Securing the Dark Matter: A Semantic-Enhanced Neuro-Symbolic Framework for Supply Chain Analysis of Opaque Industrial Software

Automated vulnerability detection in critical-infrastructure software confronts a fundamental barrier: industrial software is routinely deployed as stripped, symbol-free binaries that deprive conventional Software Composition Analysis of the source-level transparency it requires. Existing binary...

Explainable Vulnerability Detection in C/C++ Using Edge-Aware Graph Attention Networks

Detecting security vulnerabilities in source code remains challenging, particularly due to class imbalance in real-world datasets where vulnerable functions are under-represented. Existing learning-based methods often optimise for recall, leading to high false positive rates and reduced usability...

LLMxCPG: Context-Aware Vulnerability Detection through Code Property Graph-Guided Large Language Models

Software vulnerabilities present a persistent security challenge, with over 25,000 new vulnerabilities reported in the Common Vulnerabilities and Exposures CVE database in 2024 alone. While deep learning based approaches show promise for vulnerability detection, recent studies reveal critical...

Joern - Open-source Code Analysis Platform For C/C++/Java Based On Code Property Graphs

Joern's Documentation is available here: https://docs.joern.io/home Quick Installation wget https://github.com/ShiftLeftSecurity/joern/releases/latest/download/joern-install.sh chmod +x ./joern-install.sh sudo ./joern-install.sh joern Compiling synthetic/ammonite/predef/interpBridge.sc Compiling...