all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Multi-Granularity Detector for Vulnerability Fixes. (arXiv:2305.13884v1 [cs.CR])

Add to bookmarks
May 24, 2023, 1:10 a.m. | Truong Giang Nguyen, Thanh Le-Cong, Hong Jin Kang, Ratnadira Widyasari, Chengran Yang, Zhipeng Zhao, Bowen Xu, Jiayuan Zhou, Xin Xia, Ahmed E. Hassan,

cs.CR updates on arXiv.org arxiv.org

With the increasing reliance on Open Source Software, users are exposed to
third-party library vulnerabilities. Software Composition Analysis (SCA) tools
have been created to alert users of such vulnerabilities. SCA requires the
identification of vulnerability-fixing commits. Prior works have proposed
methods that can automatically identify such vulnerability-fixing commits.
However, identifying such commits is highly challenging, as only a very small
minority of commits are vulnerability fixing. Moreover, code changes can be
noisy and difficult to analyze. We observe that noise …

alert analysis detector exposed fixes identification identify library open source party sca software software composition analysis third third-party tools vulnerabilities vulnerability

Visit resource

More from arxiv.org / cs.CR updates on arXiv.org

Generating Synthetic Health Sensor Data for Privacy-Preserving Wearable Stress Detection 15 hours ago | arxiv.org
applications arxiv aware challenge +23
One-shot Generative Data Augmentation with Bounded Divergence for UAV Identification in Limited RF Environments 15 hours ago | arxiv.org
addresses arxiv augmentation challenges +19
SoK: Where's the "up"?! A Comprehensive (bottom-up) Study on the Security of Arm Cortex-M Systems 15 hours ago | arxiv.org
arm arxiv cortex cs.ar +17
Quantum Oblivious LWE Sampling and Insecurity of Standard Model Lattice-Based SNARKs 15 hours ago | arxiv.org
arxiv cs.cr errors find +9
Distributed DP-Helmet: Scalable Differentially Private Non-interactive Averaging of Single Layers 15 hours ago | arxiv.org
algorithms arxiv blind called +12
Near Threshold Computation of Partitioned Ring Learning With Error (RLWE) Post Quantum Cryptography on Reconfigurable … 15 hours ago | arxiv.org
adversaries algorithm algorithms architecture +23
On Maximal Families of Binary Polynomials with Pairwise Linear Common Factors 15 hours ago | arxiv.org
arxiv binary construction cs.cr +5
Byzantine-Resilient Secure Aggregation for Federated Learning Without Privacy Compromises 15 hours ago | arxiv.org
aggregation arxiv cs.cr cs.dc +20
Intelligent Control in 6G Open RAN: Security Risk or Opportunity? 15 hours ago | arxiv.org
access adoption architecture artificial +24

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada
View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA
View on infosec-jobs.com

Sr. Application Security Engineer

@ CyberCube | Tallinn
View on infosec-jobs.com

Security Incident Response Analyst

@ Oracle | KITCHENER, ON, Canada
View on infosec-jobs.com

Senior Security Engineer

@ Minitab | Americas Remote
View on infosec-jobs.com