{"id":"https://openalex.org/W3131273506","doi":"https://doi.org/10.1109/dsaa53316.2021.9564227","title":"V2W-BERT: A Framework for Effective Hierarchical Multiclass Classification of Software Vulnerabilities","display_name":"V2W-BERT: A Framework for Effective Hierarchical Multiclass Classification of Software Vulnerabilities","publication_year":2021,"publication_date":"2021-10-06","ids":{"openalex":"https://openalex.org/W3131273506","doi":"https://doi.org/10.1109/dsaa53316.2021.9564227","mag":"3131273506"},"language":"en","primary_location":{"id":"doi:10.1109/dsaa53316.2021.9564227","is_oa":false,"landing_page_url":"https://doi.org/10.1109/dsaa53316.2021.9564227","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2021 IEEE 8th International Conference on Data Science and Advanced Analytics (DSAA)","raw_type":"proceedings-article"},"type":"preprint","indexed_in":["arxiv","crossref","datacite"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://arxiv.org/pdf/2102.11498","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5102677587","display_name":"Siddhartha Shankar Das","orcid":null},"institutions":[{"id":"https://openalex.org/I219193219","display_name":"Purdue University West Lafayette","ror":"https://ror.org/02dqehb95","country_code":"US","type":"education","lineage":["https://openalex.org/I219193219"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Siddhartha Shankar Das","raw_affiliation_strings":["Purdue University, IN, USA","PURDUE UNIVERSITY"],"affiliations":[{"raw_affiliation_string":"Purdue University, IN, USA","institution_ids":["https://openalex.org/I219193219"]},{"raw_affiliation_string":"PURDUE UNIVERSITY","institution_ids":["https://openalex.org/I219193219"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5009094578","display_name":"Edoardo Serra","orcid":"https://orcid.org/0000-0003-0689-5063"},"institutions":[{"id":"https://openalex.org/I120156002","display_name":"Boise State University","ror":"https://ror.org/02e3zdp86","country_code":"US","type":"education","lineage":["https://openalex.org/I120156002"]},{"id":"https://openalex.org/I142606810","display_name":"Pacific Northwest National Laboratory","ror":"https://ror.org/05h992307","country_code":"US","type":"facility","lineage":["https://openalex.org/I1325736334","https://openalex.org/I1330989302","https://openalex.org/I142606810","https://openalex.org/I39565521"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Edoardo Serra","raw_affiliation_strings":["Boise State University, ID, USA","Pacific Northwest National Lab, WA, USA","Boise State Univ"],"affiliations":[{"raw_affiliation_string":"Boise State University, ID, USA","institution_ids":["https://openalex.org/I120156002"]},{"raw_affiliation_string":"Pacific Northwest National Lab, WA, USA","institution_ids":["https://openalex.org/I142606810"]},{"raw_affiliation_string":"Boise State Univ","institution_ids":["https://openalex.org/I120156002"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5075175819","display_name":"Mahantesh Halappanavar","orcid":"https://orcid.org/0000-0002-2323-4753"},"institutions":[{"id":"https://openalex.org/I142606810","display_name":"Pacific Northwest National Laboratory","ror":"https://ror.org/05h992307","country_code":"US","type":"facility","lineage":["https://openalex.org/I1325736334","https://openalex.org/I1330989302","https://openalex.org/I142606810","https://openalex.org/I39565521"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Mahantesh Halappanavar","raw_affiliation_strings":["Pacific Northwest National Lab, WA, USA","Pacific Northwest National Laboratory,"],"affiliations":[{"raw_affiliation_string":"Pacific Northwest National Lab, WA, USA","institution_ids":["https://openalex.org/I142606810"]},{"raw_affiliation_string":"Pacific Northwest National Laboratory,","institution_ids":["https://openalex.org/I142606810"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5055182869","display_name":"Alex Pothen","orcid":"https://orcid.org/0000-0002-3421-3325"},"institutions":[{"id":"https://openalex.org/I219193219","display_name":"Purdue University West Lafayette","ror":"https://ror.org/02dqehb95","country_code":"US","type":"education","lineage":["https://openalex.org/I219193219"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Alex Pothen","raw_affiliation_strings":["Purdue University, IN, USA","PURDUE UNIVERSITY"],"affiliations":[{"raw_affiliation_string":"Purdue University, IN, USA","institution_ids":["https://openalex.org/I219193219"]},{"raw_affiliation_string":"PURDUE UNIVERSITY","institution_ids":["https://openalex.org/I219193219"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5043893479","display_name":"Ehab Al\u2010Shaer","orcid":"https://orcid.org/0000-0002-7665-8293"},"institutions":[{"id":"https://openalex.org/I74973139","display_name":"Carnegie Mellon University","ror":"https://ror.org/05x2bcf33","country_code":"US","type":"education","lineage":["https://openalex.org/I74973139"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Ehab Al-Shaer","raw_affiliation_strings":["Carnegie Mellon University, PA, USA","Carnegie Mellon University"],"affiliations":[{"raw_affiliation_string":"Carnegie Mellon University, PA, USA","institution_ids":["https://openalex.org/I74973139"]},{"raw_affiliation_string":"Carnegie Mellon University","institution_ids":["https://openalex.org/I74973139"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5102677587"],"corresponding_institution_ids":["https://openalex.org/I219193219"],"apc_list":null,"apc_paid":null,"fwci":0.2844,"has_fulltext":true,"cited_by_count":1,"citation_normalized_percentile":{"value":0.58170743,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":94},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"12"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9929999709129333,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12423","display_name":"Software Reliability and Analysis Research","score":0.986299991607666,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8429412841796875},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.5770841240882874},{"id":"https://openalex.org/keywords/strengths-and-weaknesses","display_name":"Strengths and weaknesses","score":0.5108156204223633},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.4694770276546478},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.4097989499568939},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.40443921089172363},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.3823312819004059},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.3255324959754944},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.2395998239517212}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8429412841796875},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.5770841240882874},{"id":"https://openalex.org/C63882131","wikidata":"https://www.wikidata.org/wiki/Q17122954","display_name":"Strengths and weaknesses","level":2,"score":0.5108156204223633},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.4694770276546478},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.4097989499568939},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.40443921089172363},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.3823312819004059},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.3255324959754944},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.2395998239517212},{"id":"https://openalex.org/C111472728","wikidata":"https://www.wikidata.org/wiki/Q9471","display_name":"Epistemology","level":1,"score":0.0},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.0}],"mesh":[],"locations_count":5,"locations":[{"id":"doi:10.1109/dsaa53316.2021.9564227","is_oa":false,"landing_page_url":"https://doi.org/10.1109/dsaa53316.2021.9564227","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2021 IEEE 8th International Conference on Data Science and Advanced Analytics (DSAA)","raw_type":"proceedings-article"},{"id":"pmh:oai:arXiv.org:2102.11498","is_oa":true,"landing_page_url":"http://arxiv.org/abs/2102.11498","pdf_url":"https://arxiv.org/pdf/2102.11498","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"},{"id":"mag:3131273506","is_oa":true,"landing_page_url":"http://arxiv.org/pdf/2102.11498.pdf","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"arXiv (Cornell University)","raw_type":null},{"id":"pmh:oai:scholarworks.boisestate.edu:cs_facpubs-1319","is_oa":false,"landing_page_url":"https://scholarworks.boisestate.edu/cs_facpubs/311","pdf_url":null,"source":{"id":"https://openalex.org/S4377196366","display_name":"Scholar Works  (Boise State University)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I120156002","host_organization_name":"Boise State University","host_organization_lineage":["https://openalex.org/I120156002"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Computer Science Faculty Publications and Presentations","raw_type":"text"},{"id":"doi:10.48550/arxiv.2102.11498","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2102.11498","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"article"}],"best_oa_location":{"id":"pmh:oai:arXiv.org:2102.11498","is_oa":true,"landing_page_url":"http://arxiv.org/abs/2102.11498","pdf_url":"https://arxiv.org/pdf/2102.11498","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"},"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","score":0.47999998927116394,"display_name":"Peace, Justice and strong institutions"}],"awards":[{"id":"https://openalex.org/G7762840364","display_name":null,"funder_award_id":"CCF-1637534,1820685","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"}],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"}],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W3131273506.pdf","grobid_xml":"https://content.openalex.org/works/W3131273506.grobid-xml"},"referenced_works_count":23,"referenced_works":["https://openalex.org/W2004228899","https://openalex.org/W2067429903","https://openalex.org/W2133458109","https://openalex.org/W2538706977","https://openalex.org/W2564850588","https://openalex.org/W2606791856","https://openalex.org/W2767521898","https://openalex.org/W2794557536","https://openalex.org/W2896457183","https://openalex.org/W2911588830","https://openalex.org/W2950541952","https://openalex.org/W2953017892","https://openalex.org/W2963403868","https://openalex.org/W2964522977","https://openalex.org/W2970612059","https://openalex.org/W2970641574","https://openalex.org/W2980708516","https://openalex.org/W2995290701","https://openalex.org/W3006057906","https://openalex.org/W3080427797","https://openalex.org/W3093734859","https://openalex.org/W6739901393","https://openalex.org/W6782502777"],"related_works":["https://openalex.org/W2766948575","https://openalex.org/W1546302686","https://openalex.org/W3006434957","https://openalex.org/W2052029850","https://openalex.org/W3102673518","https://openalex.org/W3199263538","https://openalex.org/W3127736190","https://openalex.org/W3030161265","https://openalex.org/W1971733255","https://openalex.org/W3004779955","https://openalex.org/W3127782461","https://openalex.org/W2972402638","https://openalex.org/W2807143630","https://openalex.org/W2981874032","https://openalex.org/W33764377","https://openalex.org/W2741823044","https://openalex.org/W3107474538","https://openalex.org/W2891984832","https://openalex.org/W3161938055","https://openalex.org/W3101228802"],"abstract_inverted_index":{"We":[0,92,179,195],"consider":[1],"the":[2,6,154,203],"problem":[3,106],"of":[4,8,34,38,63,193,205],"automating":[5],"mapping":[7,62,87,208],"observed":[9],"vulnerabilities":[10],"in":[11,14,24,100,175,183],"software":[12,35],"listed":[13,23],"Common":[15,25],"Vulnerabilities":[16],"and":[17,55,117,148,153,169,210],"Exposures":[18],"(CVE)":[19],"reports":[20,150],"to":[21,40,45,56,65,73,80,103,133,161,171,187],"weaknesses":[22,189],"Weakness":[26],"Enumerations":[27],"(CWE)":[28],"reports,":[29],"a":[30,43,69,89,94],"hierarchically":[31],"designed":[32],"dictionary":[33],"weaknesses.":[36],"Mapping":[37],"CVEs":[39,64],"CWEs":[41,66],"provides":[42],"means":[44],"understand":[46],"how":[47],"they":[48],"might":[49],"be":[50,81,216],"exploited":[51],"for":[52,127,137,165,190,218],"malicious":[53],"purposes,":[54],"mitigate":[57],"their":[58,74],"impact.":[59],"Since":[60],"manual":[61],"is":[67,88],"not":[68,125],"viable":[70],"approach":[71],"due":[72],"ever-increasing":[75],"sizes,":[76],"automated":[77,207],"approaches":[78,124],"need":[79],"devised":[82],"but":[83,135],"obtaining":[84],"highly":[85],"accurate":[86],"challenging":[90],"problem.":[91],"present":[93],"novel":[95],"Transformer-based":[96],"learning":[97],"framework":[98],"(V2W-BERT)":[99],"this":[101,105,213],"paper":[102],"solve":[104],"by":[107],"bringing":[108],"together":[109],"ideas":[110],"from":[111,151],"natural":[112],"language":[113],"processing,":[114],"link":[115],"prediction":[116,163,173],"transfer":[118],"learning.":[119],"Our":[120],"method":[121],"outperforms":[122],"previous":[123],"only":[126],"CWE":[128,139],"instances":[129,192],"with":[130,141],"abundant":[131],"data":[132,168,186],"train,":[134],"also":[136,211],"rare":[138],"classes":[140],"little":[142],"or":[143],"no":[144],"data.":[145,178],"Using":[146],"vulnerability":[147],"weakness":[149],"MITRE":[152],"National":[155],"Vulnerability":[156],"Database,":[157],"we":[158],"achieve":[159],"up":[160,170],"97%":[162],"accuracy":[164,174],"randomly":[166],"partitioned":[167,177],"94%":[172],"temporally":[176],"demonstrate":[180],"significant":[181],"improvements":[182],"using":[184],"historical":[185],"predict":[188],"future":[191],"CVEs.":[194],"believe":[196],"that":[197,212],"our":[198],"work":[199],"will":[200],"would":[201],"influence":[202],"design":[204],"better":[206],"approaches,":[209],"technology":[214],"could":[215],"deployed":[217],"more":[219],"effective":[220],"cybersecurity.":[221]},"counts_by_year":[{"year":2022,"cited_by_count":1}],"updated_date":"2026-04-09T08:11:56.329763","created_date":"2025-10-10T00:00:00"}