Integrating Artificial Open Generative Artificial Intelligence into Software Supply Chain Security DOI
Vasileios Alevizos, George A. Papakostas,

Akebu Simasiku

и другие.

Опубликована: Окт. 23, 2024

While new technologies emerge, human errors always looming. Software supply chain is increasingly complex and intertwined, the security of a service has become paramount to ensuring integrity products, safeguarding data privacy, maintaining operational continuity. In this work, we conducted experiments on promising open Large Language Models (LLMs) into two main software challenges: source code language deprecated code, with focus their potential replace conventional static dynamic scanners that rely predefined rules patterns. Our findings suggest while LLMs present some unexpected results, they also encounter significant limitations, particularly in memory complexity management unfamiliar Despite these challenges, proactive application LLMs, coupled extensive databases continuous updates, holds fortify Supply Chain (SSC) processes against emerging threats.

Язык: Английский

A comprehensive survey on integrating large language models with knowledge-based methods DOI Creative Commons
Wenli Yang,

Lilian Some,

Michael Bain

и другие.

Knowledge-Based Systems, Год журнала: 2025, Номер unknown, С. 113503 - 113503

Опубликована: Апрель 1, 2025

Язык: Английский

Процитировано

1

Large language models for software vulnerability detection: a guide for researchers on models, methods, techniques, datasets, and metrics DOI

Seyed Mohammad Taghavi Far,

Farid Feyzi

International Journal of Information Security, Год журнала: 2025, Номер 24(2)

Опубликована: Фев. 14, 2025

Язык: Английский

Процитировано

0

RSCID: requirements selection considering interactions and dependencies DOI
Mohammad Reza Keyvanpour,

Zahra Karimi Zandian,

Elham Sodagari

и другие.

Genetic Programming and Evolvable Machines, Год журнала: 2025, Номер 26(1)

Опубликована: Март 27, 2025

Язык: Английский

Процитировано

0

SIFT: enhance the performance of vulnerability detection by incorporating structural knowledge and multi-task learning DOI
Liping Wang, Guilong Lu, Xiang Chen

и другие.

Automated Software Engineering, Год журнала: 2025, Номер 32(2)

Опубликована: Апрель 11, 2025

Язык: Английский

Процитировано

0

Do LLMs consider security? an empirical study on responses to programming questions DOI Creative Commons

Amirali Sajadi,

Binh Le,

Thu Anh Nguyen

и другие.

Empirical Software Engineering, Год журнала: 2025, Номер 30(3)

Опубликована: Апрель 16, 2025

Abstract The widespread adoption of conversational LLMs for software development has raised new security concerns regarding the safety LLM-generated content. Our motivational study outlines ChatGPT’s potential in volunteering context-specific information to developers, promoting safe coding practices. Motivated by this finding, we conduct a evaluate degree awareness exhibited three prominent LLMs: Claude 3, GPT-4, and Llama 3. We prompt these with Stack Overflow questions that contain vulnerable code whether they merely provide answers or if also warn users about insecure code, thereby demonstrating awareness. Further, assess LLM responses causes, exploits, fixes vulnerability, help raise users’ findings show all models struggle accurately detect vulnerabilities, achieving detection rate only 12.6% 40% across our datasets. observe tend identify certain types vulnerabilities related sensitive exposure improper input neutralization much more frequently than other types, such as those involving external control file names paths. Furthermore, when do issue warnings, often on compared responses. Finally, an in-depth discussion implications findings, demonstrated CLI-based prompting tool can be used produce secure

Язык: Английский

Процитировано

0

Demystifying issues, causes and solutions in LLM open-source projects DOI

Yangxiao Cai,

Peng Liang,

Yifei Wang

и другие.

Journal of Systems and Software, Год журнала: 2025, Номер unknown, С. 112452 - 112452

Опубликована: Апрель 1, 2025

Язык: Английский

Процитировано

0

Human-understandable explanation for software vulnerability prediction DOI Creative Commons
Hong Quy Nguyen, Thong Hoang, Hoa Khanh Dam

и другие.

Journal of Systems and Software, Год журнала: 2025, Номер unknown, С. 112455 - 112455

Опубликована: Апрель 1, 2025

Язык: Английский

Процитировано

0

Exploring Large Language Models’ Ability to Describe Entity-Relationship Schema-Based Conceptual Data Models DOI Creative Commons
Andrea Avignone,

Alessia Tierno,

Alessandro Fiori

и другие.

Information, Год журнала: 2025, Номер 16(5), С. 368 - 368

Опубликована: Апрель 29, 2025

In the field of databases, Large Language Models (LLMs) have recently been studied for generating SQL queries from textual descriptions, while their use conceptual or logical data modeling remains less explored. The design relational databases commonly relies on entity-relationship (ER) model, where translation rules enable mapping an ER schema into corresponding tables with constraints. Our study investigates capability LLMs to describe in natural language a database model based schema. Whether documentation, onboarding, communication non-technical stakeholders, can significantly improve process explaining by accurate descriptions about how components interact as well represented information. To guide LLM challenging constructs, specific hints are defined provide enriched Different explored (ChatGPT 3.5 and 4, Llama2, Gemini, Mistral 7B) different metrics (F1 score, ROUGE, perplexity) used assess quality generated compare LLMs.

Язык: Английский

Процитировано

0

SolBERT: Advancing solidity smart contract similarity analysis via self-supervised pre-training and contrastive fine-tuning DOI
Zhenzhou Tian, Yong Teng,

Xianqun Ke

и другие.

Information and Software Technology, Год журнала: 2025, Номер unknown, С. 107766 - 107766

Опубликована: Май 1, 2025

Язык: Английский

Процитировано

0

Characterizing Developers' Behaviors in LLM -Supported Software Development DOI
Wei Wang, Huilong Ning, Shuo Qian

и другие.

2022 IEEE 46th Annual Computers, Software, and Applications Conference (COMPSAC), Год журнала: 2024, Номер unknown, С. 1168 - 1177

Опубликована: Июль 2, 2024

Язык: Английский

Процитировано

0