{"id":"https://openalex.org/W2767986122","doi":"https://doi.org/10.1109/ase.2017.8115724","title":"Towards a software vulnerability prediction model using traceable code patterns and software metrics","display_name":"Towards a software vulnerability prediction model using traceable code patterns and software metrics","publication_year":2017,"publication_date":"2017-10-01","ids":{"openalex":"https://openalex.org/W2767986122","doi":"https://doi.org/10.1109/ase.2017.8115724","mag":"2767986122"},"language":"en","primary_location":{"id":"doi:10.1109/ase.2017.8115724","is_oa":false,"landing_page_url":"https://doi.org/10.1109/ase.2017.8115724","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2017 32nd IEEE/ACM International Conference on Automated Software Engineering (ASE)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5035247633","display_name":"Kazi Zakia Sultana","orcid":"https://orcid.org/0000-0002-0609-5800"},"institutions":[{"id":"https://openalex.org/I99041443","display_name":"Mississippi State University","ror":"https://ror.org/0432jq872","country_code":"US","type":"education","lineage":["https://openalex.org/I4210141039","https://openalex.org/I99041443"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Kazi Zakia Sultana","raw_affiliation_strings":["Department of Computer Science and Engineering, Mississippi State University, MS, USA"],"affiliations":[{"raw_affiliation_string":"Department of Computer Science and Engineering, Mississippi State University, MS, USA","institution_ids":["https://openalex.org/I99041443"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":1,"corresponding_author_ids":["https://openalex.org/A5035247633"],"corresponding_institution_ids":["https://openalex.org/I99041443"],"apc_list":null,"apc_paid":null,"fwci":3.3854,"has_fulltext":false,"cited_by_count":19,"citation_normalized_percentile":{"value":0.93860122,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":89,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"1022","last_page":"1025"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12423","display_name":"Software Reliability and Analysis Research","score":0.9986000061035156,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.994700014591217,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.786291778087616},{"id":"https://openalex.org/keywords/software-security-assurance","display_name":"Software security assurance","score":0.6494737267494202},{"id":"https://openalex.org/keywords/software-quality","display_name":"Software quality","score":0.6204174757003784},{"id":"https://openalex.org/keywords/software-metric","display_name":"Software metric","score":0.6107654571533203},{"id":"https://openalex.org/keywords/secure-coding","display_name":"Secure coding","score":0.5135867595672607},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.5127926468849182},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.49027636647224426},{"id":"https://openalex.org/keywords/software-bug","display_name":"Software bug","score":0.4826822578907013},{"id":"https://openalex.org/keywords/code-smell","display_name":"Code smell","score":0.4535343647003174},{"id":"https://openalex.org/keywords/source-code","display_name":"Source code","score":0.4430463910102844},{"id":"https://openalex.org/keywords/software-development","display_name":"Software development","score":0.4397006034851074},{"id":"https://openalex.org/keywords/java","display_name":"Java","score":0.4145219922065735},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.3961026072502136},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.3526704013347626},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.21105358004570007},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.14099058508872986},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.11979714035987854}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.786291778087616},{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.6494737267494202},{"id":"https://openalex.org/C117447612","wikidata":"https://www.wikidata.org/wiki/Q1412670","display_name":"Software quality","level":4,"score":0.6204174757003784},{"id":"https://openalex.org/C82214349","wikidata":"https://www.wikidata.org/wiki/Q657339","display_name":"Software metric","level":5,"score":0.6107654571533203},{"id":"https://openalex.org/C22680326","wikidata":"https://www.wikidata.org/wiki/Q7444867","display_name":"Secure coding","level":5,"score":0.5135867595672607},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.5127926468849182},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.49027636647224426},{"id":"https://openalex.org/C1009929","wikidata":"https://www.wikidata.org/wiki/Q179550","display_name":"Software bug","level":3,"score":0.4826822578907013},{"id":"https://openalex.org/C133237599","wikidata":"https://www.wikidata.org/wiki/Q2295111","display_name":"Code smell","level":5,"score":0.4535343647003174},{"id":"https://openalex.org/C43126263","wikidata":"https://www.wikidata.org/wiki/Q128751","display_name":"Source code","level":2,"score":0.4430463910102844},{"id":"https://openalex.org/C529173508","wikidata":"https://www.wikidata.org/wiki/Q638608","display_name":"Software development","level":3,"score":0.4397006034851074},{"id":"https://openalex.org/C548217200","wikidata":"https://www.wikidata.org/wiki/Q251","display_name":"Java","level":2,"score":0.4145219922065735},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.3961026072502136},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.3526704013347626},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.21105358004570007},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.14099058508872986},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.11979714035987854},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/ase.2017.8115724","is_oa":false,"landing_page_url":"https://doi.org/10.1109/ase.2017.8115724","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2017 32nd IEEE/ACM International Conference on Automated Software Engineering (ASE)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":14,"referenced_works":["https://openalex.org/W1505465226","https://openalex.org/W1964962870","https://openalex.org/W2004758929","https://openalex.org/W2009543464","https://openalex.org/W2036901096","https://openalex.org/W2038561409","https://openalex.org/W2043837581","https://openalex.org/W2091073498","https://openalex.org/W2150866946","https://openalex.org/W2158864412","https://openalex.org/W2167352226","https://openalex.org/W2508791575","https://openalex.org/W2607665225","https://openalex.org/W4293857795"],"related_works":["https://openalex.org/W2141388993","https://openalex.org/W1978034799","https://openalex.org/W2999607548","https://openalex.org/W2956597637","https://openalex.org/W4308627662","https://openalex.org/W2044639210","https://openalex.org/W2293245356","https://openalex.org/W4225160120","https://openalex.org/W23486959","https://openalex.org/W1588942021"],"abstract_inverted_index":{"Software":[0],"security":[1,21,130],"is":[2,15,35],"an":[3,123],"important":[4],"aspect":[5],"of":[6,12,32,87,103],"ensuring":[7],"software":[8,20,26,62,115,181],"quality.":[9],"The":[10,30],"goal":[11],"this":[13],"study":[14,99],"to":[16,37,60,74,121],"help":[17],"developers":[18],"evaluate":[19,129],"using":[22,154],"traceable":[23,33,88,155],"patterns":[24,34,39,53,89,106,156,164],"and":[25,46,83,110,138,148,157,171],"metrics":[27,158],"during":[28],"development.":[29],"concept":[31],"similar":[36],"design":[38],"but":[40],"they":[41,64],"can":[42,54,65],"be":[43,66],"automatically":[44],"recognized":[45],"extracted":[47],"from":[48],"source":[49],"code.":[50],"If":[51],"these":[52],"better":[55],"predict":[56],"vulnerable":[57,78,176],"code":[58,76,105,177],"compared":[59],"traditional":[61,114,180],"metrics,":[63,91],"used":[67],"in":[68,107,174],"developing":[69],"a":[70,94,166],"vulnerability":[71,95,108,125],"prediction":[72,96,109,126],"model":[73],"classify":[75],"as":[77,159],"or":[79],"not.":[80],"By":[81],"analyzing":[82],"comparing":[84],"the":[85,101,119,179],"performance":[86,102],"with":[90,113],"we":[92],"propose":[93],"model.":[97,127],"This":[98],"explores":[100],"some":[104],"compares":[111],"them":[112],"metrics.":[116,182],"We":[117,128,144,161],"use":[118,145],"findings":[120],"build":[122],"effective":[124],"vulnerabilities":[131,153],"reported":[132],"for":[133,151],"Apache":[134,136],"Tomcat,":[135],"CXF":[137],"three":[139],"stand-alone":[140],"Java":[141],"web":[142],"applications.":[143],"machine":[146],"learning":[147],"statistical":[149],"techniques":[150],"predicting":[152],"features.":[160],"found":[162],"that":[163],"have":[165],"lower":[167],"false":[168],"negative":[169],"rate":[170],"higher":[172],"recall":[173],"detecting":[175],"than":[178]},"counts_by_year":[{"year":2025,"cited_by_count":2},{"year":2024,"cited_by_count":3},{"year":2023,"cited_by_count":2},{"year":2022,"cited_by_count":4},{"year":2021,"cited_by_count":1},{"year":2020,"cited_by_count":2},{"year":2019,"cited_by_count":4},{"year":2018,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}