Internetware 2025
Fri 20 - Sun 22 June 2025 Trondheim, Norway
co-located with FSE 2025
Sat 21 Jun 2025 14:15 - 14:30 at Cosmos 3A - Session5: Software Vulnerability and Security II Chair(s): Chuanyi Li

Software code vulnerabilities refer to weaknesses in code that can be exploited, leading to severe consequences such as unauthorized information disclosure and cyber extortion. The growing magnitude of this issue is highlighted by recent statistics: in the first quarter of 2022, the US National Vulnerability Database (NVD) reported 8,051 vulnerabilities, a 25% increase from the previous year. Additionally, a study found that 81% of 2,409 analyzed codebases contained at least one known open-source vulnerability.The widespread nature and increasing number of these vulnerabilities underscore the urgent need for robust automated vulnerability detection mechanisms. Implementing such systems is crucial for enhancing software security and preventing a range of potential threats.Existing literature on vulnerability detection models can be broadly categorized into two main types: (1) traditional detection models, (2) deep learning (DL)-based models .Traditional detection models often require experts to manually develop detection rules.This approach is labor-intensive and struggle to maintaining low rates of false positives and false negatives. In contrast, deep learning (DL)-based detection methods learn vulnerability patterns from training datasets, eliminating the need for manual heuristics and enabling autonomous feature identification.They avoid manual heuristic methods and autonomously learn and identify vulnerability features.

Sat 21 Jun

Displayed time zone: Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna change

14:00 - 15:30
Session5: Software Vulnerability and Security IINew Idea Track / Research Track at Cosmos 3A
Chair(s): Chuanyi Li Nanjing University
14:00
15m
Talk
Devmp: A Virtual Instruction Extraction Method for Commercial Code Virtualization Obfuscators
Research Track
Shenqianqian Zhang Key Laboratory of Cyberspace Security, Ministry of Education, Weiyu Dong Information Engineering University, Jian Lin Information Engineering University
14:15
15m
Talk
Line-level Semantic Structure Learning for Code Vulnerability Detection
Research Track
Ziliang Wang Peking University, Ge Li Peking University, Jia Li Tsinghua University, Yihong Dong Peking University, Yingfei Xiong Peking University, Zhi Jin Peking University
14:30
15m
Talk
SLVHound: Static Detection of Session Lingering Vulnerabilities in Modern Java Web ApplicationsACM SIGSOFT  Distinguished Paper Award
Research Track
Haining Meng SKLP, Institute of Computing Technology, CAS, China; University of Chinese Academy of Sciences, China, Jie Lu SKLP, Institute of Computing Technology, CAS, China; University of Chinese Academy of Sciences, China, Yongheng Huang Institute of Computing Technology at Chinese Academy of Sciences; University of Chinese Academy of Sciences, Lian Li Institute of Computing Technology at Chinese Academy of Sciences; University of Chinese Academy of Sciences
14:45
15m
Talk
Def-VAE: Identifying Adversarial Inputs with Robust Latent Representations
Research Track
Chengye Li Institute of Software, Chinese Academy of Sciences, Changshun Wu Université Grenoble Alpes, Rongjie Yan Institute of Software at Chinese Academy of Sciences; University of Chinese Academy of Sciences
15:00
15m
Talk
Fuzzing for Stateful Protocol Programs Based on Constraints between States and Message Types
Research Track
Kunpeng Jian Institute of Information Engineering, Chinese Academy of Sciences, Yanyan Zou Institute of Information Engineering, Chinese Academy of Sciences, Menghao Li Institute of Information Engineering, Chinese Academy of Sciences, Wei Huo Institute of Information Engineering at Chinese Academy of Sciences
15:15
10m
Talk
PriceSleuth: Detecting DeFi Price Manipulation Attacks in Smart Contracts Using LLM and Static Analysis
New Idea Track
Hao Wu Xi'an JiaoTong University, Haijun Wang Xi'an Jiaotong University, Shangwang Li Xi'an Jiaotong University, Yin Wu Xi'an Jiaotong University, Ming Fan Xi'an Jiaotong University, Yitao Zhao Yunnan Power Grid Co., Ltd, Ting Liu Xi'an Jiaotong University
Pre-print

Information for Participants
Sat 21 Jun 2025 14:00 - 15:30 at Cosmos 3A - Session5: Software Vulnerability and Security II Chair(s): Chuanyi Li
Info for room Cosmos 3A:

Cosmos 3A is the first room in the Cosmos 3 wing.

When facing the main Cosmos Hall, access to the Cosmos 3 wing is on the left, close to the stairs. The area is accessed through a large door with the number “3”, which will stay open during the event.

:
:
:
: