Zobrazeno 1 - 10
of 106
pro vyhledávání: '"Zheng, Yunhui"'
Autor:
Ding, Yangruibo, Suneja, Sahil, Zheng, Yunhui, Laredo, Jim, Morari, Alessandro, Kaiser, Gail, Ray, Baishakhi
Automatically locating vulnerable statements in source code is crucial to assure software security and alleviate developers' debugging efforts. This becomes even more important in today's software ecosystem, where vulnerable code can flow easily and
Externí odkaz:
http://arxiv.org/abs/2112.10893
AI modeling for source code understanding tasks has been making significant progress, and is being adopted in production development pipelines. However, reliability concerns, especially whether the models are actually learning task-related aspects of
Externí odkaz:
http://arxiv.org/abs/2111.05827
Autor:
Zheng, Yunhui, Pujar, Saurabh, Lewis, Burn, Buratti, Luca, Epstein, Edward, Yang, Bo, Laredo, Jim, Morari, Alessandro, Su, Zhong
Static analysis tools are widely used for vulnerability detection as they understand programs with complex behavior and millions of lines of code. Despite their popularity, static analysis tools are known to generate an excess of false positives. The
Externí odkaz:
http://arxiv.org/abs/2102.07995
This work explores the signal awareness of AI models for source code understanding. Using a software vulnerability detection use case, we evaluate the models' ability to capture the correct vulnerability signals to produce their predictions. Our pred
Externí odkaz:
http://arxiv.org/abs/2011.14934
Autor:
Buratti, Luca, Pujar, Saurabh, Bornea, Mihaela, McCarley, Scott, Zheng, Yunhui, Rossiello, Gaetano, Morari, Alessandro, Laredo, Jim, Thost, Veronika, Zhuang, Yufan, Domeniconi, Giacomo
The Software Naturalness hypothesis argues that programming languages can be understood through the same techniques used in natural language processing. We explore this hypothesis through the use of a pre-trained transformer-based language model to p
Externí odkaz:
http://arxiv.org/abs/2006.12641
We explore the applicability of Graph Neural Networks in learning the nuances of source code from a security perspective. Specifically, whether signatures of vulnerabilities in source code can be learned from its graph representation, in terms of rel
Externí odkaz:
http://arxiv.org/abs/2006.08614
Akademický článek
Tento výsledek nelze pro nepřihlášené uživatele zobrazit.
K zobrazení výsledku je třeba se přihlásit.
K zobrazení výsledku je třeba se přihlásit.
Autor:
Wittern, Erik, Ying, Annie, Zheng, Yunhui, Laredo, Jim A., Dolby, Julian, Young, Christopher C., Slominski, Aleksander A.
Nowadays, invoking third party code increasingly involves calling web services via their web APIs, as opposed to the more traditional scenario of downloading a library and invoking the library's API. However, there are also new challenges for develop
Externí odkaz:
http://arxiv.org/abs/1705.06586
We present a new string SMT solver, Z3str3, that is faster than its competitors Z3str2, Norn, CVC4, S3, and S3P over a majority of three industrial-strength benchmarks, namely Kaluza, PISA, and IBM AppScan. Z3str3 supports string equations, linear ar
Externí odkaz:
http://arxiv.org/abs/1704.07935
Many JavaScript applications perform HTTP requests to web APIs, relying on the request URL, HTTP method, and request data to be constructed correctly by string operations. Traditional compile-time error checking, such as calling a non-existent method
Externí odkaz:
http://arxiv.org/abs/1702.03906