Large language models for software engineering: A systematic literature review

X Hou, Y Zhao, Y Liu, Z Yang, K Wang, L Li… - ACM Transactions on …, 2023 - dl.acm.org
Large Language Models (LLMs) have significantly impacted numerous domains, including
Software Engineering (SE). Many recent publications have explored LLMs applied to …

A Systematic Literature Review on Automated Software Vulnerability Detection Using Machine Learning

N Shiri Harzevili, A Boaye Belle, J Wang… - ACM Computing …, 2024 - dl.acm.org
In recent years, numerous Machine Learning (ML) models, including Deep Learning (DL)
and classic ML models, have been developed to detect software vulnerabilities. However …

Understanding the effectiveness of large language models in detecting security vulnerabilities

A Khare, S Dutta, Z Li, A Solko-Breslin, R Alur… - arXiv preprint arXiv …, 2023 - arxiv.org
Security vulnerabilities in modern software are prevalent and harmful. While automated
vulnerability detection tools have made promising progress, their scalability and applicability …

Multitask-based evaluation of open-source llm on software vulnerability

X Yin, C Ni, S Wang - IEEE Transactions on Software …, 2024 - ieeexplore.ieee.org
This paper proposes a pipeline for quantitatively evaluating interactive Large Language
Models (LLMs) using publicly available datasets. We carry out an extensive technical …

VMUD: Detecting Recurring Vulnerabilities with Multiple Fixing Functions via Function Selection and Semantic Equivalent Statement Matching

K Huang, C Lu, Y Cao, B Chen, X Peng - … of the 2024 on ACM SIGSAC …, 2024 - dl.acm.org
The widespread use of open-source software (OSS) has led to extensive code reuse,
making vulnerabilities in OSS significantly pervasive. The vulnerabilities due to code reuse …

Top score on the wrong exam: On benchmarking in machine learning for vulnerability detection

N Risse, M Böhme - arXiv preprint arXiv:2408.12986, 2024 - arxiv.org
According to our survey of the machine learning for vulnerability detection (ML4VD)
literature published in the top Software Engineering conferences, every paper in the past 5 …

AI for DevSecOps: A Landscape and Future Opportunities

M Fu, J Pasuksmit, C Tantithamthavorn - arXiv preprint arXiv:2404.04839, 2024 - arxiv.org
DevOps has emerged as one of the most rapidly evolving software development paradigms.
With the growing concerns surrounding security in software systems, the DevSecOps …

Multi-role consensus through llms discussions for vulnerability detection

Z Mao, J Li, D Jin, M Li, K Tei - 2024 IEEE 24th International …, 2024 - ieeexplore.ieee.org
Recent advancements in large language models (LLMs) have highlighted the potential for
vulnerability de-tection, a crucial component of software quality assurance. Despite this …

Do neutral prompts produce insecure code? formai-v2 dataset: Labelling vulnerabilities in code generated by large language models

N Tihanyi, T Bisztray, MA Ferrag, R Jain… - arXiv preprint arXiv …, 2024 - arxiv.org
This study provides a comparative analysis of state-of-the-art large language models
(LLMs), analyzing how likely they generate vulnerabilities when writing simple C programs …

Codeart: Better code models by attention regularization when symbols are lacking

Z Su, X Xu, Z Huang, Z Zhang, Y Ye, J Huang… - Proceedings of the …, 2024 - dl.acm.org
Transformer based code models have impressive performance in many software
engineering tasks. However, their effectiveness degrades when symbols are missing or not …