Alessandro Morari
YOU?
Author Swipe
View article: Analyzing source code vulnerabilities in the D2A dataset with ML ensembles and C-BERT
Analyzing source code vulnerabilities in the D2A dataset with ML ensembles and C-BERT Open
Static analysis tools are widely used for vulnerability detection as they can analyze programs with complex behavior and millions of lines of code. Despite their popularity, static analysis tools are known to generate an excess of false po…
View article: CONCORD: Clone-aware Contrastive Learning for Source Code
CONCORD: Clone-aware Contrastive Learning for Source Code Open
Deep Learning (DL) models to analyze source code have shown immense promise during the past few years. More recently, self-supervised pre-training has gained traction for learning generic code representations valuable for many downstream S…
View article: Incorporating Signal Awareness in Source Code Modeling: An Application to Vulnerability Detection
Incorporating Signal Awareness in Source Code Modeling: An Application to Vulnerability Detection Open
AI models of code have made significant progress over the past few years. However, many models are actually not learning task-relevant source code features. Instead, they often fit non-relevant but correlated data, leading to a lack of rob…
View article: Automated Code generation for Information Technology Tasks in YAML through Large Language Models
Automated Code generation for Information Technology Tasks in YAML through Large Language Models Open
The recent improvement in code generation capabilities due to the use of large language models has mainly benefited general purpose programming languages. Domain specific languages, such as the ones used for IT Automation, have received fa…
View article: Global virtual address space consistency model
Global virtual address space consistency model Open
An approach is disclosed that maintains a consistent view of a virtual address by a local node which writes a first value to the virtual address and, after writing the first value, establishes a snapshot consistency state of the virtual ad…
View article: System and method of storing and analyzing information
System and method of storing and analyzing information Open
A system and method of storing and analyzing information is disclosed. The system includes a compiler layer to convert user queries to data parallel executable code. The system further includes a library of multithreaded algorithms, proces…
View article: Towards Learning (Dis)-Similarity of Source Code from Program Contrasts
Towards Learning (Dis)-Similarity of Source Code from Program Contrasts Open
Yangruibo Ding, Luca Buratti, Saurabh Pujar, Alessandro Morari, Baishakhi Ray, Saikat Chakraborty. Proceedings of the 60th Annual Meeting of the Association for Computational Linguistics (Volume 1: Long Papers). 2022.
View article: VELVET: a noVel Ensemble Learning approach to automatically locate VulnErable sTatements
VELVET: a noVel Ensemble Learning approach to automatically locate VulnErable sTatements Open
Automatically locating vulnerable statements in source code is crucial to assure software security and alleviate developers' debugging efforts. This becomes even more important in today's software ecosystem, where vulnerable code can flow …
View article: Data-Driven AI Model Signal-Awareness Enhancement and Introspection
Data-Driven AI Model Signal-Awareness Enhancement and Introspection Open
AI modeling for source code understanding tasks has been making significant progress, and is being adopted in production development pipelines. However, reliability concerns, especially whether the models are actually learning task-related…
View article: Data-Driven and SE-assisted AI Model Signal-Awareness Enhancement and Introspection
Data-Driven and SE-assisted AI Model Signal-Awareness Enhancement and Introspection Open
AI modeling for source code understanding tasks has been making significant progress, and is being adopted in production development pipelines. However, reliability concerns, especially whether the models are actually learning task-related…
View article: Towards Learning (Dis)-Similarity of Source Code from Program Contrasts
Towards Learning (Dis)-Similarity of Source Code from Program Contrasts Open
Understanding the functional (dis)-similarity of source code is significant for code modeling tasks such as software vulnerability and code clone detection. We present DISCO(DIS-similarity of COde), a novel self-supervised model focusing o…
View article: Contrastive Learning for Source Code with Structural and Functional Properties
Contrastive Learning for Source Code with Structural and Functional Properties Open
Pre-trained transformer models have recently shown promises for understanding the source code. Most existing works expect to understand code from the textual features and limited structural knowledge of code. However, the program functiona…
View article: Software Vulnerability Detection via Deep Learning over Disaggregated Code Graph Representation
Software Vulnerability Detection via Deep Learning over Disaggregated Code Graph Representation Open
Identifying vulnerable code is a precautionary measure to counter software security breaches. Tedious expert effort has been spent to build static analyzers, yet insecure patterns are barely fully enumerated. This work explores a deep lear…
View article: Probing model signal-awareness via prediction-preserving input minimization
Probing model signal-awareness via prediction-preserving input minimization Open
This work explores the signal awareness of AI models for source code understanding. Using a software vulnerability detection use case, we evaluate the models' ability to capture the correct vulnerability signals to produce their prediction…
View article: D2A: A Dataset Built for AI-Based Vulnerability Detection Methods Using Differential Analysis
D2A: A Dataset Built for AI-Based Vulnerability Detection Methods Using Differential Analysis Open
Static analysis tools are widely used for vulnerability detection as they understand programs with complex behavior and millions of lines of code. Despite their popularity, static analysis tools are known to generate an excess of false pos…
View article: Exploring Software Naturalness through Neural Language Models
Exploring Software Naturalness through Neural Language Models Open
The Software Naturalness hypothesis argues that programming languages can be understood through the same techniques used in natural language processing. We explore this hypothesis through the use of a pre-trained transformer-based language…
View article: Learning to map source code to software vulnerability using code-as-a-graph
Learning to map source code to software vulnerability using code-as-a-graph Open
We explore the applicability of Graph Neural Networks in learning the nuances of source code from a security perspective. Specifically, whether signatures of vulnerabilities in source code can be learned from its graph representation, in t…
View article: High level synthesis of RDF queries for graph analytics
High level synthesis of RDF queries for graph analytics Open
In this paper we present a set of techniques that enable the synthesis of efficient custom accelerators for memory intensive, irregular applications. To address the challenges of irregular applications (large memory footprint, unpredictabl…