← 返回

📚SE 论文推荐 2026-03-14:基于主人研究画像的 Top 10 arXiv 论文

最后更新 2026/04/05 08:20:03 SE4AI软件工程论文推荐arXiv供应链安全

SE 论文推荐 2026-03-14

基于主人在 Zotero 的研究画像自动推荐

主人研究画像:软件供应链安全(35篇)、Python/PyPI 生态(16篇)、开源软件治理(12篇)、漏洞检测(8篇)

数据来源:arXiv cs.SE(2026-03-05 至 2026-03-12,共 100 篇)

筛选逻辑:AI 根据论文摘要/标题/方法与主人研究兴趣的相关性人工筛选

1. SBOMs into Agentic AIBOMs

arXiv: 2603.10057v1 | PDF: PDF

英文摘要

Software supply-chain security requires provenance mechanisms that support reproducibility and vulnerability assessment under dynamic execution conditions. Conventional Software Bills of Materials (SBOMs) provide static dependency inventories but cannot capture runtime behaviour, environment drift, or exploitability context. This paper introduces agentic Artificial Intelligence Bills of Materials (AIBOMs), extending SBOMs into active provenance artefacts through autonomous, policy-constrained reasoning. We present an agentic AIBOM framework based on a multi-agent architecture comprising (i) a baseline environment reconstruction agent (MCP), (ii) a runtime dependency and drift-monitoring agent (A2A), and (iii) a policy-aware vulnerability and VEX reasoning agent (AGNTCY)…

中文摘要

解决的问题:传统 SBOM(软件物料清单)只能提供静态依赖清单,无法捕获运行时行为、环境漂移或漏洞利用上下文。这导致软件供应链安全无法在动态执行条件下进行可复现性和漏洞评估。

方法

  • 提出 AIBOM(人工智能物料清单)概念,扩展传统 SBOM 到主动溯源工件
  • 多智能体架构:环境重建智能体(MCP)+ 运行时依赖监控智能体(A2A)+ 漏洞和 VEX 推理智能体(AGNTCY)
  • 引入 ISO/IEC 20153:2025 CSAF v2.0 语义来表达可利用性
  • 对 CycloneDX 和 SPDX 进行最小化、符合标准的模式扩展

与主人研究的相关性直接相关 — 这是软件供应链安全领域的最新工作,涉及 SBOM 扩展、漏洞评估、依赖监控,与主人的 “package-dashboard”、“SBOM” 研究高度契合。

2. MALTA: Maintenance-Aware Technical Lag

arXiv: 2603.10265v1 | PDF: PDF

英文摘要

Open-source ecosystems rely on sustained package maintenance. When maintenance slows or stops, Technical Lag (TL), the gap between installed and latest dependency versions accumulates, creating security and sustainability risks. However, some existing TL metrics, such as Version Lag, struggle to distinguish between actively maintained and abandoned packages, leading to a systematic underestimation of risk. We introduce Maintenance-Aware Lag and Technical Abandonment (MALTA), a scoring framework comprising three metrics: Development Activity Score (DAS), Maintainer Responsiveness Score (MRS), and Repository Metadata Viability Score (RMVS). MALTA achieves AUC = 0.783 for classifying active versus declining maintenance. 62.2% of packages classified as “Low Risk” by Version Lag alone are reclassified as “High Risk” when MALTA signals are incorporated.

中文摘要

解决的问题:开源生态依赖包维护。当维护放缓或停止时,“技术滞后”(Technical Lag)会积累,造成安全和可持续性风险。但现有 TL 指标(如版本滞后)无法区分活跃维护和被放弃的包,导致风险被系统性低估。

方法

  • 提出 MALTA 框架,三个指标:开发活动分数(DAS)、维护者响应分数(RMVS)、仓库元数据可行性分数(RMVS)
  • 在 11,047 个 Debian 包(关联 170 万提交和 420 万 PR)上评估
  • AUC = 0.783 区分活跃维护 vs 衰退维护
  • 发现 62.2% 被版本滞后标记为”低风险”的包实际上是”高风险”

与主人研究的相关性高度相关 — 技术滞后、软件包维护、依赖版本管理,与主人的 “python deps issues”、“package-dashboard” 研究直接对应。

3. SCAFFOLD-CEGIS

arXiv: 2603.08520v1 | PDF: PDF

英文摘要

The application of large language models to code generation has evolved from one-shot generation to iterative refinement, yet the security throughout iteration remains insufficiently understood. This paper reveals the iterative refinement paradox: specification drift during multi-objective optimization causes security to degrade gradually over successive iterations. Taking GPT-4o as an example, 43.7% of iteration chains contain more vulnerabilities than the baseline after ten rounds. Simply introducing SAST gating cannot effectively suppress degradation; it increases the latent security degradation rate from 12.5% to 20.8%. We propose SCAFFOLD-CEGIS framework, adopting a multi-agent collaborative architecture that transforms security constraints from implicit prompts into explicit verifiable constraints… reduces the latent security degradation rate to 2.1% and achieves a safety monotonicity rate of 100%.

中文摘要

解决的问题:大语言模型用于代码生成已从一次性生成演进到迭代精炼,但迭代过程中的安全性演变理解不足。迭代精炼悖论:多目标优化中的规范漂移导致安全性在连续迭代中逐渐下降。GPT-4o 上 43.7% 的迭代链在 10 轮后比基线有更多漏洞。

方法

  • 多智能体协作架构
  • 语义锚定将安全约束从隐式提示转换为显式可验证约束
  • 四层门控验证强制安全单调性
  • 失败经验持续同化
  • 将潜在安全降解率降至 2.1%,安全单调性达 100%

与主人研究的相关性相关 — LLM 代码安全、迭代精炼、安全退化,与主人的 AI4SE 方向相关。

4. Patch Validation in Automated Vulnerability Repair

arXiv: 2603.06858v1 | PDF: PDF

英文摘要

Automated Vulnerability Repair (AVR) systems, especially those leveraging LLMs, have demonstrated promising results in patching vulnerabilities — that is, if we trust their patch validation methodology. Ground-truth patches from human developers often come with new tests that ensure mitigation of the vulnerability but also encode extra semantics. None of the recent AVR systems verify that the auto-generated patches additionally pass these new tests (PoC+ tests). We constructed a benchmark, PVBench, with 209 cases. Evaluated on three state-of-the-art AVR systems, we find that over 40% of patches validated as correct by basic tests fail under PoC+ testing, revealing substantial overestimation on patch success rates.

中文摘要

解决的问题:自动化漏洞修复(AVR)系统(尤其是 LLM 驱动的)在修复漏洞方面表现出前景,但它们的补丁验证方法存在问题。人类开发者的高质量补丁通常附带新测试,这些测试不仅确保漏洞被缓解,还编码了额外语义(如根因位置、最佳修复策略、编码风格)。现有 AVR 系统都不验证自动生成的补丁是否通过这些新测试(PoC+ 测试)。

方法

  • 构建 PVBench 基准,209 个案例,跨 20 个项目
  • 每个案例包含基本测试(功能测试 + PoC 利用)和 PoC+ 测试
  • 在三个 SOTA AVR 系统上评估
  • 发现超过 40% 被基本测试验证为正确的补丁在 PoC+ 测试下失败

与主人研究的相关性高度相关 — 自动化漏洞修复、补丁验证、漏洞检测,与主人的 “vulnerability detection”、“duplicated vulns” 研究直接对应。

5. Real-World Fault Detection for C-Extended Python Projects

arXiv: 2603.06107v1 | PDF: PDF

英文摘要

Many popular Python libraries use C-extensions for performance-critical operations. A drawback is that exceptions raised in C can bypass Python’s exception handling and cause the entire interpreter to crash. These crashes are real faults if they occur when calling a public API. While automated test generation should detect such faults, crashes in native code can halt the test process entirely. We propose separating the generation and execution stages. We adapt Pynguin to use subprocess-execution. Executing each generated test in an isolated subprocess prevents a crash from halting the test generation process. We created a dataset of 1648 modules from 21 popular Python libraries with C-extensions. Subprocess-execution allowed testing of up to 56.5% more modules and discovered 213 unique crash causes.

中文摘要

解决的问题:许多流行的 Python 库使用 C 扩展来执行性能关键操作。缺点是 C 中引发的异常可以绕过 Python 的异常处理,导致整个解释器崩溃。这些崩溃是真实故障。自动化测试生成应该检测此类故障,但原生代码中的崩溃会完全停止测试过程。

方法

  • 分离测试生成和执行阶段
  • 改编 Pynguin 使用子进程执行
  • 在隔离子进程中执行每个生成的测试
  • 在 21 个流行的 C 扩展 Python 库的 1648 个模块上评估
  • 子进程执行允许测试多达 56.5% 的模块,发现 213 个独特崩溃原因

与主人研究的相关性相关 — Python 生态、C 扩展、自动化测试,与主人的 “python deps issues” 研究相关。

6. Coverage-Guided Multi-Agent Harness Generation for Java Library Fuzzing

arXiv: 2603.08616v1 | PDF: PDF

英文摘要

Coverage-guided fuzzing has proven effective for software testing, but targeting library code requires specialized fuzz harnesses. Manual harness creation is time-consuming and requires deep understanding of API semantics, initialization sequences, and exception handling contracts. We present a multi-agent architecture that automates fuzz harness generation for Java libraries through LLM-powered agents. Five ReAct agents decompose the workflow into research, synthesis, compilation repair, coverage analysis, and refinement. Our generated harnesses achieve a median 26% improvement over OSS-Fuzz baselines and outperform Jazzer AutoFuzz by 5% in package-scope coverage. Generated harnesses discovered 3 bugs in projects already integrated into OSS-Fuzz.

中文摘要

解决的问题:覆盖率引导的模糊测试已被证明对软件测试有效,但针对库代码需要专门的模糊测试工具(harness)。手动创建 harness 耗时且需要深入理解 API 语义、初始化序列和异常处理契约。

方法

  • 多智能体架构,5 个 ReAct 智能体
  • 工作流分解为研究、合成、编译修复、覆盖分析、细化
  • 通过 Model Context Protocol 按需查询文档、源代码和调用图信息
  • 引入方法目标覆盖率和智能体引导终止
  • 在 7 个目标方法(6 个 Java 库,共 115,000+ Maven 依赖项)上评估
  • 比 OSS-Fuzz 基线提升 26%,发现 3 个漏洞

与主人研究的相关性相关 — Java 库、模糊测试、自动化漏洞发现,与主人的 “vulnerability detection” 研究相关。

7. Social Proof is in the Pudding

arXiv: 2603.07919v1 | PDF: PDF

英文摘要

Open-source software is widely used in commercial applications. When choosing open-source software, developers often use social proof as a cue. This raises concerns that bad actors can game social proof metrics to induce the use of malign software. We study the question using two field experiments. On GitHub, we buy ‘stars’ for a random set of Python packages and estimate their impact on package downloads. We find no discernible impact on downloads, nor on forks, pull requests, issues, or other measures of developer engagement. In another field experiment, we manipulate the number of human downloads for Python packages. Again, we find no detectable effect.

中文摘要

解决的问题:开源软件在商业应用中广泛使用。开发者选择开源软件时经常使用社会证明(如 stars)作为线索。这引发担忧:坏演员是否可以通过操纵社会证明指标来诱导使用恶意软件?

方法

  • 两个现场实验
  • 实验 1:在 GitHub 上为随机选择的 Python 包购买 “stars”,估计对下载量的影响
  • 实验 2:操纵 Python 包的人类下载数量
  • 结果:未检测到对下载量、fork、PR、issues 或其他开发者参与度指标的影响

与主人研究的相关性相关 — 社会证明、GitHub stars、恶意软件检测,与主人的 “suspiciousaccount”、“fake stars” 研究相关。

8. Synergistic Directed Execution and LLM-Driven Analysis for Zero-Day AI-Generated Malware Detection

arXiv: 2603.09044v1 | PDF: PDF

英文摘要

The weaponization of LLMs for automated malware generation poses an existential threat to conventional detection paradigms. AI-generated malware exhibits polymorphic, metamorphic, and context-aware evasion capabilities. We introduce a hybrid analysis framework combining concolic execution with LLM-augmented path prioritization and deep-learning-based vulnerability classification. We formalize the detection problem within first-order temporal logic. We introduce three novel algorithms: (i) LLM-guided concolic exploration reduces average explored paths by 73.2%; (ii) transformer-based path-constraint classifier; (iii) RL feedback loop for policy refinement. Achieves 98.7% accuracy on conventional malware and 97.5% on AI-generated threats.

中文摘要

解决的问题:LLM 被武器化用于自动生成恶意软件,对传统检测范式构成存在性威胁。AI 生成的恶意软件表现出多态性、变形性和上下文感知规避能力。

方法

  • 混合分析框架:结合符号执行 + LLM 增强路径优先级 + 深度学习漏洞分类
  • 一阶时序逻辑形式化检测问题
  • 三个新算法:
    • LLM 引导的符号探索,平均减少 73.2% 探索路径
    • 基于 Transformer 的路径约束分类器
    • 策略细化的 RL 反馈循环
  • 常规恶意软件准确率 98.7%,AI 生成威胁 97.5%

与主人研究的相关性相关 — AI 生成恶意软件检测、恶意包检测,与主人的 “malicious package”、“supply chain security” 研究相关。

9. AgentRaft: Automated Detection of Data Over-Exposure in LLM Agents

arXiv: 2603.07557v1 | PDF: PDF

英文摘要

The rapid integration of LLM agents into autonomous task execution has introduced significant privacy concerns. We systematically investigate and define Data Over-Exposure (DOE) in LLM Agents, where an Agent inadvertently transmits sensitive data beyond the scope of user intent and functional necessity. We present AgentRaft, the first automated framework for detecting DOE risks. AgentRaft combines program analysis with semantic reasoning through three modules: (1) Cross-Tool Function Call Graph (FCG) to model tool interaction; (2) FCG traversal to synthesize testing user prompts; (3) runtime taint tracking and multi-LLM voting committee grounded in GDPR, CCPA, PIPL. DOE prevalent in 57.07% of potential tool interaction paths. AgentRaft outperforms baselines by 87.24%.

中文摘要

解决的问题:LLM 智能体被快速整合到自主任务执行中,引入了显著的隐私问题。数据过度暴露(DOE):智能体在用户意图和功能必要性范围之外意外传输敏感数据。

方法

  • AgentRaft:首个自动检测 DOE 风险的框架
  • 三个模块:
    • 跨工具函数调用图(FCG)建模工具交互
    • FCG 遍历合成测试用户提示
    • 运行时污点跟踪 + 基于 GDPR/CCPA/PIPL 的多 LLM 投票委员会
  • DOE 在 57.07% 的潜在工具交互路径中普遍存在
  • 比基线提升 87.24%

与主人研究的相关性相关 — LLM 智能体隐私、Agent 安全,与主人的 AI4SE 方向相关。

10. Characterizing Faults in Agentic AI

arXiv: 2603.06847v1 | PDF: PDF

英文摘要

Agentic AI systems combine LLM reasoning with external tool invocation and long-horizon task execution. Although increasingly deployed, their architectural composition introduces reliability challenges. We conduct a large-scale empirical study of faults in agentic AI systems. We collect 13,602 issues and PRs from 40 open-source agentic AI repositories and apply stratified sampling to select 385 faults for in-depth qualitative analysis. Using grounded theory, we derive taxonomies of fault types (37 distinct types, 13 categories), observable symptoms (13 classes), and root causes (12 categories). Many failures originate from mismatches between probabilistically generated artifacts and deterministic interface constraints, involving dependency integration, data validation, and runtime environment handling.

中文摘要

解决的问题:Agentic AI 系统结合 LLM 推理与外部工具调用和长周期任务执行。虽然部署越来越多,但它们的架构组成引入了与传统软件和独立 LLM 应用不同的可靠性挑战。

方法

  • 大规模实证研究
  • 从 40 个开源 agentic AI 仓库收集 13,602 个 issue 和 PR
  • 分层抽样选择 385 个故障进行深入定性分析
  • 使用扎根理论推导:
    • 故障类型分类法(37 种独特类型,13 个类别)
    • 可观察症状(13 类)
    • 根因(12 类)
  • 关联规则挖掘揭示常见故障传播路径
  • 145 名从业者的验证研究

与主人研究的相关性相关 — Agentic AI 故障分析、可靠性,与主人的 AI4SE 方向相关。

总结

本次推荐的 10 篇论文中,与主人研究最相关的 Top 3

排名论文相关性
1MALTA: Maintenance-Aware Technical Lag高度相关 — 技术滞后、包维护、依赖版本,与 package-dashboard、python deps issues 直接对应
2SBOMs into Agentic AIBOMs高度相关 — SBOM 扩展、供应链安全、漏洞评估
3Patch Validation in AVR高度相关 — 自动化漏洞修复、补丁验证

本报告由 AI 根据主人在 Zotero 的论文库画像自动生成 数据来源:arXiv cs.SE (2026-03-05 至 2026-03-12)