SecureQwen: Leveraging LLMs for vulnerability detection in python codebases

Identifying vulnerabilities in software code is crucial for ensuring the security of modern systems. However, manual detection requires expert knowledge and is time-consuming, underscoring the need for automated techniques. In this paper, we present SecureQwen, a novel vulnerability detection tool l...

Full description

Saved in:
Bibliographic Details
Published inComputers & security Vol. 148; p. 104151
Main Authors Mechri, Abdechakour, Ferrag, Mohamed Amine, Debbah, Merouane
Format Journal Article
LanguageEnglish
Published Elsevier Ltd 01.01.2025
Subjects
Codebase
Generative pre-trained transformers
Large language model
Security
Software security
Static analysis
Vulnerability detection
Vulnerability detection
Static analysis
Large language model
Codebase
Security
Generative pre-trained transformers
Software security
Online AccessGet full text
ISSN0167-4048
DOI10.1016/j.cose.2024.104151

Cover

Abstract Identifying vulnerabilities in software code is crucial for ensuring the security of modern systems. However, manual detection requires expert knowledge and is time-consuming, underscoring the need for automated techniques. In this paper, we present SecureQwen, a novel vulnerability detection tool leveraging large language models (LLMs) with a context length of 64K tokens to identify potential security threats in large-scale Python codebases. Utilizing a decoder-only transformer architecture, SecureQwen captures complex relationships between code tokens, enabling accurate classification of vulnerable code sequences across 14 common weakness enumerations (CWEs), including OS Command Injection, SQL Injection, Improper Check or Handling of Exceptional Conditions, Path Traversal, Broken or Risky Cryptographic Algorithm, Deserialization of Untrusted Data, and Cleartext Transmission of Sensitive Information. Therefore, we evaluate SecureQwen on a large Python dataset with over 1.875 million function-level code snippets from different sources, including GitHub repositories, Codeparrot’s dataset, and synthetic data generated by GPT4-o. The experimental evaluation demonstrates high accuracy, with F1 scores ranging from 84% to 99%. The results indicate that SecureQwen effectively detects vulnerabilities in human-written and AI-generated code.
AbstractList Identifying vulnerabilities in software code is crucial for ensuring the security of modern systems. However, manual detection requires expert knowledge and is time-consuming, underscoring the need for automated techniques. In this paper, we present SecureQwen, a novel vulnerability detection tool leveraging large language models (LLMs) with a context length of 64K tokens to identify potential security threats in large-scale Python codebases. Utilizing a decoder-only transformer architecture, SecureQwen captures complex relationships between code tokens, enabling accurate classification of vulnerable code sequences across 14 common weakness enumerations (CWEs), including OS Command Injection, SQL Injection, Improper Check or Handling of Exceptional Conditions, Path Traversal, Broken or Risky Cryptographic Algorithm, Deserialization of Untrusted Data, and Cleartext Transmission of Sensitive Information. Therefore, we evaluate SecureQwen on a large Python dataset with over 1.875 million function-level code snippets from different sources, including GitHub repositories, Codeparrot’s dataset, and synthetic data generated by GPT4-o. The experimental evaluation demonstrates high accuracy, with F1 scores ranging from 84% to 99%. The results indicate that SecureQwen effectively detects vulnerabilities in human-written and AI-generated code.
ArticleNumber 104151
Author Debbah, Merouane
Mechri, Abdechakour
Ferrag, Mohamed Amine
Author_xml – sequence: 1
  givenname: Abdechakour
  orcidid: 0009-0002-6937-9373
  surname: Mechri
  fullname: Mechri, Abdechakour
  email: a.mechri@esi-sba.dz
  organization: École supérieure en informatique 08 Mai 1945 de Sidi Bel Abbès (ESI-SBA), Algeria
– sequence: 2
  givenname: Mohamed Amine
  orcidid: 0000-0002-0632-3172
  surname: Ferrag
  fullname: Ferrag, Mohamed Amine
  email: ferrag.mohamedamine@univ-guelma.dz
  organization: Technology Innovation Institute, 9639 Masdar City, Abu Dhabi, United Arab Emirates
– sequence: 3
  givenname: Merouane
  orcidid: 0000-0001-8941-8080
  surname: Debbah
  fullname: Debbah, Merouane
  email: merouane.debbah@ku.ac.ae
  organization: Khalifa University of Science and Technology, P O Box 127788, Abu Dhabi, United Arab Emirates
BookMark eNp9kE1LAzEQhnOoYKv-AU_5A1vztWkqXqT4hSsi6jlkk2lNWZOSpJX-e3epJw89zfAOzzDzTNAoxAAIXVIypYTKq_XUxgxTRpjoA0FrOkLjfjCrBBHqFE1yXhNCZ1KpMXp-B7tN8PYD4Ro3sINkVj6scNO8ZLyMCe-2XejD1ne-7LGDArb4GLAPeLMvX31no4PWZMjn6GRpugwXf_UMfd7ffSweq-b14Wlx21SWE1IqI6RRvDbztmaMCyokk5ZQ4MCVq40ExTllNRBjpGu5E8oIwySnLZ21czrnZ0gd9toUc06w1NYXM1xVkvGdpkQPIvRaDyL0IEIfRPQo-4dukv82aX8cujlA0D-185B0th6CBedTb0O76I_hv20mex0
CitedBy_id crossref_primary_10_3390_s25061666
crossref_primary_10_1016_j_iotcps_2025_01_001
Cites_doi 10.1145/3597926.3598145
10.1145/3551349.3559534
10.1109/TIFS.2024.3374558
10.1145/3556974
10.1049/sfw2.12066
10.1109/TDSC.2021.3051525
10.1007/s10664-022-10278-4
10.1145/3436877
10.1145/3597503.3639121
10.1016/j.jss.2024.112031
10.1145/3379597.3387513
10.1145/3643651.3659892
10.1145/3590777.3590780
10.1145/3585009
10.1145/3650105.3652299
10.1109/JPROC.2020.2993293
10.1145/2597073.2597074
10.1016/j.infsof.2021.106809
10.1145/3475960.3475985
10.1016/j.cose.2024.103802
ContentType Journal Article
Copyright 2024 Elsevier Ltd
Copyright_xml – notice: 2024 Elsevier Ltd
DBID AAYXX
CITATION
DOI 10.1016/j.cose.2024.104151
DatabaseName CrossRef
DatabaseTitle CrossRef
DatabaseTitleList
DeliveryMethod fulltext_linktorsrc
Discipline Computer Science
ExternalDocumentID 10_1016_j_cose_2024_104151
S0167404824004565
GroupedDBID --K
--M
-~X
.DC
.~1
0R~
1B1
1RT
1~.
1~5
29F
4.4
457
4G.
5GY
5VS
7-5
71M
8P~
9JN
AACTN
AAEDT
AAEDW
AAIKJ
AAKOC
AALRI
AAOAW
AAQFI
AAQXK
AAXKI
AAXUO
AAYFN
ABBOA
ABFSI
ABJNI
ABMAC
ABWVN
ABXDB
ACDAQ
ACGFO
ACGFS
ACNNM
ACRLP
ACRPL
ACZNC
ADBBV
ADEZE
ADHUB
ADJOM
ADMUD
ADNMO
AEBSH
AEIPS
AEKER
AENEX
AFFNX
AFJKZ
AFKWA
AFTJW
AGHFR
AGUBO
AGYEJ
AHHHB
AHZHX
AIALX
AIEXJ
AIKHN
AITUG
AJOXV
AKRWK
ALMA_UNASSIGNED_HOLDINGS
AMFUW
AMRAJ
AOUOD
ASPBG
AVWKF
AXJTR
AZFZN
BKOJK
BKOMP
BLXMC
CS3
DU5
E.L
EBS
EFJIC
EJD
EO8
EO9
EP2
EP3
FDB
FEDTE
FGOYB
FIRID
FNPLU
FYGXN
G-2
G-Q
GBLVA
GBOLZ
HLX
HLZ
HVGLF
HZ~
IHE
J1W
KOM
LG8
LG9
M41
MO0
MS~
N9A
O-L
O9-
OAUVE
OZT
P-8
P-9
P2P
PC.
PQQKQ
Q38
R2-
RIG
RNS
ROL
RPZ
RXW
SBC
SBM
SDF
SDG
SDP
SES
SEW
SPC
SPCBC
SSV
SSZ
T5K
TAE
TN5
TWZ
WH7
WUQ
XJE
XPP
XSW
YK3
ZMT
~G-
AATTM
AAYWO
AAYXX
ACLOT
ACVFH
ADCNI
AEUPX
AFPUW
AGQPQ
AIGII
AIIUN
AKBMS
AKYEP
ANKPU
APXCP
CITATION
EFKBS
EFLBG
~HD
ID FETCH-LOGICAL-c300t-a46a835a9b5223414626c01e3e38d5a6e833125e0aa6db3d48a4a2631b17b9193
IEDL.DBID .~1
ISSN 0167-4048
IngestDate Wed Oct 01 04:27:34 EDT 2025
Thu Apr 24 22:51:20 EDT 2025
Sat Feb 01 16:09:39 EST 2025
IsPeerReviewed true
IsScholarly true
Keywords Vulnerability detection
Static analysis
Large language model
Codebase
Security
Generative pre-trained transformers
Software security
Language English
LinkModel DirectLink
MergedId FETCHMERGED-LOGICAL-c300t-a46a835a9b5223414626c01e3e38d5a6e833125e0aa6db3d48a4a2631b17b9193
ORCID 0000-0002-0632-3172
0009-0002-6937-9373
0000-0001-8941-8080
ParticipantIDs crossref_citationtrail_10_1016_j_cose_2024_104151
crossref_primary_10_1016_j_cose_2024_104151
elsevier_sciencedirect_doi_10_1016_j_cose_2024_104151
ProviderPackageCode CITATION
AAYXX
PublicationCentury 2000
PublicationDate January 2025
2025-01-00
PublicationDateYYYYMMDD 2025-01-01
PublicationDate_xml – month: 01
  year: 2025
  text: January 2025
PublicationDecade 2020
PublicationTitle Computers & security
PublicationYear 2025
Publisher Elsevier Ltd
Publisher_xml – name: Elsevier Ltd
References Bhandari, G., Naseer, A., Moonen, L., 2021. CVEfixes: automated collection of vulnerabilities and their fixes from open-source software. In: Proceedings of the 17th International Conference on Predictive Models and Data Analytics in Software Engineering. pp. 30–39.
Russell, Kim, Hamilton, Lazovich, Harer, Ozdemir, Ellingwood, McConley (b51) 2018
Wartschinski, Noller, Vogel, Kehrer, Grunske (b60) 2022; 144
Zhou, Tran, Le-Cong, Zhang, Irsan, Sumarlin, Le, Lo (b73) 2024
Antal, G., Keleti, M., Hegedŭs, P., 2020. Exploring the security awareness of the python and javascript open source communities. In: Proceedings of the 17th International Conference on Mining Software Repositories. pp. 16–20.
Mikolov, Sutskever, Chen, Corrado, Dean (b43) 2013; Vol. 26
Zhang, Fang, Sun, Liu, He, Hao, Chen (b66) 2024
Black (b10) 2017
Farasat, Posegga (b17) 2024
Zhang, Sennrich (b67) 2019
Jiang, Gu, Zhu, Pan (b29) 2024; 36
Zhou, Pacheco, Wan, Xia, Lo, Wang, Hassan (b72) 2021
Shestov, Levichev, Mussabayev, Maslov, Cheshkov, Zadorozhny (b54) 2024
Alammar (b2) 2018
Elfwing, Uchibe, Doya (b15) 2017
Mamede, C., Pinconschi, E., Abreu, R., 2022. A transformer-based IDE plugin for vulnerability detection. In: Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering. pp. 1–4.
Zhao, Zhou, Li, Tang, Wang, Hou, Min, Zhang, Zhang, Dong (b69) 2023
Lu, Ju, Chen, Pei, Cai (b37) 2024; 212
Zhou, Liu, Siow, Du, Liu (b71) 2019
Li, J., Sangalay, A., Cheng, C., Tian, Y., Yang, J., 2024. Fine Tuning Large Language Model for Secure Code Generation. In: Proceedings of the 2024 IEEE/ACM First International Conference on AI Foundation Models and Software Engineering. pp. 86–90.
Popescu, Balas, Perescu-Popescu, Mastorakis (b49) 2009; 8
Ehrenberg, Sarkani, Mazzuchi (b14) 2024; 140
Bai, Bai, Yang, Wang, Tan, Wang, Lin, Zhou, Zhou (b6) 2023
Su, Lu, Pan, Murtadha, Wen, Liu (b56) 2021
Kingma, Ba (b31) 2017
Mathews, Brus, Aafer, Nagappan, McIntosh (b41) 2024
Phan, Tran, Le, Nguyen, Anibal, Peltekian, Ye (b48) 2021
Touvron, Lavril, Izacard, Martinet, Lachaux, Lacroix, Rozière, Goyal, Hambro, Azhar (b58) 2023
Zheng, Pujar, Lewis, Buratti, Epstein, Yang, Laredo, Morari, Su (b70) 2021
Zhang, Arcuri, Li, Liu, Xue (b65) 2023; 32
Finamore (b21) 2024
Xie, Raskar, Emani (b63) 2022
Feng, Guo, Tang, Duan, Feng, Gong, Shou, Qin, Liu, Jiang (b19) 2020
Zhang, L., Zou, Q., Singhal, A., Sun, X., Liu, P., 2024b. Evaluating Large Language Models for Real-World Vulnerability Repair in C/C++ Code. In: Proceedings of the 10th ACM International Workshop on Security and Privacy Analytics. pp. 49–58.
Hanif, Maffeis (b24) 2022
Ferrag, Battah, Tihanyi, Jain, Maimut, Alwahedi, Lestable, Thandi, Mechri, Debbah, Cordeiro (b20) 2024
Yusuf, Jiang (b64) 2024
Menezes, Aldughaim, Farias, Li, Manino, Shmarov, Song, Brauß e, Gadelha, Tihanyi (b42) 2024
Mao, Li, Li, Tei (b40) 2024
Rozière, Gehring, Gloeckle, Sootla, Gat, Tan, Adi, Liu, Sauvestre, Remez, Rapin, Kozhevnikov, Evtimov, Bitton, Bhatt, Ferrer, Grattafiori, Xiong, Défossez, Copet, Azhar, Touvron, Martin, Usunier, Scialom, Synnaeve (b50) 2024
Lin, Wen, Han, Zhang, Xiang (b35) 2020; 108
Bai, Bai (b7) 2023
OpenAI (b46) 2023
Vaswani, Shazeer, Parmar, Uszkoreit, Jones, Gomez, Kaiser, Polosukhin (b59) 2017; 30
Bai, Men, Yang, Ren, Dang, Zhang, Zhou, Wang, Tan, Yang (b8) 2022
Luo, Xu, Zhao, Sun, Geng, Hu, Tao, Ma, Lin, Jiang (b38) 2023
Ozturk, O.S., Ekmekcioglu, E., Cetin, O., Arief, B., Hernandez-Castro, J., 2023. New tricks to old codes: can AI chatbots replace static code analysis tools?. In: Proceedings of the 2023 European Interdisciplinary Cybersecurity Conference. pp. 13–18.
Cheng, Wang, Hua, Xu, Sui (b12) 2021; 30
Wu, Zhang, Jha, McDaniel, Xiao (b61) 2024
Alfadel, Costa, Shihab (b3) 2023; 28
Guo, Ren, Lu, Feng, Tang, Liu, Zhou, Duan, Svyatkovskiy, Fu (b23) 2020
Li, Zou, Xu, Jin, Zhu, Chen (b33) 2021; 19
Lu, Guo, Ren, Huang, Svyatkovskiy, Blanco, Clement, Drain, Jiang, Tang (b36) 2021
Zou, Wang, Xu, Li, Jin (b74) 2019; 18
Chowdhery, Narang, Devlin, Bosma, Mishra, Roberts, Barham, Chung, Sutton, Gehrmann (b13) 2023; 24
Hu, Y., Wang, S., Li, W., Peng, J., Wu, Y., Zou, D., Jin, H., 2023. Interpreters for GNN-based vulnerability detection: Are we there yet?. In: Proceedings of the 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis. pp. 1407–1419.
Subhan, Wu, Bo, Sun, Rahman (b57) 2022; 16
OpenAI (b45) 2023
Alikhanifard, Tsantalis (b4) 2024
Mohammed, Lal, Rastogi, Roy, Sharma (b44) 2024
Kalliamvakou, E., Gousios, G., Blincoe, K., Singer, L., German, D.M., Damian, D., 2014. The promises and perils of mining github. In: Proceedings of the 11th Working Conference on Mining Software Repositories. pp. 92–101.
Shazeer (b53) 2020
Farias, Menezes, Sun, Cordeiro (b18) 2024
Senanayake, Kalutarage, Al-Kadri, Petrovski, Piras (b52) 2023; 55
Buratti, Pujar, Bornea, McCarley, Zheng, Rossiello, Morari, Laredo, Thost, Zhuang (b11) 2020
Gao, Wang, Zhou, Zhu, Zhang (b22) 2023
Hovsepyan, Scandariato, Joosen, Walden (b26) 2012
Jensen, Tawosi, Alamir (b28) 2024
Eniser, Zhang, David, Wang, Paulsen, Dodds, Kroening (b16) 2024
Hashemi Chaleshtori, Ray (b25) 2022
Ahmad, Thakur, Tan, Karri, Pearce (b1) 2024
Xia, C.S., Paltenghi, M., Le Tian, J., Pradel, M., Zhang, L., 2024. Fuzz4all: Universal fuzzing with large language models. In: Proceedings of the IEEE/ACM 46th International Conference on Software Engineering. pp. 1–13.
Li, Zou, Xu, Ou, Jin, Wang, Deng, Zhong (b34) 2018
Silva, Fang, Monperrus (b55) 2023
Zou (10.1016/j.cose.2024.104151_b74) 2019; 18
Phan (10.1016/j.cose.2024.104151_b48) 2021
Russell (10.1016/j.cose.2024.104151_b51) 2018
Buratti (10.1016/j.cose.2024.104151_b11) 2020
Zhang (10.1016/j.cose.2024.104151_b66) 2024
Bai (10.1016/j.cose.2024.104151_b6) 2023
Yusuf (10.1016/j.cose.2024.104151_b64) 2024
Li (10.1016/j.cose.2024.104151_b34) 2018
10.1016/j.cose.2024.104151_b5
Jensen (10.1016/j.cose.2024.104151_b28) 2024
Feng (10.1016/j.cose.2024.104151_b19) 2020
Ferrag (10.1016/j.cose.2024.104151_b20) 2024
Silva (10.1016/j.cose.2024.104151_b55) 2023
Zhou (10.1016/j.cose.2024.104151_b72) 2021
Ehrenberg (10.1016/j.cose.2024.104151_b14) 2024; 140
Mohammed (10.1016/j.cose.2024.104151_b44) 2024
Hovsepyan (10.1016/j.cose.2024.104151_b26) 2012
Vaswani (10.1016/j.cose.2024.104151_b59) 2017; 30
Cheng (10.1016/j.cose.2024.104151_b12) 2021; 30
Chowdhery (10.1016/j.cose.2024.104151_b13) 2023; 24
Su (10.1016/j.cose.2024.104151_b56) 2021
Guo (10.1016/j.cose.2024.104151_b23) 2020
Zhou (10.1016/j.cose.2024.104151_b71) 2019
Mikolov (10.1016/j.cose.2024.104151_b43) 2013; Vol. 26
Touvron (10.1016/j.cose.2024.104151_b58) 2023
10.1016/j.cose.2024.104151_b62
Hanif (10.1016/j.cose.2024.104151_b24) 2022
Xie (10.1016/j.cose.2024.104151_b63) 2022
Alfadel (10.1016/j.cose.2024.104151_b3) 2023; 28
10.1016/j.cose.2024.104151_b27
Wu (10.1016/j.cose.2024.104151_b61) 2024
Popescu (10.1016/j.cose.2024.104151_b49) 2009; 8
Alammar (10.1016/j.cose.2024.104151_b2) 2018
Bai (10.1016/j.cose.2024.104151_b7) 2023
10.1016/j.cose.2024.104151_b9
Zhao (10.1016/j.cose.2024.104151_b69) 2023
Menezes (10.1016/j.cose.2024.104151_b42) 2024
10.1016/j.cose.2024.104151_b68
Wartschinski (10.1016/j.cose.2024.104151_b60) 2022; 144
Lu (10.1016/j.cose.2024.104151_b37) 2024; 212
Kingma (10.1016/j.cose.2024.104151_b31) 2017
OpenAI (10.1016/j.cose.2024.104151_b46) 2023
Alikhanifard (10.1016/j.cose.2024.104151_b4) 2024
10.1016/j.cose.2024.104151_b30
OpenAI (10.1016/j.cose.2024.104151_b45) 2023
Senanayake (10.1016/j.cose.2024.104151_b52) 2023; 55
Farasat (10.1016/j.cose.2024.104151_b17) 2024
Zhang (10.1016/j.cose.2024.104151_b65) 2023; 32
Li (10.1016/j.cose.2024.104151_b33) 2021; 19
10.1016/j.cose.2024.104151_b39
10.1016/j.cose.2024.104151_b32
Luo (10.1016/j.cose.2024.104151_b38) 2023
Jiang (10.1016/j.cose.2024.104151_b29) 2024; 36
Zheng (10.1016/j.cose.2024.104151_b70) 2021
Bai (10.1016/j.cose.2024.104151_b8) 2022
Finamore (10.1016/j.cose.2024.104151_b21) 2024
Zhang (10.1016/j.cose.2024.104151_b67) 2019
Elfwing (10.1016/j.cose.2024.104151_b15) 2017
Eniser (10.1016/j.cose.2024.104151_b16) 2024
Hashemi Chaleshtori (10.1016/j.cose.2024.104151_b25) 2022
Gao (10.1016/j.cose.2024.104151_b22) 2023
Ahmad (10.1016/j.cose.2024.104151_b1) 2024
Rozière (10.1016/j.cose.2024.104151_b50) 2024
10.1016/j.cose.2024.104151_b47
Subhan (10.1016/j.cose.2024.104151_b57) 2022; 16
Mao (10.1016/j.cose.2024.104151_b40) 2024
Lin (10.1016/j.cose.2024.104151_b35) 2020; 108
Lu (10.1016/j.cose.2024.104151_b36) 2021
Shestov (10.1016/j.cose.2024.104151_b54) 2024
Shazeer (10.1016/j.cose.2024.104151_b53) 2020
Zhou (10.1016/j.cose.2024.104151_b73) 2024
Mathews (10.1016/j.cose.2024.104151_b41) 2024
Black (10.1016/j.cose.2024.104151_b10) 2017
Farias (10.1016/j.cose.2024.104151_b18) 2024
References_xml – year: 2024
  ident: b1
  article-title: On hardware security bug code fixes by prompting large language models
  publication-title: IEEE Trans. Inf. Forensics Secur.
– year: 2024
  ident: b41
  article-title: Llbezpeky: Leveraging large language models for vulnerability detection
– volume: 30
  start-page: 1
  year: 2021
  end-page: 33
  ident: b12
  article-title: Deepwukong: Statically detecting software vulnerabilities using deep graph neural network
  publication-title: ACM Trans. Softw. Eng. Methodol. (TOSEM)
– year: 2018
  ident: b34
  article-title: VulDeePecker: A deep learning-based system for vulnerability detection
  publication-title: Proceedings 2018 Network and Distributed System Security Symposium
– year: 2020
  ident: b19
  article-title: Codebert: A pre-trained model for programming and natural languages
– year: 2024
  ident: b16
  article-title: Towards translating real-world code with LLMs: A study of translating to rust
– reference: Zhang, L., Zou, Q., Singhal, A., Sun, X., Liu, P., 2024b. Evaluating Large Language Models for Real-World Vulnerability Repair in C/C++ Code. In: Proceedings of the 10th ACM International Workshop on Security and Privacy Analytics. pp. 49–58.
– start-page: 7
  year: 2012
  end-page: 10
  ident: b26
  article-title: Software vulnerability prediction using text analysis techniques
  publication-title: Proceedings of the 4th International Workshop on Security Measurements and Metrics
– reference: Xia, C.S., Paltenghi, M., Le Tian, J., Pradel, M., Zhang, L., 2024. Fuzz4all: Universal fuzzing with large language models. In: Proceedings of the IEEE/ACM 46th International Conference on Software Engineering. pp. 1–13.
– volume: 18
  start-page: 2224
  year: 2019
  end-page: 2236
  ident: b74
  article-title: VulDeePecker: A deep learning-based system for multiclass vulnerability detection
  publication-title: IEEE Trans. Dependable Secure Comput.
– year: 2018
  ident: b2
  article-title: The illustrated transformer
– year: 2021
  ident: b36
  article-title: Codexglue: A machine learning benchmark dataset for code understanding and generation
– volume: 30
  year: 2017
  ident: b59
  article-title: Attention is all you need
  publication-title: Adv. Neural Inf. Process. Syst.
– reference: Hu, Y., Wang, S., Li, W., Peng, J., Wu, Y., Zou, D., Jin, H., 2023. Interpreters for GNN-based vulnerability detection: Are we there yet?. In: Proceedings of the 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis. pp. 1407–1419.
– year: 2024
  ident: b64
  article-title: Your instructions are not always helpful: Assessing the efficacy of instruction fine-tuning for software vulnerability detection
– year: 2024
  ident: b44
  article-title: Enabling memory safety of c programs using LLMs
– volume: 140
  year: 2024
  ident: b14
  article-title: Python source code vulnerability detection with named entity recognition
  publication-title: Comput. Secur.
– year: 2023
  ident: b45
  article-title: ChatGPT
– start-page: 645
  year: 2022
  end-page: 665
  ident: b25
  article-title: Automation of vulnerability information extraction using transformer-based language models
  publication-title: European Symposium on Research in Computer Security
– volume: 55
  start-page: 1
  year: 2023
  end-page: 37
  ident: b52
  article-title: Android source code vulnerability detection: a systematic literature review
  publication-title: ACM Comput. Surv.
– reference: Ozturk, O.S., Ekmekcioglu, E., Cetin, O., Arief, B., Hernandez-Castro, J., 2023. New tricks to old codes: can AI chatbots replace static code analysis tools?. In: Proceedings of the 2023 European Interdisciplinary Cybersecurity Conference. pp. 13–18.
– year: 2019
  ident: b71
  article-title: Devign: Effective vulnerability identification by learning comprehensive program semantics via graph neural networks
  publication-title: Proceedings of the 33rd International Conference on Neural Information Processing Systems
– year: 2021
  ident: b56
  article-title: Roformer: Enhanced transformer with rotary position embedding
– volume: 32
  start-page: 1
  year: 2023
  end-page: 38
  ident: b65
  article-title: White-box fuzzing RPC-based APIs with EvoMaster: An industrial case study
  publication-title: ACM Trans. Softw. Eng. Methodol.
– year: 2022
  ident: b8
  article-title: Ofasys: A multi-modal multi-task learning system for building generalist models
– year: 2023
  ident: b7
  article-title: Qwen technical report
– year: 2024
  ident: b4
  article-title: A novel refactoring and semantic aware abstract syntax tree differencing tool and a benchmark for evaluating the accuracy of diff tools
  publication-title: ACM Trans. Softw. Eng. Methodol.
– year: 2024
  ident: b21
  article-title: Abstract syntax trees in python
– year: 2024
  ident: b17
  article-title: Machine learning techniques for python source code vulnerability detection
– reference: Bhandari, G., Naseer, A., Moonen, L., 2021. CVEfixes: automated collection of vulnerabilities and their fixes from open-source software. In: Proceedings of the 17th International Conference on Predictive Models and Data Analytics in Software Engineering. pp. 30–39.
– reference: Mamede, C., Pinconschi, E., Abreu, R., 2022. A transformer-based IDE plugin for vulnerability detection. In: Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering. pp. 1–4.
– volume: 144
  year: 2022
  ident: b60
  article-title: VUDENC: vulnerability detection with deep learning on a natural codebase for python
  publication-title: Inf. Softw. Technol.
– volume: 19
  start-page: 2244
  year: 2021
  end-page: 2258
  ident: b33
  article-title: Sysevr: A framework for using deep learning to detect software vulnerabilities
  publication-title: IEEE Trans. Dependable Secure Comput.
– volume: 16
  start-page: 516
  year: 2022
  end-page: 526
  ident: b57
  article-title: A deep learning-based approach for software vulnerability detection using code metrics
  publication-title: IET Softw.
– year: 2023
  ident: b46
  article-title: GPT-4 Technical Report
– start-page: 757
  year: 2018
  end-page: 762
  ident: b51
  article-title: Automated vulnerability detection in source code using deep representation learning
  publication-title: 2018 17th IEEE International Conference on Machine Learning and Applications
– year: 2024
  ident: b20
  article-title: SecureFalcon: Are we there yet in automated software vulnerability detection with LLMs?
– reference: Kalliamvakou, E., Gousios, G., Blincoe, K., Singer, L., German, D.M., Damian, D., 2014. The promises and perils of mining github. In: Proceedings of the 11th Working Conference on Mining Software Repositories. pp. 92–101.
– year: 2020
  ident: b53
  article-title: Glu variants improve transformer
– year: 2023
  ident: b6
  article-title: Qwen-vl: A versatile vision-language model for understanding, localization, text reading, and beyond
– start-page: 111
  year: 2021
  end-page: 120
  ident: b70
  article-title: D2a: A dataset built for ai-based vulnerability detection methods using differential analysis
  publication-title: 2021 IEEE/ACM 43rd International Conference on Software Engineering: Software Engineering in Practice
– year: 2023
  ident: b38
  article-title: WizardCoder: Empowering code large language models with evol-instruct
– year: 2024
  ident: b40
  article-title: Multi-role consensus through LLMs discussions for vulnerability detection
– year: 2024
  ident: b61
  article-title: A new era in LLM security: Exploring security concerns in real-world LLM-based systems
– volume: 8
  start-page: 579
  year: 2009
  end-page: 588
  ident: b49
  article-title: Multilayer perceptron and neural networks
  publication-title: WSEAS Trans. Circuits Syst.
– year: 2023
  ident: b69
  article-title: A survey of large language models
– start-page: 1084
  year: 2022
  end-page: 1087
  ident: b63
  article-title: Throughput-oriented and accuracy-aware DNN training with bfloat16 on GPU
  publication-title: 2022 IEEE International Parallel and Distributed Processing Symposium Workshops
– volume: Vol. 26
  year: 2013
  ident: b43
  article-title: Distributed representations of words and phrases and their compositionality
  publication-title: Advances in Neural Information Processing Systems
– year: 2017
  ident: b10
  article-title: SARD: Thousands of Reference Programs for Software Assurance
– year: 2020
  ident: b23
  article-title: Graphcodebert: Pre-training code representations with data flow
– start-page: 705
  year: 2021
  end-page: 716
  ident: b72
  article-title: Finding a needle in a haystack: Automated mining of silent vulnerability fixes
  publication-title: 2021 36th IEEE/ACM International Conference on Automated Software Engineering
– reference: Antal, G., Keleti, M., Hegedŭs, P., 2020. Exploring the security awareness of the python and javascript open source communities. In: Proceedings of the 17th International Conference on Mining Software Repositories. pp. 16–20.
– year: 2023
  ident: b58
  article-title: Llama: Open and efficient foundation language models
– year: 2024
  ident: b18
  article-title: ESBMC-python: A bounded model checker for python programs
– year: 2019
  ident: b67
  article-title: Root mean square layer normalization
– year: 2017
  ident: b15
  article-title: Sigmoid-weighted linear units for neural network function approximation in reinforcement learning
– year: 2024
  ident: b66
  article-title: APPT: Boosting automated patch correctness prediction via fine-tuning pre-trained models
  publication-title: IEEE Trans. Softw. Eng.
– volume: 28
  start-page: 59
  year: 2023
  ident: b3
  article-title: Empirical analysis of security vulnerabilities in python packages
  publication-title: Empir. Softw. Eng.
– volume: 36
  year: 2024
  ident: b29
  article-title: Pre-RMSNorm and pre-CRMSNorm transformers: equivalent and efficient pre-LN transformers
  publication-title: Adv. Neural Inf. Process. Syst.
– reference: Li, J., Sangalay, A., Cheng, C., Tian, Y., Yang, J., 2024. Fine Tuning Large Language Model for Secure Code Generation. In: Proceedings of the 2024 IEEE/ACM First International Conference on AI Foundation Models and Software Engineering. pp. 86–90.
– year: 2023
  ident: b55
  article-title: RepairLLaMA: Efficient representations and fine-tuned adapters for program repair
– year: 2021
  ident: b48
  article-title: Cotext: Multi-task learning with code-text transformer
– year: 2024
  ident: b50
  article-title: Code llama: Open foundation models for code
– start-page: 1
  year: 2022
  end-page: 8
  ident: b24
  article-title: Vulberta: Simplified source code pre-training for vulnerability detection
  publication-title: 2022 International Joint Conference on Neural Networks
– year: 2024
  ident: b73
  article-title: Comparison of static application security testing tools and large language models for repo-level vulnerability detection
– year: 2024
  ident: b28
  article-title: Software vulnerability and functionality assessment using llms
– year: 2017
  ident: b31
  article-title: Adam: A method for stochastic optimization
– volume: 24
  start-page: 1
  year: 2023
  end-page: 113
  ident: b13
  article-title: Palm: Scaling language modeling with pathways
  publication-title: J. Mach. Learn. Res.
– year: 2023
  ident: b22
  article-title: How far have we gone in vulnerability detection using large language models
– volume: 212
  year: 2024
  ident: b37
  article-title: GRACE: Empowering LLM-based software vulnerability detection with graph structure and in-context learning
  publication-title: J. Syst. Softw.
– start-page: 376
  year: 2024
  end-page: 380
  ident: b42
  article-title: ESBMC v7. 4: Harnessing the power of intervals: (competition contribution)
  publication-title: International Conference on Tools and Algorithms for the Construction and Analysis of Systems
– year: 2024
  ident: b54
  article-title: Finetuning large language models for vulnerability detection
– year: 2020
  ident: b11
  article-title: Exploring software naturalness through neural language models
– volume: 108
  start-page: 1825
  year: 2020
  end-page: 1848
  ident: b35
  article-title: Software vulnerability detection using deep neural networks: a survey
  publication-title: Proc. IEEE
– year: 2017
  ident: 10.1016/j.cose.2024.104151_b15
– year: 2020
  ident: 10.1016/j.cose.2024.104151_b23
– ident: 10.1016/j.cose.2024.104151_b27
  doi: 10.1145/3597926.3598145
– year: 2020
  ident: 10.1016/j.cose.2024.104151_b19
– year: 2024
  ident: 10.1016/j.cose.2024.104151_b40
– ident: 10.1016/j.cose.2024.104151_b39
  doi: 10.1145/3551349.3559534
– year: 2024
  ident: 10.1016/j.cose.2024.104151_b1
  article-title: On hardware security bug code fixes by prompting large language models
  publication-title: IEEE Trans. Inf. Forensics Secur.
  doi: 10.1109/TIFS.2024.3374558
– start-page: 1
  year: 2022
  ident: 10.1016/j.cose.2024.104151_b24
  article-title: Vulberta: Simplified source code pre-training for vulnerability detection
– year: 2024
  ident: 10.1016/j.cose.2024.104151_b61
– start-page: 376
  year: 2024
  ident: 10.1016/j.cose.2024.104151_b42
  article-title: ESBMC v7. 4: Harnessing the power of intervals: (competition contribution)
– year: 2023
  ident: 10.1016/j.cose.2024.104151_b55
– volume: 55
  start-page: 1
  issue: 9
  year: 2023
  ident: 10.1016/j.cose.2024.104151_b52
  article-title: Android source code vulnerability detection: a systematic literature review
  publication-title: ACM Comput. Surv.
  doi: 10.1145/3556974
– start-page: 7
  year: 2012
  ident: 10.1016/j.cose.2024.104151_b26
  article-title: Software vulnerability prediction using text analysis techniques
– year: 2017
  ident: 10.1016/j.cose.2024.104151_b31
– year: 2019
  ident: 10.1016/j.cose.2024.104151_b67
– year: 2023
  ident: 10.1016/j.cose.2024.104151_b69
– year: 2021
  ident: 10.1016/j.cose.2024.104151_b48
– volume: 16
  start-page: 516
  issue: 5
  year: 2022
  ident: 10.1016/j.cose.2024.104151_b57
  article-title: A deep learning-based approach for software vulnerability detection using code metrics
  publication-title: IET Softw.
  doi: 10.1049/sfw2.12066
– volume: 19
  start-page: 2244
  issue: 4
  year: 2021
  ident: 10.1016/j.cose.2024.104151_b33
  article-title: Sysevr: A framework for using deep learning to detect software vulnerabilities
  publication-title: IEEE Trans. Dependable Secure Comput.
  doi: 10.1109/TDSC.2021.3051525
– volume: 18
  start-page: 2224
  issue: 5
  year: 2019
  ident: 10.1016/j.cose.2024.104151_b74
  article-title: VulDeePecker: A deep learning-based system for multiclass vulnerability detection
  publication-title: IEEE Trans. Dependable Secure Comput.
– year: 2024
  ident: 10.1016/j.cose.2024.104151_b64
– volume: 28
  start-page: 59
  issue: 3
  year: 2023
  ident: 10.1016/j.cose.2024.104151_b3
  article-title: Empirical analysis of security vulnerabilities in python packages
  publication-title: Empir. Softw. Eng.
  doi: 10.1007/s10664-022-10278-4
– volume: 24
  start-page: 1
  issue: 240
  year: 2023
  ident: 10.1016/j.cose.2024.104151_b13
  article-title: Palm: Scaling language modeling with pathways
  publication-title: J. Mach. Learn. Res.
– volume: 30
  start-page: 1
  issue: 3
  year: 2021
  ident: 10.1016/j.cose.2024.104151_b12
  article-title: Deepwukong: Statically detecting software vulnerabilities using deep graph neural network
  publication-title: ACM Trans. Softw. Eng. Methodol. (TOSEM)
  doi: 10.1145/3436877
– ident: 10.1016/j.cose.2024.104151_b62
  doi: 10.1145/3597503.3639121
– volume: 212
  year: 2024
  ident: 10.1016/j.cose.2024.104151_b37
  article-title: GRACE: Empowering LLM-based software vulnerability detection with graph structure and in-context learning
  publication-title: J. Syst. Softw.
  doi: 10.1016/j.jss.2024.112031
– year: 2024
  ident: 10.1016/j.cose.2024.104151_b16
– year: 2019
  ident: 10.1016/j.cose.2024.104151_b71
  article-title: Devign: Effective vulnerability identification by learning comprehensive program semantics via graph neural networks
– year: 2020
  ident: 10.1016/j.cose.2024.104151_b11
– start-page: 1084
  year: 2022
  ident: 10.1016/j.cose.2024.104151_b63
  article-title: Throughput-oriented and accuracy-aware DNN training with bfloat16 on GPU
– volume: 36
  year: 2024
  ident: 10.1016/j.cose.2024.104151_b29
  article-title: Pre-RMSNorm and pre-CRMSNorm transformers: equivalent and efficient pre-LN transformers
  publication-title: Adv. Neural Inf. Process. Syst.
– ident: 10.1016/j.cose.2024.104151_b5
  doi: 10.1145/3379597.3387513
– year: 2024
  ident: 10.1016/j.cose.2024.104151_b18
– ident: 10.1016/j.cose.2024.104151_b68
  doi: 10.1145/3643651.3659892
– ident: 10.1016/j.cose.2024.104151_b47
  doi: 10.1145/3590777.3590780
– year: 2024
  ident: 10.1016/j.cose.2024.104151_b50
– year: 2023
  ident: 10.1016/j.cose.2024.104151_b7
– year: 2023
  ident: 10.1016/j.cose.2024.104151_b6
– year: 2023
  ident: 10.1016/j.cose.2024.104151_b46
– year: 2018
  ident: 10.1016/j.cose.2024.104151_b2
– year: 2024
  ident: 10.1016/j.cose.2024.104151_b21
– year: 2023
  ident: 10.1016/j.cose.2024.104151_b45
– year: 2024
  ident: 10.1016/j.cose.2024.104151_b20
– year: 2023
  ident: 10.1016/j.cose.2024.104151_b58
– start-page: 705
  year: 2021
  ident: 10.1016/j.cose.2024.104151_b72
  article-title: Finding a needle in a haystack: Automated mining of silent vulnerability fixes
– start-page: 757
  year: 2018
  ident: 10.1016/j.cose.2024.104151_b51
  article-title: Automated vulnerability detection in source code using deep representation learning
– volume: 32
  start-page: 1
  issue: 5
  year: 2023
  ident: 10.1016/j.cose.2024.104151_b65
  article-title: White-box fuzzing RPC-based APIs with EvoMaster: An industrial case study
  publication-title: ACM Trans. Softw. Eng. Methodol.
  doi: 10.1145/3585009
– year: 2024
  ident: 10.1016/j.cose.2024.104151_b28
– year: 2024
  ident: 10.1016/j.cose.2024.104151_b44
– ident: 10.1016/j.cose.2024.104151_b32
  doi: 10.1145/3650105.3652299
– volume: 108
  start-page: 1825
  issue: 10
  year: 2020
  ident: 10.1016/j.cose.2024.104151_b35
  article-title: Software vulnerability detection using deep neural networks: a survey
  publication-title: Proc. IEEE
  doi: 10.1109/JPROC.2020.2993293
– year: 2024
  ident: 10.1016/j.cose.2024.104151_b41
– year: 2021
  ident: 10.1016/j.cose.2024.104151_b56
– year: 2024
  ident: 10.1016/j.cose.2024.104151_b66
  article-title: APPT: Boosting automated patch correctness prediction via fine-tuning pre-trained models
  publication-title: IEEE Trans. Softw. Eng.
– year: 2021
  ident: 10.1016/j.cose.2024.104151_b36
– ident: 10.1016/j.cose.2024.104151_b30
  doi: 10.1145/2597073.2597074
– year: 2024
  ident: 10.1016/j.cose.2024.104151_b4
  article-title: A novel refactoring and semantic aware abstract syntax tree differencing tool and a benchmark for evaluating the accuracy of diff tools
  publication-title: ACM Trans. Softw. Eng. Methodol.
– year: 2020
  ident: 10.1016/j.cose.2024.104151_b53
– year: 2024
  ident: 10.1016/j.cose.2024.104151_b54
– volume: 8
  start-page: 579
  issue: 7
  year: 2009
  ident: 10.1016/j.cose.2024.104151_b49
  article-title: Multilayer perceptron and neural networks
  publication-title: WSEAS Trans. Circuits Syst.
– start-page: 111
  year: 2021
  ident: 10.1016/j.cose.2024.104151_b70
  article-title: D2a: A dataset built for ai-based vulnerability detection methods using differential analysis
– volume: 144
  year: 2022
  ident: 10.1016/j.cose.2024.104151_b60
  article-title: VUDENC: vulnerability detection with deep learning on a natural codebase for python
  publication-title: Inf. Softw. Technol.
  doi: 10.1016/j.infsof.2021.106809
– year: 2024
  ident: 10.1016/j.cose.2024.104151_b73
– year: 2023
  ident: 10.1016/j.cose.2024.104151_b22
– year: 2022
  ident: 10.1016/j.cose.2024.104151_b8
– volume: Vol. 26
  year: 2013
  ident: 10.1016/j.cose.2024.104151_b43
  article-title: Distributed representations of words and phrases and their compositionality
– volume: 30
  year: 2017
  ident: 10.1016/j.cose.2024.104151_b59
  article-title: Attention is all you need
  publication-title: Adv. Neural Inf. Process. Syst.
– ident: 10.1016/j.cose.2024.104151_b9
  doi: 10.1145/3475960.3475985
– start-page: 645
  year: 2022
  ident: 10.1016/j.cose.2024.104151_b25
  article-title: Automation of vulnerability information extraction using transformer-based language models
– year: 2017
  ident: 10.1016/j.cose.2024.104151_b10
– year: 2024
  ident: 10.1016/j.cose.2024.104151_b17
– volume: 140
  year: 2024
  ident: 10.1016/j.cose.2024.104151_b14
  article-title: Python source code vulnerability detection with named entity recognition
  publication-title: Comput. Secur.
  doi: 10.1016/j.cose.2024.103802
– year: 2023
  ident: 10.1016/j.cose.2024.104151_b38
– year: 2018
  ident: 10.1016/j.cose.2024.104151_b34
  article-title: VulDeePecker: A deep learning-based system for vulnerability detection
SSID ssj0017688
Score 2.431338
Snippet Identifying vulnerabilities in software code is crucial for ensuring the security of modern systems. However, manual detection requires expert knowledge and is...
SourceID crossref
elsevier
SourceType Enrichment Source
Index Database
Publisher
StartPage 104151
SubjectTerms Codebase
Generative pre-trained transformers
Large language model
Security
Software security
Static analysis
Vulnerability detection
Title SecureQwen: Leveraging LLMs for vulnerability detection in python codebases
URI https://dx.doi.org/10.1016/j.cose.2024.104151
Volume 148
hasFullText 1
inHoldings 1
isFullTextHit
isPrint
journalDatabaseRights – providerCode: PRVESC
  databaseName: Baden-Württemberg Complete Freedom Collection (Elsevier)
  issn: 0167-4048
  databaseCode: GBLVA
  dateStart: 20110101
  customDbUrl:
  isFulltext: true
  dateEnd: 99991231
  titleUrlDefault: https://www.sciencedirect.com
  omitProxy: true
  ssIdentifier: ssj0017688
  providerName: Elsevier
– providerCode: PRVESC
  databaseName: Elsevier SD Complete Freedom Collection [SCCMFC]
  issn: 0167-4048
  databaseCode: ACRLP
  dateStart: 19950101
  customDbUrl:
  isFulltext: true
  dateEnd: 99991231
  titleUrlDefault: https://www.sciencedirect.com
  omitProxy: true
  ssIdentifier: ssj0017688
  providerName: Elsevier
– providerCode: PRVESC
  databaseName: Elsevier SD Freedom Collection
  issn: 0167-4048
  databaseCode: .~1
  dateStart: 19950101
  customDbUrl:
  isFulltext: true
  dateEnd: 99991231
  titleUrlDefault: https://www.sciencedirect.com
  omitProxy: true
  ssIdentifier: ssj0017688
  providerName: Elsevier
– providerCode: PRVESC
  databaseName: Elsevier SD Freedom Collection Journals [SCFCJ]
  issn: 0167-4048
  databaseCode: AIKHN
  dateStart: 19950101
  customDbUrl:
  isFulltext: true
  dateEnd: 99991231
  titleUrlDefault: https://www.sciencedirect.com
  omitProxy: true
  ssIdentifier: ssj0017688
  providerName: Elsevier
– providerCode: PRVLSH
  databaseName: Elsevier Journals
  issn: 0167-4048
  databaseCode: AKRWK
  dateStart: 19820101
  customDbUrl:
  isFulltext: true
  mediaType: online
  dateEnd: 99991231
  omitProxy: true
  ssIdentifier: ssj0017688
  providerName: Library Specific Holdings
link http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwnV1LSwMxEA6lXrz4Fp8lB2-ydrN57K63UizVPkC00NuSZCNUylpsq_Tib3eSzRYF6cHrksAyO5n5JvvNfAhdaZFybSIRwNfNA8aoDlSo4iDmSvNEAsYgtsF5MBTdEXsY83ENtateGEur9LG_jOkuWvsnTW_N5mwyaT45Aj04oGVBWlxiO9hZbFUMbr7WNA8CcDpZz_eG1b5xpuR4WU441IgRs786CSd_J6cfCaezh3Y8UsSt8mX2Uc0UB2i3UmHA_lAeop67MjePn6a4xX0DrumEh3C_P5hjgKT4Yzm1o6UdC3aFc7Nw7KsCTwo8W9nRAdj2tdt0Nj9Co87dc7sbeImEQNMwXASSCQkYSqYKcBQkJAb1iQ6JoYYmOZfCJJQChDGhlCJXNGeJZDISlCgSqxTA2zGqF2-FOUHYABZJkzTWBCo-koSSS5bHlFOhX9I8VqeIVLbJtJ8fbmUspllFFHvNrD0za8-stOcpul7vmZXTMzau5pXJs18-kEF437Dv7J_7ztF2ZNV83YXKBaov3pfmEiDGQjWcDzXQVuu-1x1-Aw1gzgw
linkProvider Elsevier
linkToHtml http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwnV1LSwMxEA61HvTiW6zPHLzJ2s0m2Yc3KZZqtwWxhd5Cko1QKWuxrdKLv91JdrcoiAevSwLLt5OZb7LfzCB0qcOEaxOEHnzdzGOMak_5KvIirjSPJXAMYguce_2wM2QPIz6qoVZVC2NllaXvL3y689blk2aJZnM6HjefnIAeDNCqIC0vWUPrjAeRzcCuP1c6DwJ8Ol41-IblZeVMIfKyonBIEgNm_3USTn6PTt8iTnsHbZVUEd8Wb7OLaibfQ9vVGAZcnsp91HV35ubxw-Q3ODVgm27yEE7T3gwDJ8Xvi4ntLe1ksEucmbmTX-V4nOPp0vYOwLaw3caz2QEatu8GrY5XzkjwNPX9uSdZKIFEyUQBkYKIxCBB0T4x1NA44zI0MaXAYYwvZZgpmrFYMhmElCgSqQTY2yGq56-5OULYABlJ4iTSBFI-EvuSS5ZFlNNQPydZpBqIVNgIXTYQt3MsJqJSir0Ii6eweIoCzwa6Wu2ZFu0z_lzNK8jFDyMQ4N__2Hf8z30XaKMz6KUive93T9BmYEf7utuVU1Sfvy3MGfCNuTp39vQFBI3PoQ
openUrl ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=SecureQwen%3A+Leveraging+LLMs+for+vulnerability+detection+in+python+codebases&rft.jtitle=Computers+%26+security&rft.au=Mechri%2C+Abdechakour&rft.au=Ferrag%2C+Mohamed+Amine&rft.au=Debbah%2C+Merouane&rft.date=2025-01-01&rft.issn=0167-4048&rft.volume=148&rft.spage=104151&rft_id=info:doi/10.1016%2Fj.cose.2024.104151&rft.externalDBID=n%2Fa&rft.externalDocID=10_1016_j_cose_2024_104151
thumbnail_l http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=0167-4048&client=summon
thumbnail_m http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=0167-4048&client=summon
thumbnail_s http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=0167-4048&client=summon