24 research outputs found
Machine Translation from Natural Language to Code using Long-Short Term Memory
Making computer programming language more understandable and easy for the
human is a longstanding problem. From assembly language to present day's
object-oriented programming, concepts came to make programming easier so that a
programmer can focus on the logic and the architecture rather than the code and
language itself. To go a step further in this journey of removing
human-computer language barrier, this paper proposes machine learning approach
using Recurrent Neural Network (RNN) and Long-Short Term Memory (LSTM) to
convert human language into programming language code. The programmer will
write expressions for codes in layman's language, and the machine learning
model will translate it to the targeted programming language. The proposed
approach yields result with 74.40% accuracy. This can be further improved by
incorporating additional techniques, which are also discussed in this paper.Comment: 8 pages, 3 figures, conferenc
VFFINDER: A Graph-based Approach for Automated Silent Vulnerability-Fix Identification
The increasing reliance of software projects on third-party libraries has
raised concerns about the security of these libraries due to hidden
vulnerabilities. Managing these vulnerabilities is challenging due to the time
gap between fixes and public disclosures. Moreover, a significant portion of
open-source projects silently fix vulnerabilities without disclosure, impacting
vulnerability management. Existing tools like OWASP heavily rely on public
disclosures, hindering their effectiveness in detecting unknown
vulnerabilities. To tackle this problem, automated identification of
vulnerability-fixing commits has emerged. However, identifying silent
vulnerability fixes remains challenging. This paper presents VFFINDER, a novel
graph-based approach for automated silent vulnerability fix identification.
VFFINDER captures structural changes using Abstract Syntax Trees (ASTs) and
represents them in annotated ASTs. VFFINDER distinguishes vulnerability-fixing
commits from non-fixing ones using attention-based graph neural network models
to extract structural features. We conducted experiments to evaluate VFFINDER
on a dataset of 36K+ fixing and non-fixing commits in 507 real-world C/C++
projects. Our results show that VFFINDER significantly improves the
state-of-the-art methods by 39-83% in Precision, 19-148% in Recall, and 30-109%
in F1. Especially, VFFINDER speeds up the silent fix identification process by
up to 47% with the same review effort of 5% compared to the existing
approaches.Comment: Accepted by IEEE KSE 202
An Update on Deductive Synthesis and Repair in the Leon Tool
We report our progress in scaling deductive synthesis and repair of recursive functional Scala programs in the Leon tool. We describe new techniques, including a more precise mechanism for encoding the space of meaningful candidate programs. Our techniques increase the scope of synthesis by expanding the space of programs we can synthesize and by reducing the synthesis time in many cases. As a new example, we present a run-length encoding function for a list of values, which Leon can now automatically synthesize from specification consisting of the decoding function and the local minimality property of the encoded value