Zobrazeno 1 - 10
of 215
pro vyhledávání: '"NATELLA, ROBERTO"'
Autor:
Natella, Roberto
In large programming classes, it takes a significant effort from teachers to evaluate exercises and provide detailed feedback. In systems programming, test cases are not sufficient to assess exercises, since concurrency and resource management bugs a
Externí odkaz:
http://arxiv.org/abs/2410.17260
This practical experience report explores Neural Machine Translation (NMT) models' capability to generate offensive security code from natural language (NL) descriptions, highlighting the significance of contextual understanding and its impact on mod
Externí odkaz:
http://arxiv.org/abs/2408.02402
Publikováno v:
Proceedings of ACM Workshop on Software Supply Chain Offensive Research and Ecosystem Defenses, 2024
In Go, the widespread adoption of open-source software has led to a flourishing ecosystem of third-party dependencies, which are often integrated into critical systems. However, the reuse of dependencies introduces significant supply chain security r
Externí odkaz:
http://arxiv.org/abs/2407.04442
Autor:
Yu, Guangba, Tan, Gou, Huang, Haojia, Zhang, Zhenyu, Chen, Pengfei, Natella, Roberto, Zheng, Zibin
The rapid advancement of Artificial Intelligence (AI) has led to its integration into various areas, especially with Large Language Models (LLMs) significantly enhancing capabilities in Artificial Intelligence Generated Content (AIGC). However, the c
Externí odkaz:
http://arxiv.org/abs/2407.00125
Autor:
Liguori, Pietro, Marescalco, Christian, Natella, Roberto, Orbinato, Vittorio, Pianese, Luciano
As the Windows OS stands out as one of the most targeted systems, the PowerShell language has become a key tool for malicious actors and cybersecurity professionals (e.g., for penetration testing). This work explores an uncharted domain in AI code ge
Externí odkaz:
http://arxiv.org/abs/2404.12893
Publikováno v:
IEEE Security & Privacy, Early Access, February 2024
Recent advances of artificial intelligence (AI) code generators are opening new opportunities in software security research, including misuse by malicious actors. We review use cases for AI code generators for security and introduce an evaluation ben
Externí odkaz:
http://arxiv.org/abs/2402.01219
Autor:
Cesarano, Carmine, Natella, Roberto
Application Layer Gateways (ALGs) play a crucial role in securing critical systems, including railways, industrial automation, and defense applications, by segmenting networks at different levels of criticality. However, they require rigorous securit
Externí odkaz:
http://arxiv.org/abs/2401.05961
Advanced Persistent Threats (APTs) represent the most threatening form of attack nowadays since they can stay undetected for a long time. Adversary emulation is a proactive approach for preparing against these attacks. However, adversary emulation to
Externí odkaz:
http://arxiv.org/abs/2311.08274
Evaluating the correctness of code generated by AI is a challenging open problem. In this paper, we propose a fully automated method, named ACCA, to evaluate the correctness of AI-generated code for security purposes. The method uses symbolic executi
Externí odkaz:
http://arxiv.org/abs/2310.18834
AI-based code generators have become pivotal in assisting developers in writing software starting from natural language (NL). However, they are trained on large amounts of data, often collected from unsanitized online sources (e.g., GitHub, HuggingFa
Externí odkaz:
http://arxiv.org/abs/2308.04451