{"id":"https://openalex.org/W4413392519","doi":"https://doi.org/10.1109/tdsc.2025.3601228","title":"Real-World Code Vulnerability Detection Framework: From Data Preprocessing to Multi-Feature Fusion Detection","display_name":"Real-World Code Vulnerability Detection Framework: From Data Preprocessing to Multi-Feature Fusion Detection","publication_year":2025,"publication_date":"2025-08-21","ids":{"openalex":"https://openalex.org/W4413392519","doi":"https://doi.org/10.1109/tdsc.2025.3601228"},"language":"en","primary_location":{"id":"doi:10.1109/tdsc.2025.3601228","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tdsc.2025.3601228","pdf_url":null,"source":{"id":"https://openalex.org/S133795288","display_name":"IEEE Transactions on Dependable and Secure Computing","issn_l":"1545-5971","issn":["1545-5971","1941-0018","2160-9209"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320439","host_organization_name":"IEEE Computer Society","host_organization_lineage":["https://openalex.org/P4310320439","https://openalex.org/P4310319808"],"host_organization_lineage_names":["IEEE Computer Society","Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Dependable and Secure Computing","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5013326296","display_name":"Jixian Zhang","orcid":null},"institutions":[{"id":"https://openalex.org/I116953780","display_name":"Tongji University","ror":"https://ror.org/03rc6as71","country_code":"CN","type":"education","lineage":["https://openalex.org/I116953780"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Jixian Zhang","raw_affiliation_strings":["School of Computer Science and Technology, Tongji University, Shanghai, China"],"affiliations":[{"raw_affiliation_string":"School of Computer Science and Technology, Tongji University, Shanghai, China","institution_ids":["https://openalex.org/I116953780"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5014357319","display_name":"Qiang Du","orcid":"https://orcid.org/0009-0003-7172-5682"},"institutions":[{"id":"https://openalex.org/I116953780","display_name":"Tongji University","ror":"https://ror.org/03rc6as71","country_code":"CN","type":"education","lineage":["https://openalex.org/I116953780"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Qingfeng Du","raw_affiliation_strings":["School of Computer Science and Technology, Tongji University, Shanghai, China"],"affiliations":[{"raw_affiliation_string":"School of Computer Science and Technology, Tongji University, Shanghai, China","institution_ids":["https://openalex.org/I116953780"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100359844","display_name":"Sheng Li","orcid":"https://orcid.org/0000-0003-2144-958X"},"institutions":[{"id":"https://openalex.org/I116953780","display_name":"Tongji University","ror":"https://ror.org/03rc6as71","country_code":"CN","type":"education","lineage":["https://openalex.org/I116953780"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Sheng Li","raw_affiliation_strings":["School of Computer Science and Technology, Tongji University, Shanghai, China"],"affiliations":[{"raw_affiliation_string":"School of Computer Science and Technology, Tongji University, Shanghai, China","institution_ids":["https://openalex.org/I116953780"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5023381837","display_name":"Zhongda Lu","orcid":"https://orcid.org/0000-0003-2842-0245"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Zhongda Lu","raw_affiliation_strings":["Beijing Baolande Software Corporation, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Beijing Baolande Software Corporation, Beijing, China","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5013392237","display_name":"Ting He","orcid":"https://orcid.org/0000-0001-9470-4081"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Ting He","raw_affiliation_strings":["Beijing Baolande Software Corporation, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Beijing Baolande Software Corporation, Beijing, China","institution_ids":[]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5100319548","display_name":"Cheng\u2010Wei Liu","orcid":"https://orcid.org/0000-0001-5095-8039"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Chengwei Liu","raw_affiliation_strings":["Beijing Baolande Software Corporation, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Beijing Baolande Software Corporation, Beijing, China","institution_ids":[]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5013326296"],"corresponding_institution_ids":["https://openalex.org/I116953780"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.2218577,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":"22","issue":"6","first_page":"7890","last_page":"7907"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.988099992275238,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.988099992275238,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.982200026512146,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12423","display_name":"Software Reliability and Analysis Research","score":0.9789000153541565,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8006675243377686},{"id":"https://openalex.org/keywords/preprocessor","display_name":"Preprocessor","score":0.5803072452545166},{"id":"https://openalex.org/keywords/code","display_name":"Code (set theory)","score":0.5614113807678223},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.5151099562644958},{"id":"https://openalex.org/keywords/feature","display_name":"Feature (linguistics)","score":0.4778706431388855},{"id":"https://openalex.org/keywords/data-pre-processing","display_name":"Data pre-processing","score":0.470790296792984},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.45506757497787476},{"id":"https://openalex.org/keywords/sensor-fusion","display_name":"Sensor fusion","score":0.4396500885486603},{"id":"https://openalex.org/keywords/feature-extraction","display_name":"Feature extraction","score":0.4174904227256775},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.35881543159484863},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.2299998700618744}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8006675243377686},{"id":"https://openalex.org/C34736171","wikidata":"https://www.wikidata.org/wiki/Q918333","display_name":"Preprocessor","level":2,"score":0.5803072452545166},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.5614113807678223},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.5151099562644958},{"id":"https://openalex.org/C2776401178","wikidata":"https://www.wikidata.org/wiki/Q12050496","display_name":"Feature (linguistics)","level":2,"score":0.4778706431388855},{"id":"https://openalex.org/C10551718","wikidata":"https://www.wikidata.org/wiki/Q5227332","display_name":"Data pre-processing","level":2,"score":0.470790296792984},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.45506757497787476},{"id":"https://openalex.org/C33954974","wikidata":"https://www.wikidata.org/wiki/Q486494","display_name":"Sensor fusion","level":2,"score":0.4396500885486603},{"id":"https://openalex.org/C52622490","wikidata":"https://www.wikidata.org/wiki/Q1026626","display_name":"Feature extraction","level":2,"score":0.4174904227256775},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.35881543159484863},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.2299998700618744},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.0},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.0},{"id":"https://openalex.org/C41895202","wikidata":"https://www.wikidata.org/wiki/Q8162","display_name":"Linguistics","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/tdsc.2025.3601228","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tdsc.2025.3601228","pdf_url":null,"source":{"id":"https://openalex.org/S133795288","display_name":"IEEE Transactions on Dependable and Secure Computing","issn_l":"1545-5971","issn":["1545-5971","1941-0018","2160-9209"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320439","host_organization_name":"IEEE Computer Society","host_organization_lineage":["https://openalex.org/P4310320439","https://openalex.org/P4310319808"],"host_organization_lineage_names":["IEEE Computer Society","Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Dependable and Secure Computing","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":49,"referenced_works":["https://openalex.org/W2606250847","https://openalex.org/W2621187857","https://openalex.org/W2781491433","https://openalex.org/W2796200341","https://openalex.org/W2806718802","https://openalex.org/W2885030880","https://openalex.org/W2963208797","https://openalex.org/W2963355447","https://openalex.org/W2965861627","https://openalex.org/W2998879504","https://openalex.org/W3045200674","https://openalex.org/W3048901179","https://openalex.org/W3091588759","https://openalex.org/W3097854935","https://openalex.org/W3098605233","https://openalex.org/W3132728051","https://openalex.org/W3136874603","https://openalex.org/W3161071537","https://openalex.org/W3166095789","https://openalex.org/W3183469243","https://openalex.org/W3195703954","https://openalex.org/W3198685994","https://openalex.org/W3217001695","https://openalex.org/W4286252390","https://openalex.org/W4311165836","https://openalex.org/W4318562265","https://openalex.org/W4328028530","https://openalex.org/W4362509191","https://openalex.org/W4380520352","https://openalex.org/W4384302789","https://openalex.org/W4386575032","https://openalex.org/W4387191003","https://openalex.org/W4387298393","https://openalex.org/W4389232932","https://openalex.org/W4389519352","https://openalex.org/W4389524484","https://openalex.org/W4390245545","https://openalex.org/W4390933267","https://openalex.org/W4391113096","https://openalex.org/W4392247091","https://openalex.org/W4392877919","https://openalex.org/W4392938508","https://openalex.org/W4396746146","https://openalex.org/W4399837262","https://openalex.org/W4400531953","https://openalex.org/W4400647844","https://openalex.org/W4400887719","https://openalex.org/W4400907626","https://openalex.org/W4408248601"],"related_works":["https://openalex.org/W2989490741","https://openalex.org/W3092506759","https://openalex.org/W2367545121","https://openalex.org/W4248881655","https://openalex.org/W2482165163","https://openalex.org/W3010890513","https://openalex.org/W120741642","https://openalex.org/W138569904","https://openalex.org/W2390914021","https://openalex.org/W2389417819"],"abstract_inverted_index":{"Code":[0],"vulnerability":[1,115],"detection":[2],"(CVD)":[3],"is":[4,44],"a":[5,29,95,107,127,144,162,186,204],"critical":[6],"approach":[7,124],"to":[8,28,52,113,133,149,168,194,221],"ensuring":[9],"the":[10,39,60,67,75,118,135,139,151,157,178,200,210,229,241],"security,":[11],"stability,":[12],"and":[13,34,55,79,82,97,172,224,233,236],"reliability":[14],"of":[15,31,41,63,71,86,138,153,180,212],"software.":[16],"When":[17],"exploited":[18],"by":[19],"malicious":[20],"actors":[21],"or":[22],"hackers,":[23],"code":[24,72,87,163,217],"vulnerabilities":[25,198],"can":[26],"lead":[27],"series":[30],"severe":[32],"consequences":[33],"cause":[35],"significant":[36],"losses.":[37],"However,":[38],"effectiveness":[40,211],"real-world":[42,64,101,120,187,206,216],"CVD":[43,65,102,121,188,207],"currently":[45],"unsatisfactory,":[46],"with":[47,126],"several":[48],"issues":[49,58],"that":[50],"need":[51],"be":[53],"optimized":[54],"resolved.":[56],"These":[57],"include":[59],"poor":[61],"quality":[62,137],"datasets,":[66],"high":[68],"resource":[69,173],"consumption":[70,174],"intermediate":[73,164],"structures,":[74],"imbalance":[76,155],"between":[77],"positive":[78],"negative":[80],"samples,":[81],"insufficient":[83],"feature":[84],"modeling":[85],"vulnerabilities.":[88],"To":[89],"address":[90],"these":[91],"challenges,":[92],"we":[93,142,184],"propose":[94,143,161,185],"comprehensive":[96],"efficient":[98],"framework":[99],"for":[100],"called":[103],"MARCOVul.":[104],"It":[105],"offers":[106],"complete":[108],"process":[109],"from":[110],"data":[111,128,146],"preprocessing":[112],"final":[114],"detection,":[116],"optimizing":[117],"entire":[119],"pipeline.":[122],"Our":[123],"begins":[125],"derivation":[129],"technique":[130],"which":[131],"seeks":[132],"improve":[134],"overall":[136],"dataset.":[140,158],"Next,":[141],"code-specific":[145],"augmentation":[147],"method":[148,167,189],"tackle":[150],"issue":[152],"sample":[154],"in":[156,199,214],"We":[159],"then":[160],"structure":[165],"simplification":[166],"reduce":[169],"computational":[170],"complexity":[171],"while":[175],"fully":[176],"leveraging":[177],"power":[179],"language":[181],"models.":[182],"Finally,":[183],"based":[190],"on":[191,203],"multi-feature":[192],"fusion":[193],"identify":[195],"potential":[196],"security":[197],"code.":[201],"Experiments":[202],"large-scale":[205],"dataset":[208],"demonstrate":[209],"MARCOVul":[213],"detecting":[215],"vulnerabilities,":[218],"achieving":[219],"up":[220],"12.75%":[222],"BF1":[223,235],"6.98%":[225],"MCC":[226,238],"improvements":[227],"over":[228,240],"best":[230,242],"unweighted":[231],"baselines,":[232],"1.55%":[234],"1.42%":[237],"gains":[239],"weighted":[243],"ones.":[244]},"counts_by_year":[],"updated_date":"2026-03-27T05:58:40.876381","created_date":"2025-10-10T00:00:00"}