{"id":"https://openalex.org/W4415744215","doi":"https://doi.org/10.1109/qrs-c65679.2025.00110","title":"FPDetection: False Positives Detection in Static Code Analysis with Deep Learning and LLM","display_name":"FPDetection: False Positives Detection in Static Code Analysis with Deep Learning and LLM","publication_year":2025,"publication_date":"2025-07-16","ids":{"openalex":"https://openalex.org/W4415744215","doi":"https://doi.org/10.1109/qrs-c65679.2025.00110"},"language":null,"primary_location":{"id":"doi:10.1109/qrs-c65679.2025.00110","is_oa":false,"landing_page_url":"https://doi.org/10.1109/qrs-c65679.2025.00110","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 25th International Conference on Software Quality, Reliability, and Security Companion (QRS-C)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5101133935","display_name":"Yang Xu","orcid":"https://orcid.org/0009-0005-0245-9020"},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Yang Xu","raw_affiliation_strings":["SAP Labs China,Xi&#x2019;an,China"],"affiliations":[{"raw_affiliation_string":"SAP Labs China,Xi&#x2019;an,China","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5048564223","display_name":"Jinming Lv","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Jinming Lv","raw_affiliation_strings":["SAP Labs China,Xi&#x2019;an,China"],"affiliations":[{"raw_affiliation_string":"SAP Labs China,Xi&#x2019;an,China","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5120211381","display_name":"Hang Nai","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Hang Nai","raw_affiliation_strings":["SAP Labs China,Xi&#x2019;an,China"],"affiliations":[{"raw_affiliation_string":"SAP Labs China,Xi&#x2019;an,China","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5084350058","display_name":"Yongle Li","orcid":"https://orcid.org/0000-0001-9879-0626"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Yong Li","raw_affiliation_strings":["SAP Labs China,Xi&#x2019;an,China"],"affiliations":[{"raw_affiliation_string":"SAP Labs China,Xi&#x2019;an,China","institution_ids":[]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5101203009","display_name":"Qiaoluan Xie","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Qiaoluan Xie","raw_affiliation_strings":["SAP Labs China,Xi&#x2019;an,China"],"affiliations":[{"raw_affiliation_string":"SAP Labs China,Xi&#x2019;an,China","institution_ids":[]}]}],"institutions":[],"countries_distinct_count":0,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5101133935"],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.46956908,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"790","last_page":"791"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.45809999108314514,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.45809999108314514,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12127","display_name":"Software System Performance and Reliability","score":0.1881999969482422,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.050999999046325684,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/false-positive-paradox","display_name":"False positive paradox","score":0.8062999844551086},{"id":"https://openalex.org/keywords/deep-learning","display_name":"Deep learning","score":0.678600013256073},{"id":"https://openalex.org/keywords/static-analysis","display_name":"Static analysis","score":0.5103999972343445},{"id":"https://openalex.org/keywords/embedding","display_name":"Embedding","score":0.47119998931884766},{"id":"https://openalex.org/keywords/code","display_name":"Code (set theory)","score":0.46549999713897705},{"id":"https://openalex.org/keywords/workload","display_name":"Workload","score":0.4578000009059906},{"id":"https://openalex.org/keywords/true-positive-rate","display_name":"True positive rate","score":0.4392000138759613},{"id":"https://openalex.org/keywords/similarity","display_name":"Similarity (geometry)","score":0.43880000710487366}],"concepts":[{"id":"https://openalex.org/C64869954","wikidata":"https://www.wikidata.org/wiki/Q1859747","display_name":"False positive paradox","level":2,"score":0.8062999844551086},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7555000185966492},{"id":"https://openalex.org/C108583219","wikidata":"https://www.wikidata.org/wiki/Q197536","display_name":"Deep learning","level":2,"score":0.678600013256073},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.6557000279426575},{"id":"https://openalex.org/C97686452","wikidata":"https://www.wikidata.org/wiki/Q7604153","display_name":"Static analysis","level":2,"score":0.5103999972343445},{"id":"https://openalex.org/C41608201","wikidata":"https://www.wikidata.org/wiki/Q980509","display_name":"Embedding","level":2,"score":0.47119998931884766},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.46549999713897705},{"id":"https://openalex.org/C2778476105","wikidata":"https://www.wikidata.org/wiki/Q628539","display_name":"Workload","level":2,"score":0.4578000009059906},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.44769999384880066},{"id":"https://openalex.org/C2989486834","wikidata":"https://www.wikidata.org/wiki/Q3808900","display_name":"True positive rate","level":2,"score":0.4392000138759613},{"id":"https://openalex.org/C103278499","wikidata":"https://www.wikidata.org/wiki/Q254465","display_name":"Similarity (geometry)","level":3,"score":0.43880000710487366},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.3912000060081482},{"id":"https://openalex.org/C153180895","wikidata":"https://www.wikidata.org/wiki/Q7148389","display_name":"Pattern recognition (psychology)","level":2,"score":0.34060001373291016},{"id":"https://openalex.org/C43126263","wikidata":"https://www.wikidata.org/wiki/Q128751","display_name":"Source code","level":2,"score":0.3264999985694885},{"id":"https://openalex.org/C38369872","wikidata":"https://www.wikidata.org/wiki/Q7445009","display_name":"Security analysis","level":2,"score":0.2985999882221222},{"id":"https://openalex.org/C132964779","wikidata":"https://www.wikidata.org/wiki/Q2110223","display_name":"Raw data","level":2,"score":0.2865000069141388},{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.27559998631477356},{"id":"https://openalex.org/C45942800","wikidata":"https://www.wikidata.org/wiki/Q245652","display_name":"Ensemble learning","level":2,"score":0.2743000090122223},{"id":"https://openalex.org/C70518039","wikidata":"https://www.wikidata.org/wiki/Q16000077","display_name":"Dimensionality reduction","level":2,"score":0.27160000801086426},{"id":"https://openalex.org/C51632099","wikidata":"https://www.wikidata.org/wiki/Q3985153","display_name":"Training set","level":2,"score":0.26510000228881836},{"id":"https://openalex.org/C52622490","wikidata":"https://www.wikidata.org/wiki/Q1026626","display_name":"Feature extraction","level":2,"score":0.26080000400543213},{"id":"https://openalex.org/C124304363","wikidata":"https://www.wikidata.org/wiki/Q673661","display_name":"Abstraction","level":2,"score":0.2540999948978424},{"id":"https://openalex.org/C175154964","wikidata":"https://www.wikidata.org/wiki/Q380077","display_name":"Task analysis","level":3,"score":0.25360000133514404},{"id":"https://openalex.org/C101738243","wikidata":"https://www.wikidata.org/wiki/Q786435","display_name":"Autoencoder","level":3,"score":0.2535000145435333}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/qrs-c65679.2025.00110","is_oa":false,"landing_page_url":"https://doi.org/10.1109/qrs-c65679.2025.00110","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 25th International Conference on Software Quality, Reliability, and Security Companion (QRS-C)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":1,"referenced_works":["https://openalex.org/W4400134761"],"related_works":[],"abstract_inverted_index":{"Security":[0],"defects":[1,31,102],"pose":[2],"substantial":[3],"risks":[4],"to":[5,20,37,81,95],"system":[6],"integrity.":[7],"SAP":[8],"HANA":[9],"Cloud,":[10],"a":[11,25,49,73,78],"secure":[12],"database":[13],"platform,":[14],"undergoes":[15],"regular":[16],"static":[17],"code":[18],"analysis":[19,121],"enhance":[21],"its":[22],"robustness.":[23],"However,":[24],"significant":[26],"proportion":[27],"of":[28,40,118,126],"identified":[29],"security":[30,59,83,101,119],"are":[32],"false":[33,53,97],"positives,":[34],"which":[35],"lead":[36],"unnecessary":[38],"consumption":[39],"development":[41,127],"resources.":[42],"To":[43],"address":[44],"this":[45],"issue,":[46],"we":[47,56,71,90],"propose":[48],"method":[50,94,113],"for":[51],"identifying":[52],"positives.":[54],"First,":[55],"convert":[57],"raw":[58],"defect":[60,84,120],"logs":[61],"into":[62],"natural":[63],"language":[64],"representations":[65,85],"using":[66,99],"an":[67,92],"embedding":[68],"model.":[69],"Next,":[70],"develop":[72],"deep":[74],"learning":[75],"model":[76,104],"and":[77,86,103,122],"fine-tuned":[79],"LLM":[80],"learn":[82],"make":[87],"predictions.":[88],"Finally,":[89],"apply":[91],"ensemble":[93],"classify":[96],"positives":[98],"similarity":[100],"prediction.":[105],"Based":[106],"on":[107],"the":[108,111,116,124],"evaluation":[109],"results,":[110],"proposed":[112],"can":[114],"improve":[115],"efficiency":[117],"reduce":[123],"workload":[125],"teams.":[128]},"counts_by_year":[],"updated_date":"2026-03-07T16:01:11.037858","created_date":"2025-10-31T00:00:00"}