{"id":"https://openalex.org/W2990323480","doi":"https://doi.org/10.1109/tdsc.2019.2954088","title":"Software Vulnerability Discovery via Learning Multi-Domain Knowledge Bases","display_name":"Software Vulnerability Discovery via Learning Multi-Domain Knowledge Bases","publication_year":2019,"publication_date":"2019-11-19","ids":{"openalex":"https://openalex.org/W2990323480","doi":"https://doi.org/10.1109/tdsc.2019.2954088","mag":"2990323480"},"language":"en","primary_location":{"id":"doi:10.1109/tdsc.2019.2954088","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tdsc.2019.2954088","pdf_url":null,"source":{"id":"https://openalex.org/S133795288","display_name":"IEEE Transactions on Dependable and Secure Computing","issn_l":"1545-5971","issn":["1545-5971","1941-0018","2160-9209"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320439","host_organization_name":"IEEE Computer Society","host_organization_lineage":["https://openalex.org/P4310320439","https://openalex.org/P4310319808"],"host_organization_lineage_names":["IEEE Computer Society","Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Dependable and Secure Computing","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://figshare.com/articles/journal_contribution/Software_Vulnerability_Discovery_via_Learning_Multi-Domain_Knowledge_Bases/21023698","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5085946103","display_name":"Guanjun Lin","orcid":"https://orcid.org/0000-0003-3280-1307"},"institutions":[{"id":"https://openalex.org/I57093077","display_name":"Swinburne University of Technology","ror":"https://ror.org/031rekg67","country_code":"AU","type":"education","lineage":["https://openalex.org/I57093077"]}],"countries":["AU"],"is_corresponding":true,"raw_author_name":"Guanjun Lin","raw_affiliation_strings":["School of Software and Electrical Engineering, Swinburne University of Technology, Melbourne, VIC, Australia"],"affiliations":[{"raw_affiliation_string":"School of Software and Electrical Engineering, Swinburne University of Technology, Melbourne, VIC, Australia","institution_ids":["https://openalex.org/I57093077"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5044019139","display_name":"Jun Zhang","orcid":"https://orcid.org/0000-0002-2189-7801"},"institutions":[{"id":"https://openalex.org/I57093077","display_name":"Swinburne University of Technology","ror":"https://ror.org/031rekg67","country_code":"AU","type":"education","lineage":["https://openalex.org/I57093077"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Jun Zhang","raw_affiliation_strings":["School of Software and Electrical Engineering, Swinburne University of Technology, Melbourne, VIC, Australia"],"affiliations":[{"raw_affiliation_string":"School of Software and Electrical Engineering, Swinburne University of Technology, Melbourne, VIC, Australia","institution_ids":["https://openalex.org/I57093077"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5090419741","display_name":"Wei Luo","orcid":"https://orcid.org/0000-0002-4711-7543"},"institutions":[{"id":"https://openalex.org/I149704539","display_name":"Deakin University","ror":"https://ror.org/02czsnj07","country_code":"AU","type":"education","lineage":["https://openalex.org/I149704539"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Wei Luo","raw_affiliation_strings":["School of Information Technology, Deakin University, Geelong, VIC, Australia"],"affiliations":[{"raw_affiliation_string":"School of Information Technology, Deakin University, Geelong, VIC, Australia","institution_ids":["https://openalex.org/I149704539"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5045991464","display_name":"Lei Pan","orcid":"https://orcid.org/0000-0002-4691-8330"},"institutions":[{"id":"https://openalex.org/I149704539","display_name":"Deakin University","ror":"https://ror.org/02czsnj07","country_code":"AU","type":"education","lineage":["https://openalex.org/I149704539"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Lei Pan","raw_affiliation_strings":["School of Information Technology, Deakin University, Geelong, VIC, Australia"],"affiliations":[{"raw_affiliation_string":"School of Information Technology, Deakin University, Geelong, VIC, Australia","institution_ids":["https://openalex.org/I149704539"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5026180696","display_name":"Olivier De Vel","orcid":"https://orcid.org/0000-0001-5179-3707"},"institutions":[{"id":"https://openalex.org/I1303474014","display_name":"Defence Science and Technology Group","ror":"https://ror.org/05ddrvt52","country_code":"AU","type":"funder","lineage":["https://openalex.org/I1303474014","https://openalex.org/I2801453606","https://openalex.org/I3139952251"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Olivier De Vel","raw_affiliation_strings":["Department of Defence, Defence Science and Technology Group (DSTG), Canberra, ACT, Australia"],"affiliations":[{"raw_affiliation_string":"Department of Defence, Defence Science and Technology Group (DSTG), Canberra, ACT, Australia","institution_ids":["https://openalex.org/I1303474014"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5024595046","display_name":"Paul Montague","orcid":"https://orcid.org/0000-0001-9461-7471"},"institutions":[{"id":"https://openalex.org/I1303474014","display_name":"Defence Science and Technology Group","ror":"https://ror.org/05ddrvt52","country_code":"AU","type":"funder","lineage":["https://openalex.org/I1303474014","https://openalex.org/I2801453606","https://openalex.org/I3139952251"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Paul Montague","raw_affiliation_strings":["Department of Defence, Defence Science and Technology Group (DSTG), Canberra, ACT, Australia"],"affiliations":[{"raw_affiliation_string":"Department of Defence, Defence Science and Technology Group (DSTG), Canberra, ACT, Australia","institution_ids":["https://openalex.org/I1303474014"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5100666554","display_name":"Yang Xiang","orcid":"https://orcid.org/0000-0001-5252-0831"},"institutions":[{"id":"https://openalex.org/I57093077","display_name":"Swinburne University of Technology","ror":"https://ror.org/031rekg67","country_code":"AU","type":"education","lineage":["https://openalex.org/I57093077"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Yang Xiang","raw_affiliation_strings":["School of Software and Electrical Engineering, Swinburne University of Technology, Melbourne, VIC, Australia"],"affiliations":[{"raw_affiliation_string":"School of Software and Electrical Engineering, Swinburne University of Technology, Melbourne, VIC, Australia","institution_ids":["https://openalex.org/I57093077"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":7,"corresponding_author_ids":["https://openalex.org/A5085946103"],"corresponding_institution_ids":["https://openalex.org/I57093077"],"apc_list":null,"apc_paid":null,"fwci":14.0924,"has_fulltext":false,"cited_by_count":122,"citation_normalized_percentile":{"value":0.98829742,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":90,"max":100},"biblio":{"volume":"18","issue":"5","first_page":"2469","last_page":"2485"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9979000091552734,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.996999979019165,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8308403491973877},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.7096636295318604},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.5413614511489868},{"id":"https://openalex.org/keywords/knowledge-extraction","display_name":"Knowledge extraction","score":0.5259473323822021},{"id":"https://openalex.org/keywords/domain","display_name":"Domain (mathematical analysis)","score":0.5127440690994263},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.5070393085479736},{"id":"https://openalex.org/keywords/deep-learning","display_name":"Deep learning","score":0.47889748215675354},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.4635801315307617},{"id":"https://openalex.org/keywords/domain-knowledge","display_name":"Domain knowledge","score":0.43018639087677},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.3709089756011963},{"id":"https://openalex.org/keywords/data-science","display_name":"Data science","score":0.33859720826148987},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.2216281294822693}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8308403491973877},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.7096636295318604},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.5413614511489868},{"id":"https://openalex.org/C120567893","wikidata":"https://www.wikidata.org/wiki/Q1582085","display_name":"Knowledge extraction","level":2,"score":0.5259473323822021},{"id":"https://openalex.org/C36503486","wikidata":"https://www.wikidata.org/wiki/Q11235244","display_name":"Domain (mathematical analysis)","level":2,"score":0.5127440690994263},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.5070393085479736},{"id":"https://openalex.org/C108583219","wikidata":"https://www.wikidata.org/wiki/Q197536","display_name":"Deep learning","level":2,"score":0.47889748215675354},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.4635801315307617},{"id":"https://openalex.org/C207685749","wikidata":"https://www.wikidata.org/wiki/Q2088941","display_name":"Domain knowledge","level":2,"score":0.43018639087677},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.3709089756011963},{"id":"https://openalex.org/C2522767166","wikidata":"https://www.wikidata.org/wiki/Q2374463","display_name":"Data science","level":1,"score":0.33859720826148987},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.2216281294822693},{"id":"https://openalex.org/C134306372","wikidata":"https://www.wikidata.org/wiki/Q7754","display_name":"Mathematical analysis","level":1,"score":0.0},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.0},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.0}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.1109/tdsc.2019.2954088","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tdsc.2019.2954088","pdf_url":null,"source":{"id":"https://openalex.org/S133795288","display_name":"IEEE Transactions on Dependable and Secure Computing","issn_l":"1545-5971","issn":["1545-5971","1941-0018","2160-9209"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320439","host_organization_name":"IEEE Computer Society","host_organization_lineage":["https://openalex.org/P4310320439","https://openalex.org/P4310319808"],"host_organization_lineage_names":["IEEE Computer Society","Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Dependable and Secure Computing","raw_type":"journal-article"},{"id":"pmh:oai:dro.deakin.edu.au:DU:30133639","is_oa":false,"landing_page_url":null,"pdf_url":null,"source":{"id":"https://openalex.org/S4306401102","display_name":"Own your potential (DEAKIN)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I149704539","host_organization_name":"Deakin University","host_organization_lineage":["https://openalex.org/I149704539"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"Journal Article"},{"id":"pmh:oai:figshare.com:article/21023698","is_oa":true,"landing_page_url":"https://figshare.com/articles/journal_contribution/Software_Vulnerability_Discovery_via_Learning_Multi-Domain_Knowledge_Bases/21023698","pdf_url":null,"source":{"id":"https://openalex.org/S4377196282","display_name":"Figshare","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I4210132348","host_organization_name":"Figshare (United Kingdom)","host_organization_lineage":["https://openalex.org/I4210132348"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"Text"}],"best_oa_location":{"id":"pmh:oai:figshare.com:article/21023698","is_oa":true,"landing_page_url":"https://figshare.com/articles/journal_contribution/Software_Vulnerability_Discovery_via_Learning_Multi-Domain_Knowledge_Bases/21023698","pdf_url":null,"source":{"id":"https://openalex.org/S4377196282","display_name":"Figshare","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I4210132348","host_organization_name":"Figshare (United Kingdom)","host_organization_lineage":["https://openalex.org/I4210132348"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"Text"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":60,"referenced_works":["https://openalex.org/W133470593","https://openalex.org/W168564468","https://openalex.org/W179875071","https://openalex.org/W1532325895","https://openalex.org/W1581407678","https://openalex.org/W1614298861","https://openalex.org/W1689711448","https://openalex.org/W1710734607","https://openalex.org/W1899504021","https://openalex.org/W1964962870","https://openalex.org/W1976299830","https://openalex.org/W1988524530","https://openalex.org/W1990762361","https://openalex.org/W1992114977","https://openalex.org/W1997236144","https://openalex.org/W2004758929","https://openalex.org/W2027887391","https://openalex.org/W2043811931","https://openalex.org/W2043837581","https://openalex.org/W2051000513","https://openalex.org/W2064675550","https://openalex.org/W2069268700","https://openalex.org/W2079753286","https://openalex.org/W2101234009","https://openalex.org/W2128782367","https://openalex.org/W2137052698","https://openalex.org/W2165004968","https://openalex.org/W2166336492","https://openalex.org/W2187089797","https://openalex.org/W2360967250","https://openalex.org/W2402144811","https://openalex.org/W2535617737","https://openalex.org/W2547418827","https://openalex.org/W2634106992","https://openalex.org/W2765858138","https://openalex.org/W2790664081","https://openalex.org/W2791130372","https://openalex.org/W2793157084","https://openalex.org/W2794659749","https://openalex.org/W2796200341","https://openalex.org/W2905097561","https://openalex.org/W2912193191","https://openalex.org/W2951305674","https://openalex.org/W2953384591","https://openalex.org/W2962960733","https://openalex.org/W2963935794","https://openalex.org/W3004040842","https://openalex.org/W3125937743","https://openalex.org/W4213009331","https://openalex.org/W4285719527","https://openalex.org/W6605468800","https://openalex.org/W6607333740","https://openalex.org/W6631636882","https://openalex.org/W6634906388","https://openalex.org/W6636510571","https://openalex.org/W6637688222","https://openalex.org/W6675354045","https://openalex.org/W6713134421","https://openalex.org/W6729216784","https://openalex.org/W6749470980"],"related_works":["https://openalex.org/W2357854711","https://openalex.org/W2054759342","https://openalex.org/W2051700896","https://openalex.org/W1552255772","https://openalex.org/W2111524952","https://openalex.org/W1583422155","https://openalex.org/W4239551281","https://openalex.org/W4234690372","https://openalex.org/W2103484298","https://openalex.org/W2143521128"],"abstract_inverted_index":{"Machine":[0],"learning":[1,19,91,182],"(ML)":[2],"has":[3],"great":[4],"potential":[5],"in":[6,132,230],"automated":[7,12],"code":[8],"vulnerability":[9,35,103,121,133,193,209,214,232],"discovery.":[10],"However,":[11],"discovery":[13,215],"application":[14],"driven":[15],"by":[16,178,199],"off-the-shelf":[17],"machine":[18],"tools":[20],"often":[21],"performs":[22],"poorly":[23],"due":[24],"to":[25,54,74,85,158],"the":[26,56,76,112,129,136,154,163,166,174,179,205,212],"shortage":[27],"of":[28,34,119,162,165,207,223],"high-quality":[29],"training":[30],"data.":[31],"The":[32,94,221],"scarceness":[33],"data":[36,70,81,97,104,110,138,156,203,236],"is":[37,52],"almost":[38],"always":[39],"a":[40,62,87,142],"problem":[41],"for":[42,90,191],"any":[43],"developing":[44],"software":[45,107],"project":[46],"during":[47],"its":[48],"early":[49],"stages,":[50],"which":[51],"referred":[53],"as":[55],"cold-start":[57],"problem.":[58],"This":[59],"article":[60,225],"proposes":[61],"framework":[63,144,152],"that":[64,173,198],"utilizes":[65],"transferable":[66,92,190],"knowledge":[67],"from":[68,105,111,135],"pre-existing":[69],"sources.":[71,237],"In":[72],"order":[73],"improve":[75],"detection":[77,134,210,233],"performance,":[78],"multiple":[79],"vulnerability-relevant":[80,96],"sources":[82,98,157],"were":[83],"selected":[84,95],"form":[86],"broader":[88],"base":[89],"knowledge.":[93],"are":[99,184,189],"cross-domain,":[100],"including":[101],"historical":[102],"different":[106],"projects":[108],"and":[109,123,186,188],"Software":[113],"Assurance":[114],"Reference":[115],"Database":[116],"(SARD)":[117],"consisting":[118],"synthetic":[120],"examples":[122],"proof-of-concept":[124],"test":[125],"cases.":[126],"To":[127],"extract":[128],"information":[130],"applicable":[131],"cross-domain":[137],"sets,":[139],"we":[140],"designed":[141],"deep-learning-based":[143],"with":[145],"Long-short":[146],"Term":[147],"Memory":[148],"(LSTM)":[149],"cells.":[150],"Our":[151,195],"combines":[153],"heterogeneous":[155,202,235],"learn":[159],"unified":[160,175],"representations":[161,176],"patterns":[164],"vulnerable":[167],"source":[168],"codes.":[169],"Empirical":[170],"studies":[171],"showed":[172],"generated":[177],"proposed":[180],"deep":[181],"networks":[183],"feasible":[185],"effective,":[187],"real-world":[192],"detection.":[194],"experiments":[196],"demonstrated":[197],"leveraging":[200],"two":[201],"sources,":[204],"performance":[206],"our":[208],"outperformed":[211],"static":[213],"tool":[216],"<italic":[217],"xmlns:mml=\"http://www.w3.org/1998/Math/MathML\"":[218],"xmlns:xlink=\"http://www.w3.org/1999/xlink\">Flawfinder</i>":[219],".":[220],"findings":[222],"this":[224],"may":[226],"stimulate":[227],"further":[228],"research":[229],"ML-based":[231],"using":[234]},"counts_by_year":[{"year":2026,"cited_by_count":4},{"year":2025,"cited_by_count":22},{"year":2024,"cited_by_count":25},{"year":2023,"cited_by_count":31},{"year":2022,"cited_by_count":21},{"year":2021,"cited_by_count":6},{"year":2020,"cited_by_count":12},{"year":2019,"cited_by_count":1}],"updated_date":"2026-04-14T08:04:32.555800","created_date":"2025-10-10T00:00:00"}