Výsledky vyhledávání - "Zhang, Lyuye"

Report

How and Why LLMs Use Deprecated APIs in Code Completion? An Empirical Study

Autor: Wang, Chong, Huang, Kaifeng, Zhang, Jian, Feng, Yebo, Zhang, Lyuye, Liu, Yang, Peng, Xin

Large language models (LLMs), pre-trained or fine-tuned on large code corpora, have shown effectiveness in generating code completions. However, in LLM-based code completion, LLMs may struggle to use correct and up-to-date Application Programming Int

Externí odkaz: http://arxiv.org/abs/2406.09834

Zobrazit plný text záznamu

Report

ACFIX: Guiding LLMs with Mined Common RBAC Practices for Context-Aware Repair of Access Control Vulnerabilities in Smart Contracts

Autor: Zhang, Lyuye, Li, Kaixuan, Sun, Kairan, Wu, Daoyuan, Liu, Ye, Tian, Haoye, Liu, Yang

Smart contracts are susceptible to various security issues, among which access control (AC) vulnerabilities are particularly critical. While existing research has proposed multiple detection tools, the automatic and appropriate repair of AC vulnerabi

Externí odkaz: http://arxiv.org/abs/2403.06838

Zobrazit plný text záznamu

Report

LLM4Vuln: A Unified Evaluation Framework for Decoupling and Enhancing LLMs' Vulnerability Reasoning

Autor: Sun, Yuqiang, Wu, Daoyuan, Xue, Yue, Liu, Han, Ma, Wei, Zhang, Lyuye, Liu, Yang, Li, Yingjiu

Large language models (LLMs) have demonstrated significant potential in various tasks, including vulnerability detection. However, current efforts in this area are preliminary, lacking clarity on whether LLMs' vulnerability reasoning capabilities ste

Externí odkaz: http://arxiv.org/abs/2401.16185

Zobrazit plný text záznamu

Report

Empirical Analysis of Vulnerabilities Life Cycle in Golang Ecosystem

Autor: Hu, Jinchang, Zhang, Lyuye, Liu, Chengwei, Yang, Sen, Huang, Song, Liu, Yang

Open-source software (OSS) greatly facilitates program development for developers. However, the high number of vulnerabilities in open-source software is a major concern, including in Golang, a relatively new programming language. In contrast to othe

Externí odkaz: http://arxiv.org/abs/2401.00515

Zobrazit plný text záznamu

Report

Mitigating Persistence of Open-Source Vulnerabilities in Maven Ecosystem

Autor: Zhang, Lyuye, Liu, Chengwei, Chen, Sen, Xu, Zhengzi, Fan, Lingling, Zhao, Lida, Zhang, Yiran, Liu, Yang

Vulnerabilities from third-party libraries (TPLs) have been unveiled to threaten the Maven ecosystem. Despite patches being released promptly after vulnerabilities are disclosed, the libraries and applications in the community still use the vulnerabl

Externí odkaz: http://arxiv.org/abs/2308.03419

Zobrazit plný text záznamu

Report

Compatible Remediation on Vulnerabilities from Third-Party Libraries for Java Projects

Autor: Zhang, Lyuye, Liu, Chengwei, Xu, Zhengzi, Chen, Sen, Fan, Lingling, Zhao, Lida, Wu, Jiahui, Liu, Yang

With the increasing disclosure of vulnerabilities in open-source software, software composition analysis (SCA) has been widely applied to reveal third-party libraries and the associated vulnerabilities in software projects. Beyond the revelation, SCA

Externí odkaz: http://arxiv.org/abs/2301.08434

Zobrazit plný text záznamu

Report

Has My Release Disobeyed Semantic Versioning? Static Detection Based on Semantic Differencing

Autor: Zhang, Lyuye, Liu, Chengwei, Xu, Zhengzi, Chen, Sen, Fan, Lingling, Chen, Bihuan, Liu, Yang

To enhance the compatibility in the version control of Java Third-party Libraries (TPLs), Maven adopts Semantic Versioning (SemVer) to standardize the underlying meaning of versions, but users could still confront abnormal execution and crash after u

Externí odkaz: http://arxiv.org/abs/2209.00393

Zobrazit plný text záznamu