{"id":"https://openalex.org/W4206071741","doi":"https://doi.org/10.1109/ladc53747.2021.9672589","title":"On Building a Vulnerability Dataset with Static Information from the Source Code","display_name":"On Building a Vulnerability Dataset with Static Information from the Source Code","publication_year":2021,"publication_date":"2021-11-01","ids":{"openalex":"https://openalex.org/W4206071741","doi":"https://doi.org/10.1109/ladc53747.2021.9672589"},"language":"en","primary_location":{"id":"doi:10.1109/ladc53747.2021.9672589","is_oa":false,"landing_page_url":"https://doi.org/10.1109/ladc53747.2021.9672589","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2021 10th Latin-American Symposium on Dependable Computing (LADC)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5046201732","display_name":"Jos\u00e9 D\u2019Abruzzo Pereira","orcid":"https://orcid.org/0000-0003-0717-3396"},"institutions":[{"id":"https://openalex.org/I76903346","display_name":"University of Coimbra","ror":"https://ror.org/04z8k9a98","country_code":"PT","type":"education","lineage":["https://openalex.org/I76903346"]}],"countries":["PT"],"is_corresponding":true,"raw_author_name":"Jose D'Abruzzo Pereira","raw_affiliation_strings":["University of Coimbra, Centre for Informatics and Systems of the University of Coimbra, Coimbra, Portugal"],"affiliations":[{"raw_affiliation_string":"University of Coimbra, Centre for Informatics and Systems of the University of Coimbra, Coimbra, Portugal","institution_ids":["https://openalex.org/I76903346"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5052902201","display_name":"Joao Henggeler Antunes","orcid":null},"institutions":[{"id":"https://openalex.org/I76903346","display_name":"University of Coimbra","ror":"https://ror.org/04z8k9a98","country_code":"PT","type":"education","lineage":["https://openalex.org/I76903346"]}],"countries":["PT"],"is_corresponding":false,"raw_author_name":"Joao Henggeler Antunes","raw_affiliation_strings":["University of Coimbra, Centre for Informatics and Systems of the University of Coimbra, Coimbra, Portugal"],"affiliations":[{"raw_affiliation_string":"University of Coimbra, Centre for Informatics and Systems of the University of Coimbra, Coimbra, Portugal","institution_ids":["https://openalex.org/I76903346"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5016622594","display_name":"Marco Vieira","orcid":"https://orcid.org/0000-0001-5103-8541"},"institutions":[{"id":"https://openalex.org/I76903346","display_name":"University of Coimbra","ror":"https://ror.org/04z8k9a98","country_code":"PT","type":"education","lineage":["https://openalex.org/I76903346"]}],"countries":["PT"],"is_corresponding":false,"raw_author_name":"Marco Vieira","raw_affiliation_strings":["University of Coimbra, Centre for Informatics and Systems of the University of Coimbra, Coimbra, Portugal"],"affiliations":[{"raw_affiliation_string":"University of Coimbra, Centre for Informatics and Systems of the University of Coimbra, Coimbra, Portugal","institution_ids":["https://openalex.org/I76903346"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5046201732"],"corresponding_institution_ids":["https://openalex.org/I76903346"],"apc_list":null,"apc_paid":null,"fwci":0.2754,"has_fulltext":false,"cited_by_count":1,"citation_normalized_percentile":{"value":0.66332609,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":94},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"2"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12423","display_name":"Software Reliability and Analysis Research","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.996999979019165,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8119100332260132},{"id":"https://openalex.org/keywords/secure-coding","display_name":"Secure coding","score":0.8067923784255981},{"id":"https://openalex.org/keywords/vulnerability-management","display_name":"Vulnerability management","score":0.6704761981964111},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.636807382106781},{"id":"https://openalex.org/keywords/software-security-assurance","display_name":"Software security assurance","score":0.6121591329574585},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.5940012335777283},{"id":"https://openalex.org/keywords/static-program-analysis","display_name":"Static program analysis","score":0.5735426545143127},{"id":"https://openalex.org/keywords/source-code","display_name":"Source code","score":0.5345327854156494},{"id":"https://openalex.org/keywords/static-analysis","display_name":"Static analysis","score":0.49791717529296875},{"id":"https://openalex.org/keywords/software-development","display_name":"Software development","score":0.46819812059402466},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.46123504638671875},{"id":"https://openalex.org/keywords/software-bug","display_name":"Software bug","score":0.45526978373527527},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.4162503778934479},{"id":"https://openalex.org/keywords/vulnerability-assessment","display_name":"Vulnerability assessment","score":0.3198828101158142},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.25367897748947144},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.17397868633270264},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.07368910312652588}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8119100332260132},{"id":"https://openalex.org/C22680326","wikidata":"https://www.wikidata.org/wiki/Q7444867","display_name":"Secure coding","level":5,"score":0.8067923784255981},{"id":"https://openalex.org/C172776598","wikidata":"https://www.wikidata.org/wiki/Q7943570","display_name":"Vulnerability management","level":4,"score":0.6704761981964111},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.636807382106781},{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.6121591329574585},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.5940012335777283},{"id":"https://openalex.org/C137287247","wikidata":"https://www.wikidata.org/wiki/Q1329550","display_name":"Static program analysis","level":4,"score":0.5735426545143127},{"id":"https://openalex.org/C43126263","wikidata":"https://www.wikidata.org/wiki/Q128751","display_name":"Source code","level":2,"score":0.5345327854156494},{"id":"https://openalex.org/C97686452","wikidata":"https://www.wikidata.org/wiki/Q7604153","display_name":"Static analysis","level":2,"score":0.49791717529296875},{"id":"https://openalex.org/C529173508","wikidata":"https://www.wikidata.org/wiki/Q638608","display_name":"Software development","level":3,"score":0.46819812059402466},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.46123504638671875},{"id":"https://openalex.org/C1009929","wikidata":"https://www.wikidata.org/wiki/Q179550","display_name":"Software bug","level":3,"score":0.45526978373527527},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.4162503778934479},{"id":"https://openalex.org/C167063184","wikidata":"https://www.wikidata.org/wiki/Q1400839","display_name":"Vulnerability assessment","level":3,"score":0.3198828101158142},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.25367897748947144},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.17397868633270264},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.07368910312652588},{"id":"https://openalex.org/C15744967","wikidata":"https://www.wikidata.org/wiki/Q9418","display_name":"Psychology","level":0,"score":0.0},{"id":"https://openalex.org/C137176749","wikidata":"https://www.wikidata.org/wiki/Q4105337","display_name":"Psychological resilience","level":2,"score":0.0},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.0},{"id":"https://openalex.org/C542102704","wikidata":"https://www.wikidata.org/wiki/Q183257","display_name":"Psychotherapist","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/ladc53747.2021.9672589","is_oa":false,"landing_page_url":"https://doi.org/10.1109/ladc53747.2021.9672589","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2021 10th Latin-American Symposium on Dependable Computing (LADC)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G3647431616","display_name":null,"funder_award_id":"2020.04503.BD","funder_id":"https://openalex.org/F4320337197","funder_display_name":"Nuclear Fuel Cycle and Supply Chain"},{"id":"https://openalex.org/G491858407","display_name":null,"funder_award_id":"COMPETE2020","funder_id":"https://openalex.org/F4320335322","funder_display_name":"European Regional Development Fund"}],"funders":[{"id":"https://openalex.org/F4320335322","display_name":"European Regional Development Fund","ror":"https://ror.org/00k4n6c32"},{"id":"https://openalex.org/F4320337197","display_name":"Nuclear Fuel Cycle and Supply Chain","ror":"https://ror.org/05tj7dm33"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":10,"referenced_works":["https://openalex.org/W2067148378","https://openalex.org/W2155448819","https://openalex.org/W2158297335","https://openalex.org/W2562680154","https://openalex.org/W2565690877","https://openalex.org/W2990168612","https://openalex.org/W3093700956","https://openalex.org/W3107289082","https://openalex.org/W3215250117","https://openalex.org/W6784566114"],"related_works":["https://openalex.org/W2383958993","https://openalex.org/W3043810321","https://openalex.org/W2560421591","https://openalex.org/W2892115998","https://openalex.org/W2537414278","https://openalex.org/W2796094063","https://openalex.org/W2123075981","https://openalex.org/W1978034799","https://openalex.org/W2062583373","https://openalex.org/W2809528855"],"abstract_inverted_index":{"Software":[0,78],"vulnerabilities":[1,72,141],"are":[2,35,101,121],"weaknesses":[3],"in":[4,73],"software":[5,32,40,52,87,109,140],"systems":[6],"that":[7,69],"can":[8,65],"have":[9,81],"serious":[10],"consequences":[11],"when":[12],"exploited.":[13],"Examples":[14],"of":[15,30,50,60,93,107,129,166],"side":[16],"effects":[17],"include":[18],"unauthorized":[19],"authentication,":[20],"data":[21],"breaches,":[22],"and":[23,146,155],"financial":[24],"losses.":[25],"Due":[26],"to":[27,38,46,85,103,161],"the":[28,31,58,91,105,117,170],"nature":[29],"industry,":[33],"companies":[34],"increasingly":[36],"pressured":[37],"deploy":[39],"as":[41,43],"quickly":[42],"possible,":[44],"leading":[45],"a":[47,126,136,163],"large":[48],"number":[49],"undetected":[51],"vulnerabilities.":[53],"Static":[54,61],"code":[55],"analysis,":[56],"with":[57,90,149],"support":[59,92,104],"Analysis":[62],"Tools":[63],"(SATs),":[64],"generate":[66],"security":[67],"alerts":[68,154],"highlight":[70],"potential":[71],"an":[74],"application's":[75],"source":[76],"code.":[77],"Metrics":[79],"(SMs)":[80],"also":[82],"been":[83],"used":[84],"predict":[86],"vulnerabilities,":[88],"usually":[89],"Machine":[94],"Learning":[95],"(ML)":[96],"classification":[97],"algorithms.":[98],"Several":[99],"datasets":[100],"available":[102],"development":[106],"improved":[108],"vulnerability":[110,144],"detection":[111],"techniques.":[112],"However,":[113],"they":[114,120],"suffer":[115],"from":[116,142],"same":[118],"issues:":[119],"either":[122],"outdated":[123],"or":[124],"use":[125],"single":[127],"type":[128],"information.":[130],"In":[131],"this":[132],"paper,":[133],"we":[134],"present":[135],"methodology":[137,159],"for":[138],"collecting":[139],"known":[143],"databases":[145],"enhancing":[147],"them":[148],"static":[150],"information":[151],"(namely":[152],"SAT":[153],"SMs).":[156],"The":[157],"proposed":[158],"aims":[160],"define":[162],"mechanism":[164],"capable":[165],"more":[167],"easily":[168],"updating":[169],"collected":[171],"data.":[172]},"counts_by_year":[{"year":2023,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}