An Unbiased Transformer Source Code Learning with Semantic Vulnerability Graph. (arXiv:2304.11072v1 [cs.CR])

Over the years, open-source software systems have become prey to threat
actors. Even as open-source communities act quickly to patch the breach, code
vulnerability screening should be an integral part of agile software
development from the beginning. Unfortunately, current vulnerability screening
techniques are ineffective at identifying novel vulnerabilities or providing
developers with code vulnerability and classification. Furthermore, the
datasets used for vulnerability learning often exhibit distribution shifts from
the real-world testing distribution due to novel attack strategies deployed by
adversaries …

act adversaries agile agile software development attack breach classification code code vulnerability communities current datasets developers development distribution machine machine learning novel open-source software patch quickly result shifts software software development source code systems techniques testing threat threat actors vulnerabilities vulnerability world