all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

PatchRNN: A Deep Learning-Based System for Security Patch Identification. (arXiv:2108.03358v2 [cs.CR] UPDATED)

Add to bookmarks
Jan. 9, 2023, 2:10 a.m. | Xinda Wang, Shu Wang, Pengbin Feng, Kun Sun, Sushil Jajodia, Sanae Benchaaboun, Frank Geck

cs.CR updates on arXiv.org arxiv.org

With the increasing usage of open-source software (OSS) components,
vulnerabilities embedded within them are propagated to a huge number of
underlying applications. In practice, the timely application of security
patches in downstream software is challenging. The main reason is that such
patches do not explicitly indicate their security impacts in the documentation,
which would be difficult to recognize for software maintainers and users.
However, attackers can still identify these "secret" security patches by
analyzing the source code and generate corresponding …

application applications attackers deep learning documentation embedded identification identify main maintainers open-source software oss patch patches practice security security patch software system vulnerabilities

Visit resource

More from arxiv.org / cs.CR updates on arXiv.org

Mixtures of Gaussians are Privately Learnable with a Polynomial Number of Samples 22 hours ago | arxiv.org
alpha arxiv cs.cr cs.ds +16
Image Hijacks: Adversarial Images can Control Generative Models at Runtime 22 hours ago | arxiv.org
adversarial algorithm arxiv can +20
Differentially-Private Data Synthetisation for Efficient Re-Identification Risk Control 22 hours ago | arxiv.org
addition arxiv can computational +21
Decoding the MITRE Engenuity ATT&CK Enterprise Evaluation: An Analysis of EDR Performance in Real-World Environments 22 hours ago | arxiv.org
analysis and response apt arxiv +27
Okapi: Efficiently Safeguarding Speculative Data Accesses in Sandboxed Environments 22 hours ago | arxiv.org
architecture arxiv attacks can +12
Watch Out! Simple Horizontal Class Backdoors Can Trivially Evade Defenses 22 hours ago | arxiv.org
activates arxiv attacks backdoor +20
Every Breath You Don't Take: Deepfake Speech Detection Using Breath 22 hours ago | arxiv.org
aid arxiv cs.cr cs.mm +16
Perturbing Attention Gives You More Bang for the Buck: Subtle Imaging Perturbations That Efficiently Fool … 22 hours ago | arxiv.org
arxiv attention challenges cs.cr +13
Saving proof-of-work by hierarchical block structure 22 hours ago | arxiv.org
algorithm arxiv bitcoin block +18

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

EY GDS Internship Program - SAP, Cyber, IT Consultant or Finance Talents with German language

@ EY | Wrocław, DS, PL, 50-086
View on infosec-jobs.com

Security Architect - 100% Remote (REF1604S)

@ Citizant | Chantilly, VA, United States
View on infosec-jobs.com

Network Security Engineer - Firewall admin (f/m/d)

@ Deutsche Börse | Prague, CZ
View on infosec-jobs.com

Junior Cyber Solutions Consultant

@ Dionach | Glasgow, Scotland, United Kingdom
View on infosec-jobs.com

Senior Software Engineer (Cryptography), Bitkey

@ Block | New York City, United States
View on infosec-jobs.com
View more jobs