arxiv.org/pdf/cs/0210026 },

{ "abstract": "13 Nov 2013 ... a systems programming language allows for efficient code generation. ... tion of messages that lead to these vulnerabilities, and unsafe access of ..... The source of these structural constraint violations is not currently known.", "title": "[PDF] Eliminating Network Protocol Vulnerabilities Through ... - arXiv", https://arxiv.org/pdf/1311.3336 },

{ "abstract": "in injection vulnerabilities such as cross-site scripting (XSS) and SQL injection. Injection .... maliciously crafted input data for all context-free languages. The approach presented ... parse, analyze, transform and unparse source code. In addition ...", "title": "[PDF] Towards More Security in Data Exchange: Defining ... - SE@RWTH", https://arxiv.org/pdf/1510.08979 },

{ "abstract": "Stateless code model checking is an effective verification technique, which is ... language. DSCMC is able to detect deadlocks, livelocks, and data races ...... is well-known vulnerability of concurrent programs, which can be the origin of some.", "title": "[PDF] DSCMC: Distributed Stateless Code Model Checker - arXiv", https://arxiv.org/pdf/1603.03536 },

{ "abstract": "9 Jun 2014 ... 2https://github.com/stucco/auto-labeled-corpus. Page 1 of 11 c ASE 2012 ... Vulnerability Enumeration (CVE)3 descriptions and blogs with OpenCalais, an .... note that Python's Natural Language Toolkit. (NLTK) facilitated ...", "title": "[PDF] Automatic Labeling for Entity Extraction in Cyber Security", https://arxiv.org/pdf/1308.4941 },

{ "abstract": "vulnerabilities and recommended protection technologies. ... source code of the worm was, however, published ... relevant language version of the font files of ...", "title": "[PDF] Symbian 'vulnerability' and Mobile Threats - arXiv", https://arxiv.org/pdf/1201.0945 },

{ "abstract": "27 Nov 2018 ... significant impact, since it could result to vulnerabilities, especially when they ... exists compilers for every compiled language, such as C#,. C++, C and ... the first reflex is about to search from source code and not blaming the ...", "title": "[PDF] How a simple bug in ML compiler could be exploited for backdoors?", https://arxiv.org/pdf/1811.10851 },

{ "abstract": "2 Nov 2018 ... scripting languages and client-side code, and they need to deal with unsanitised ... risk of inheriting vulnerabilities contained in these libraries. For ..... open source libraries in our seed lists are hosted on GitHub and tag the ...", "title": "[PDF] Thou Shalt Not Depend on Me: Analysing the Use of ... - arXiv", https://arxiv.org/pdf/1811.00918 },

{ "abstract": "vulnerabilities in smart contracts are discovered and exploited ev- ery few months [2, 3, 6, ... with the contract's bytecode (or source code, which can be compiled to bytecode) ... in Solidity [18], a popular high-level language for writing Ethereum.", "title": "[PDF] Securify: Practical Security Analysis of Smart Contracts - arXiv", https://arxiv.org/pdf/1806.01143 } ]