IEEE Transactions on Software Engineering最新文献

筛选
英文 中文
How Toxic Can You Get? Search-based Toxicity Testing for Large Language Models 你的毒性有多大?基于搜索的大型语言模型毒性测试
IF 7.4 1区 计算机科学
IEEE Transactions on Software Engineering Pub Date : 2025-10-17 DOI: 10.1109/tse.2025.3607625
Simone Corbo, Luca Bancale, Valeria De Gennaro, Livia Lestingi, Vincenzo Scotti, Matteo Camilli
{"title":"How Toxic Can You Get? Search-based Toxicity Testing for Large Language Models","authors":"Simone Corbo, Luca Bancale, Valeria De Gennaro, Livia Lestingi, Vincenzo Scotti, Matteo Camilli","doi":"10.1109/tse.2025.3607625","DOIUrl":"https://doi.org/10.1109/tse.2025.3607625","url":null,"abstract":"","PeriodicalId":13324,"journal":{"name":"IEEE Transactions on Software Engineering","volume":"132 1","pages":""},"PeriodicalIF":7.4,"publicationDate":"2025-10-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145310828","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Who Is Pulling the Strings: Unveiling Smart Contract State Manipulation Attacks Through State-Aware Dataflow Analysis 谁在幕后操纵:通过状态感知数据流分析揭示智能合约状态操纵攻击
IF 5.6 1区 计算机科学
IEEE Transactions on Software Engineering Pub Date : 2025-10-17 DOI: 10.1109/TSE.2025.3605145
Shuo Yang;Jiachi Chen;Lei Xiao;Jinyuan Hu;Dan Lin;Jiajing Wu;Tao Zhang;Zibin Zheng
{"title":"Who Is Pulling the Strings: Unveiling Smart Contract State Manipulation Attacks Through State-Aware Dataflow Analysis","authors":"Shuo Yang;Jiachi Chen;Lei Xiao;Jinyuan Hu;Dan Lin;Jiajing Wu;Tao Zhang;Zibin Zheng","doi":"10.1109/TSE.2025.3605145","DOIUrl":"10.1109/TSE.2025.3605145","url":null,"abstract":"Recently, the increasing complexity of smart contracts and their interactions has led to more sophisticated strategies for executing attacks. Hackers often need to deploy attacker contracts as delegators to automate these attacks on their behalf. Existing identification methods for attacker contracts either rely on simple patterns (e.g., recursive callback control flow) that suffer from high false-positive rates and limited extraction of interaction and call information, or lack fully automated detection capabilities. Consequently, these limitations reduce the effectiveness of current solutions in identifying modern, intricate attacks. To overcome these challenges, we introduce the concept of <italic>state manipulation attacks</i>, which abstracts the exploitation of problematic state dependencies arising from contract interactions. During these attacks, hackers first alter the storage state of one contract (the manipulated contract), which determines the profit they can gain. They then call another contract (the victim contract) to exploit its dependency on the altered state and maximize their profits. We present SMAsher, a tool designed to automatically identify state manipulation attacker contracts. SMAsher leverages fine-grained state-aware dataflow analysis to detect exploitation traces and exploited state dependencies among contracts, focusing on recovering the call path and interaction semantics. Our extensive experiments on 1.38 million real-world contracts demonstrate that SMAsher successfully identifies 311 state manipulation attacker contracts with 100% precision, resulting in $ 6.95 million in losses. Our findings also reveal some notable malicious characteristics of hackers’ accounts through their deployed attacker contracts. Additionally, we have provided 10 PoCs (Proof-of-Concepts) for previously unidentified attacks, all of which have been confirmed and released to the community.","PeriodicalId":13324,"journal":{"name":"IEEE Transactions on Software Engineering","volume":"51 10","pages":"2942-2956"},"PeriodicalIF":5.6,"publicationDate":"2025-10-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145310724","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
DT4LM: Differential Testing for Reliable Language Model Updates in Classification Tasks DT4LM:分类任务中可靠语言模型更新的差分测试
IF 7.4 1区 计算机科学
IEEE Transactions on Software Engineering Pub Date : 2025-10-16 DOI: 10.1109/tse.2025.3622251
Xinyue Zuo, Yan Xiao, Xiaochun Cao, Wenya Wang, Jin Song Dong
{"title":"DT4LM: Differential Testing for Reliable Language Model Updates in Classification Tasks","authors":"Xinyue Zuo, Yan Xiao, Xiaochun Cao, Wenya Wang, Jin Song Dong","doi":"10.1109/tse.2025.3622251","DOIUrl":"https://doi.org/10.1109/tse.2025.3622251","url":null,"abstract":"","PeriodicalId":13324,"journal":{"name":"IEEE Transactions on Software Engineering","volume":"91 1","pages":""},"PeriodicalIF":7.4,"publicationDate":"2025-10-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145310829","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Hydra-Reviewer: A holistic multi-agent system for automatic code review comment generation Hydra-Reviewer:一个整体的多代理系统,用于自动生成代码审查注释
IF 7.4 1区 计算机科学
IEEE Transactions on Software Engineering Pub Date : 2025-10-14 DOI: 10.1109/tse.2025.3621462
Xiaoxue Ren, Chaoqun Dai, Qiao Huang, Ye Wang, Chao Liu, Bo Jiang
{"title":"Hydra-Reviewer: A holistic multi-agent system for automatic code review comment generation","authors":"Xiaoxue Ren, Chaoqun Dai, Qiao Huang, Ye Wang, Chao Liu, Bo Jiang","doi":"10.1109/tse.2025.3621462","DOIUrl":"https://doi.org/10.1109/tse.2025.3621462","url":null,"abstract":"","PeriodicalId":13324,"journal":{"name":"IEEE Transactions on Software Engineering","volume":"102 1","pages":""},"PeriodicalIF":7.4,"publicationDate":"2025-10-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145289299","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Software Architecture Recovery Augmented with Semantics 增强语义的软件架构恢复
IF 7.4 1区 计算机科学
IEEE Transactions on Software Engineering Pub Date : 2025-10-14 DOI: 10.1109/tse.2025.3620670
Wenting Zhao, Wuxia Jin, Yiran Zhang, Ming Fan, Haijun Wang, Li Li, Yang Liu, Ting Liu
{"title":"Software Architecture Recovery Augmented with Semantics","authors":"Wenting Zhao, Wuxia Jin, Yiran Zhang, Ming Fan, Haijun Wang, Li Li, Yang Liu, Ting Liu","doi":"10.1109/tse.2025.3620670","DOIUrl":"https://doi.org/10.1109/tse.2025.3620670","url":null,"abstract":"","PeriodicalId":13324,"journal":{"name":"IEEE Transactions on Software Engineering","volume":"1 1","pages":""},"PeriodicalIF":7.4,"publicationDate":"2025-10-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145289302","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
MirrorFuzz: Leveraging LLM and Shared Bugs for Deep Learning Framework APIs Fuzzing MirrorFuzz:利用LLM和共享bug进行深度学习框架api模糊测试
IF 7.4 1区 计算机科学
IEEE Transactions on Software Engineering Pub Date : 2025-10-10 DOI: 10.1109/tse.2025.3619966
Shiwen Ou, Yuwei Li, Lu Yu, Chengkun Wei, Tingke Wen, Qiangpu Chen, Yu Chen, Haizhi Tang, Zulie Pan
{"title":"MirrorFuzz: Leveraging LLM and Shared Bugs for Deep Learning Framework APIs Fuzzing","authors":"Shiwen Ou, Yuwei Li, Lu Yu, Chengkun Wei, Tingke Wen, Qiangpu Chen, Yu Chen, Haizhi Tang, Zulie Pan","doi":"10.1109/tse.2025.3619966","DOIUrl":"https://doi.org/10.1109/tse.2025.3619966","url":null,"abstract":"","PeriodicalId":13324,"journal":{"name":"IEEE Transactions on Software Engineering","volume":"18 1","pages":""},"PeriodicalIF":7.4,"publicationDate":"2025-10-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145260849","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Condor: A Code Discriminator Integrating General Semantics with Code Details 秃鹰:一个集成了一般语义和代码细节的代码鉴别器
IF 7.4 1区 计算机科学
IEEE Transactions on Software Engineering Pub Date : 2025-10-10 DOI: 10.1109/tse.2025.3620145
Qingyuan Liang, Zhao Zhang, Chen Liu, Zeyu Sun, Wenjie Zhang, Yizhou Chen, Zixiao Zhao, Qi Luo, Wentao Wang, Yanjie Jiang, Yingfei Xiong, Lu Zhang
{"title":"Condor: A Code Discriminator Integrating General Semantics with Code Details","authors":"Qingyuan Liang, Zhao Zhang, Chen Liu, Zeyu Sun, Wenjie Zhang, Yizhou Chen, Zixiao Zhao, Qi Luo, Wentao Wang, Yanjie Jiang, Yingfei Xiong, Lu Zhang","doi":"10.1109/tse.2025.3620145","DOIUrl":"https://doi.org/10.1109/tse.2025.3620145","url":null,"abstract":"","PeriodicalId":13324,"journal":{"name":"IEEE Transactions on Software Engineering","volume":"10 1","pages":""},"PeriodicalIF":7.4,"publicationDate":"2025-10-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145260848","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Efficient Function Orchestration for Large Language Models 大型语言模型的高效功能编排
IF 7.4 1区 计算机科学
IEEE Transactions on Software Engineering Pub Date : 2025-10-09 DOI: 10.1109/tse.2025.3619112
Xiaoxia Liu, Peng Di, Cong Li, Jun Sun, Jingyi Wang
{"title":"Efficient Function Orchestration for Large Language Models","authors":"Xiaoxia Liu, Peng Di, Cong Li, Jun Sun, Jingyi Wang","doi":"10.1109/tse.2025.3619112","DOIUrl":"https://doi.org/10.1109/tse.2025.3619112","url":null,"abstract":"","PeriodicalId":13324,"journal":{"name":"IEEE Transactions on Software Engineering","volume":"223 1","pages":""},"PeriodicalIF":7.4,"publicationDate":"2025-10-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145255682","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Efficiently Testing Distributed Systems via Abstract State Space Prioritization 基于抽象状态空间优先级的分布式系统高效测试
IF 7.4 1区 计算机科学
IEEE Transactions on Software Engineering Pub Date : 2025-10-09 DOI: 10.1109/tse.2025.3618976
Yu Gao, Dong Wang, Wensheng Dou, Wenhan Feng, Yu Liang, Jun Wei
{"title":"Efficiently Testing Distributed Systems via Abstract State Space Prioritization","authors":"Yu Gao, Dong Wang, Wensheng Dou, Wenhan Feng, Yu Liang, Jun Wei","doi":"10.1109/tse.2025.3618976","DOIUrl":"https://doi.org/10.1109/tse.2025.3618976","url":null,"abstract":"","PeriodicalId":13324,"journal":{"name":"IEEE Transactions on Software Engineering","volume":"23 1","pages":""},"PeriodicalIF":7.4,"publicationDate":"2025-10-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145255731","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Towards Secure Code Generation with LLMs: A Study on Common Weakness Enumeration 利用llm实现安全代码生成:常见弱点枚举的研究
IF 7.4 1区 计算机科学
IEEE Transactions on Software Engineering Pub Date : 2025-10-09 DOI: 10.1109/tse.2025.3619281
Jianguo Zhao, Yuqiang Sun, Cheng Huang, Chengwei Liu, YaoHui Guan, Yutong Zeng, Yang Liu
{"title":"Towards Secure Code Generation with LLMs: A Study on Common Weakness Enumeration","authors":"Jianguo Zhao, Yuqiang Sun, Cheng Huang, Chengwei Liu, YaoHui Guan, Yutong Zeng, Yang Liu","doi":"10.1109/tse.2025.3619281","DOIUrl":"https://doi.org/10.1109/tse.2025.3619281","url":null,"abstract":"","PeriodicalId":13324,"journal":{"name":"IEEE Transactions on Software Engineering","volume":"18 1","pages":""},"PeriodicalIF":7.4,"publicationDate":"2025-10-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145255730","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信