ModX: binary level partially imported third-party library detection via program modularization and semantic matching
With the rapid growth of software, using third-party libraries (TPLs) has become increasingly
popular. The prosperity of the library usage has provided the software engineers with a …
popular. The prosperity of the library usage has provided the software engineers with a …
Third-party library dependency for large-scale SCA in the C/C++ ecosystem: How far are we?
Existing software composition analysis (SCA) techniques for the C/C++ ecosystem tend to
identify the reused components through feature matching between target software project …
identify the reused components through feature matching between target software project …
Improving Security Tasks Using Compiler Provenance Information Recovered At the Binary-Level
Y Du, O Alrawi, K Snow, M Antonakakis… - Proceedings of the 2023 …, 2023 - dl.acm.org
The complex optimizations supported by modern compilers allow for compiler provenance
recovery at many levels. For instance, it is possible to identify the compiler family and …
recovery at many levels. For instance, it is possible to identify the compiler family and …
The software heritage license dataset (2022 edition)
JM Gonzalez-Barahona, S Montes-Leon… - Empirical Software …, 2023 - Springer
Context: When software is released publicly, it is common to include with it either the full text
of the license or licenses under which it is published, or a detailed reference to them …
of the license or licenses under which it is published, or a detailed reference to them …
A Systematic Mapping Study of the Advancement in Software Vulnerability Forecasting
A Gautier, C Whitehead, D Dzielski… - SoutheastCon …, 2023 - ieeexplore.ieee.org
Developing software securely remains a challenge even with great advancements made in
AI, vulnerability databases, dynamic and static code analysis. Research into aspects of …
AI, vulnerability databases, dynamic and static code analysis. Research into aspects of …
An empirical comparison on the results of different clone detection setups for c-based projects
Code clones have been used in many different software maintenance and evaluation tasks
in practice (eg, change proportion and evolution, refactoring, and vulnerability …
in practice (eg, change proportion and evolution, refactoring, and vulnerability …
BBDetector: A precise and scalable third-party library detection in binary executables with fine-grained function-level features
X Zhu, J Wang, Z Fang, X Yin, S Liu - Applied Sciences, 2022 - mdpi.com
Third-party library (TPL) reuse may introduce vulnerable or malicious code and expose the
software, which exposes them to potential risks. Thus, it is essential to identify third-party …
software, which exposes them to potential risks. Thus, it is essential to identify third-party …
PromeTrans: Bootstrap binary functionality classification with knowledge transferred from pre-trained models
Pre-trained models have witnessed significant progress in nature language (including
source code) and binary code comprehension. However, none of them are suitable for …
source code) and binary code comprehension. However, none of them are suitable for …
BinEnhance: A Enhancement Framework Based on External Environment Semantics for Binary Code Search
Binary code search plays a crucial role in applications like software reuse detection.
Currently, existing models are typically based on either internal code semantics or a …
Currently, existing models are typically based on either internal code semantics or a …
Research and implementation of open source component library detection for binary programs
Y Zhang, C Ma, Y Ning, Q Wu, Z Guo - IEEE Access, 2024 - ieeexplore.ieee.org
Open source component libraries are widely used in software development. However,
vulnerabilities of these components can threaten software security as they spread …
vulnerabilities of these components can threaten software security as they spread …