{"id":"https://openalex.org/W3014251208","doi":"https://doi.org/10.1109/saner48275.2020.9054851","title":"A Preliminary Study on Open-Source Memory Vulnerability Detectors","display_name":"A Preliminary Study on Open-Source Memory Vulnerability Detectors","publication_year":2020,"publication_date":"2020-02-01","ids":{"openalex":"https://openalex.org/W3014251208","doi":"https://doi.org/10.1109/saner48275.2020.9054851","mag":"3014251208"},"language":"en","primary_location":{"id":"doi:10.1109/saner48275.2020.9054851","is_oa":false,"landing_page_url":"https://doi.org/10.1109/saner48275.2020.9054851","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2020 IEEE 27th International Conference on Software Analysis, Evolution and Reengineering (SANER)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5030441764","display_name":"Yu Nong","orcid":"https://orcid.org/0000-0002-8598-5181"},"institutions":[{"id":"https://openalex.org/I72951846","display_name":"Washington State University","ror":"https://ror.org/05dk0ce17","country_code":"US","type":"education","lineage":["https://openalex.org/I72951846"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Yu Nong","raw_affiliation_strings":["Washington State University, Pullman, USA"],"affiliations":[{"raw_affiliation_string":"Washington State University, Pullman, USA","institution_ids":["https://openalex.org/I72951846"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5076081056","display_name":"Haipeng Cai","orcid":"https://orcid.org/0000-0002-5224-9970"},"institutions":[{"id":"https://openalex.org/I72951846","display_name":"Washington State University","ror":"https://ror.org/05dk0ce17","country_code":"US","type":"education","lineage":["https://openalex.org/I72951846"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Haipeng Cai","raw_affiliation_strings":["Washington State University, Pullman, USA"],"affiliations":[{"raw_affiliation_string":"Washington State University, Pullman, USA","institution_ids":["https://openalex.org/I72951846"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5030441764"],"corresponding_institution_ids":["https://openalex.org/I72951846"],"apc_list":null,"apc_paid":null,"fwci":1.0605,"has_fulltext":false,"cited_by_count":10,"citation_normalized_percentile":{"value":0.81632313,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":97},"biblio":{"volume":null,"issue":null,"first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9976000189781189,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9842000007629395,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/detector","display_name":"Detector","score":0.7941206693649292},{"id":"https://openalex.org/keywords/benchmark","display_name":"Benchmark (surveying)","score":0.7642889618873596},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6508851647377014},{"id":"https://openalex.org/keywords/suite","display_name":"Suite","score":0.6399410963058472},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.5934852361679077},{"id":"https://openalex.org/keywords/set","display_name":"Set (abstract data type)","score":0.5364165306091309},{"id":"https://openalex.org/keywords/outlier","display_name":"Outlier","score":0.4908464550971985},{"id":"https://openalex.org/keywords/reliability-engineering","display_name":"Reliability engineering","score":0.3790627419948578},{"id":"https://openalex.org/keywords/statistics","display_name":"Statistics","score":0.3475174605846405},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.29039785265922546},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.2230571210384369},{"id":"https://openalex.org/keywords/mathematics","display_name":"Mathematics","score":0.16759377717971802},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.14981970191001892},{"id":"https://openalex.org/keywords/telecommunications","display_name":"Telecommunications","score":0.12496837973594666},{"id":"https://openalex.org/keywords/geography","display_name":"Geography","score":0.08032256364822388}],"concepts":[{"id":"https://openalex.org/C94915269","wikidata":"https://www.wikidata.org/wiki/Q1834857","display_name":"Detector","level":2,"score":0.7941206693649292},{"id":"https://openalex.org/C185798385","wikidata":"https://www.wikidata.org/wiki/Q1161707","display_name":"Benchmark (surveying)","level":2,"score":0.7642889618873596},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6508851647377014},{"id":"https://openalex.org/C79581498","wikidata":"https://www.wikidata.org/wiki/Q1367530","display_name":"Suite","level":2,"score":0.6399410963058472},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.5934852361679077},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.5364165306091309},{"id":"https://openalex.org/C79337645","wikidata":"https://www.wikidata.org/wiki/Q779824","display_name":"Outlier","level":2,"score":0.4908464550971985},{"id":"https://openalex.org/C200601418","wikidata":"https://www.wikidata.org/wiki/Q2193887","display_name":"Reliability engineering","level":1,"score":0.3790627419948578},{"id":"https://openalex.org/C105795698","wikidata":"https://www.wikidata.org/wiki/Q12483","display_name":"Statistics","level":1,"score":0.3475174605846405},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.29039785265922546},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.2230571210384369},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.16759377717971802},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.14981970191001892},{"id":"https://openalex.org/C76155785","wikidata":"https://www.wikidata.org/wiki/Q418","display_name":"Telecommunications","level":1,"score":0.12496837973594666},{"id":"https://openalex.org/C205649164","wikidata":"https://www.wikidata.org/wiki/Q1071","display_name":"Geography","level":0,"score":0.08032256364822388},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.0},{"id":"https://openalex.org/C13280743","wikidata":"https://www.wikidata.org/wiki/Q131089","display_name":"Geodesy","level":1,"score":0.0},{"id":"https://openalex.org/C166957645","wikidata":"https://www.wikidata.org/wiki/Q23498","display_name":"Archaeology","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/saner48275.2020.9054851","is_oa":false,"landing_page_url":"https://doi.org/10.1109/saner48275.2020.9054851","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2020 IEEE 27th International Conference on Software Analysis, Evolution and Reengineering (SANER)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","score":0.5099999904632568,"id":"https://metadata.un.org/sdg/16"}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":38,"referenced_works":["https://openalex.org/W162098268","https://openalex.org/W327452528","https://openalex.org/W1505465226","https://openalex.org/W1558012247","https://openalex.org/W1604819730","https://openalex.org/W1878544538","https://openalex.org/W1902482618","https://openalex.org/W1979837046","https://openalex.org/W2011146531","https://openalex.org/W2027707376","https://openalex.org/W2052485000","https://openalex.org/W2069661885","https://openalex.org/W2119852587","https://openalex.org/W2119871945","https://openalex.org/W2143244564","https://openalex.org/W2145224695","https://openalex.org/W2150446539","https://openalex.org/W2152725427","https://openalex.org/W2153185479","https://openalex.org/W2156858199","https://openalex.org/W2170478581","https://openalex.org/W2170922286","https://openalex.org/W2171644977","https://openalex.org/W2280486853","https://openalex.org/W2542654018","https://openalex.org/W2593765440","https://openalex.org/W2735686703","https://openalex.org/W2748690817","https://openalex.org/W4210676563","https://openalex.org/W4246166885","https://openalex.org/W6606581011","https://openalex.org/W6611426298","https://openalex.org/W6630065895","https://openalex.org/W6639560864","https://openalex.org/W6645332843","https://openalex.org/W6663775516","https://openalex.org/W6667984497","https://openalex.org/W6728967791"],"related_works":["https://openalex.org/W2083794993","https://openalex.org/W4379115841","https://openalex.org/W1511772879","https://openalex.org/W3170750609","https://openalex.org/W2979471250","https://openalex.org/W2127898439","https://openalex.org/W2186315912","https://openalex.org/W2098397451","https://openalex.org/W2248125223","https://openalex.org/W3195664246"],"abstract_inverted_index":{"We":[0,154],"present":[1],"preliminary":[2],"results":[3],"of":[4,22,38,44,58,65,88,97,137,163],"a":[5,19,112],"study":[6,49],"on":[7,12,94,102],"memory":[8],"vulnerability":[9,32],"detectors":[10,41,68,106,138,165],"based":[11],"(static":[13],"and/or":[14],"dynamic)":[15],"program":[16],"analysis.":[17],"Against":[18],"public":[20],"suite":[21],"520":[23],"C/C++":[24],"programs":[25],"as":[26],"benchmarks":[27,59],"which":[28],"cover":[29],"14":[30],"different":[31],"categories,":[33],"we":[34,60],"measured":[35],"the":[36,55,63,89,115,129,159],"performance":[37],"five":[39],"state-of-the-art":[40],"in":[42,147,149],"terms":[43],"effectiveness":[45,64],"and":[46,79,131,144,161],"efficiency.":[47],"Our":[48],"revealed":[50],"that":[51],"with":[52],"respect":[53],"to":[54,72,76,81],"particular":[56],"set":[57],"chose:":[61],"(1)":[62],"these":[66,105,164],"studied":[67],"varied":[69],"widely:":[70],"66.7%":[71],"100%":[73,77,82],"precision,":[74],"0%":[75,80],"recall,":[78],"F1":[83],"per":[84],"category,":[85],"indicating":[86],"most":[87,130],"techniques":[90],"worked":[91],"extremely":[92],"well":[93],"certain":[95],"kinds":[96],"vulnerabilities":[98],"yet":[99],"quite":[100,109],"poorly":[101],"others,":[103],"(2)":[104],"were":[107,121],"generally":[108],"efficient:":[110],"despite":[111],"few":[113],"outliers,":[114],"average":[116],"(per":[117],"benchmark)":[118],"time":[119],"costs":[120],"around":[122],"one":[123],"second,":[124],"(3)":[125],"except":[126],"for":[127],"between":[128],"least":[132],"accurate":[133],"detectors,":[134],"other":[135],"pairs":[136],"did":[139],"not":[140],"have":[141],"statistically":[142],"significant":[143],"large":[145],"differences":[146],"accuracy":[148],"our":[150,168],"pair-wise":[151],"statistical":[152],"testing.":[153],"also":[155],"share":[156],"insights":[157],"into":[158],"failures":[160],"successes":[162],"obtained":[166],"from":[167],"case":[169],"studies.":[170]},"counts_by_year":[{"year":2024,"cited_by_count":2},{"year":2023,"cited_by_count":2},{"year":2022,"cited_by_count":4},{"year":2021,"cited_by_count":1},{"year":2020,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}