{"id":"https://openalex.org/W4402774224","doi":"https://doi.org/10.1109/tifs.2024.3457162","title":"HeVulD: A Static Vulnerability Detection Method Using Heterogeneous Graph Code Representation","display_name":"HeVulD: A Static Vulnerability Detection Method Using Heterogeneous Graph Code Representation","publication_year":2024,"publication_date":"2024-01-01","ids":{"openalex":"https://openalex.org/W4402774224","doi":"https://doi.org/10.1109/tifs.2024.3457162"},"language":"en","primary_location":{"id":"doi:10.1109/tifs.2024.3457162","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tifs.2024.3457162","pdf_url":null,"source":{"id":"https://openalex.org/S61310614","display_name":"IEEE Transactions on Information Forensics and Security","issn_l":"1556-6013","issn":["1556-6013","1556-6021"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Information Forensics and Security","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5079544695","display_name":"Yuanming Huang","orcid":"https://orcid.org/0000-0003-1076-6897"},"institutions":[{"id":"https://openalex.org/I139759216","display_name":"Beijing University of Posts and Telecommunications","ror":"https://ror.org/04w9fbh59","country_code":"CN","type":"education","lineage":["https://openalex.org/I139759216"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Yuanming Huang","raw_affiliation_strings":["School of Integrated Circuits, Beijing University of Posts and Telecommunications, Beijing, China"],"affiliations":[{"raw_affiliation_string":"School of Integrated Circuits, Beijing University of Posts and Telecommunications, Beijing, China","institution_ids":["https://openalex.org/I139759216"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5049069235","display_name":"Mingshu He","orcid":"https://orcid.org/0000-0002-2896-4595"},"institutions":[{"id":"https://openalex.org/I139759216","display_name":"Beijing University of Posts and Telecommunications","ror":"https://ror.org/04w9fbh59","country_code":"CN","type":"education","lineage":["https://openalex.org/I139759216"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Mingshu He","raw_affiliation_strings":["School of Cyberspace Security, Beijing University of Posts and Telecommunications, Beijing, China"],"affiliations":[{"raw_affiliation_string":"School of Cyberspace Security, Beijing University of Posts and Telecommunications, Beijing, China","institution_ids":["https://openalex.org/I139759216"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100428970","display_name":"Xiaojuan Wang","orcid":"https://orcid.org/0000-0002-3490-963X"},"institutions":[{"id":"https://openalex.org/I139759216","display_name":"Beijing University of Posts and Telecommunications","ror":"https://ror.org/04w9fbh59","country_code":"CN","type":"education","lineage":["https://openalex.org/I139759216"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Xiaojuan Wang","raw_affiliation_strings":["School of Electronic Engineering, Beijing University of Posts and Telecommunications, Beijing, China"],"affiliations":[{"raw_affiliation_string":"School of Electronic Engineering, Beijing University of Posts and Telecommunications, Beijing, China","institution_ids":["https://openalex.org/I139759216"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5100436639","display_name":"Jie Zhang","orcid":"https://orcid.org/0000-0001-7750-2197"},"institutions":[{"id":"https://openalex.org/I139759216","display_name":"Beijing University of Posts and Telecommunications","ror":"https://ror.org/04w9fbh59","country_code":"CN","type":"education","lineage":["https://openalex.org/I139759216"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Jie Zhang","raw_affiliation_strings":["School of Integrated Circuits, Beijing University of Posts and Telecommunications, Beijing, China"],"affiliations":[{"raw_affiliation_string":"School of Integrated Circuits, Beijing University of Posts and Telecommunications, Beijing, China","institution_ids":["https://openalex.org/I139759216"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5079544695"],"corresponding_institution_ids":["https://openalex.org/I139759216"],"apc_list":null,"apc_paid":null,"fwci":2.7379,"has_fulltext":false,"cited_by_count":8,"citation_normalized_percentile":{"value":0.91415854,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":96,"max":100},"biblio":{"volume":"19","issue":null,"first_page":"9129","last_page":"9144"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9890000224113464,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9890000224113464,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9889000058174133,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12423","display_name":"Software Reliability and Analysis Research","score":0.9886999726295471,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8574401140213013},{"id":"https://openalex.org/keywords/graph","display_name":"Graph","score":0.5198343396186829},{"id":"https://openalex.org/keywords/representation","display_name":"Representation (politics)","score":0.46630871295928955},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.46371105313301086},{"id":"https://openalex.org/keywords/code","display_name":"Code (set theory)","score":0.4421081244945526},{"id":"https://openalex.org/keywords/static-analysis","display_name":"Static analysis","score":0.4317276179790497},{"id":"https://openalex.org/keywords/call-graph","display_name":"Call graph","score":0.4159185588359833},{"id":"https://openalex.org/keywords/theoretical-computer-science","display_name":"Theoretical computer science","score":0.3785043954849243},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.2686625123023987},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.21570047736167908}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8574401140213013},{"id":"https://openalex.org/C132525143","wikidata":"https://www.wikidata.org/wiki/Q141488","display_name":"Graph","level":2,"score":0.5198343396186829},{"id":"https://openalex.org/C2776359362","wikidata":"https://www.wikidata.org/wiki/Q2145286","display_name":"Representation (politics)","level":3,"score":0.46630871295928955},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.46371105313301086},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.4421081244945526},{"id":"https://openalex.org/C97686452","wikidata":"https://www.wikidata.org/wiki/Q7604153","display_name":"Static analysis","level":2,"score":0.4317276179790497},{"id":"https://openalex.org/C102379954","wikidata":"https://www.wikidata.org/wiki/Q2589940","display_name":"Call graph","level":2,"score":0.4159185588359833},{"id":"https://openalex.org/C80444323","wikidata":"https://www.wikidata.org/wiki/Q2878974","display_name":"Theoretical computer science","level":1,"score":0.3785043954849243},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.2686625123023987},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.21570047736167908},{"id":"https://openalex.org/C94625758","wikidata":"https://www.wikidata.org/wiki/Q7163","display_name":"Politics","level":2,"score":0.0},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.0},{"id":"https://openalex.org/C199539241","wikidata":"https://www.wikidata.org/wiki/Q7748","display_name":"Law","level":1,"score":0.0},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/tifs.2024.3457162","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tifs.2024.3457162","pdf_url":null,"source":{"id":"https://openalex.org/S61310614","display_name":"IEEE Transactions on Information Forensics and Security","issn_l":"1556-6013","issn":["1556-6013","1556-6021"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Information Forensics and Security","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"Reduced inequalities","id":"https://metadata.un.org/sdg/10","score":0.4399999976158142}],"awards":[{"id":"https://openalex.org/G5299944411","display_name":null,"funder_award_id":"62071056","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G6027343793","display_name":null,"funder_award_id":"62227805","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G7212251950","display_name":null,"funder_award_id":"62402053","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"}],"funders":[{"id":"https://openalex.org/F4320321001","display_name":"National Natural Science Foundation of China","ror":"https://ror.org/01h0zpd94"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":44,"referenced_works":["https://openalex.org/W103340358","https://openalex.org/W1698439592","https://openalex.org/W2064675550","https://openalex.org/W2075010670","https://openalex.org/W2128888088","https://openalex.org/W2144344516","https://openalex.org/W2507516899","https://openalex.org/W2781491433","https://openalex.org/W2885030880","https://openalex.org/W2911286998","https://openalex.org/W2939686442","https://openalex.org/W2952760279","https://openalex.org/W2963784672","https://openalex.org/W2976184969","https://openalex.org/W2998879504","https://openalex.org/W3004658838","https://openalex.org/W3012871709","https://openalex.org/W3089869718","https://openalex.org/W3094078906","https://openalex.org/W3109966548","https://openalex.org/W3114564117","https://openalex.org/W3117923638","https://openalex.org/W3137884047","https://openalex.org/W3153398259","https://openalex.org/W3161071537","https://openalex.org/W3166095789","https://openalex.org/W4210772589","https://openalex.org/W4221033043","https://openalex.org/W4284667406","https://openalex.org/W4287848613","https://openalex.org/W4309477403","https://openalex.org/W4312969325","https://openalex.org/W4328028478","https://openalex.org/W4361792201","https://openalex.org/W4365130681","https://openalex.org/W4376615930","https://openalex.org/W4380520352","https://openalex.org/W4383215759","https://openalex.org/W4390357286","https://openalex.org/W6610517080","https://openalex.org/W6631190155","https://openalex.org/W6755038706","https://openalex.org/W6767260250","https://openalex.org/W6776437433"],"related_works":["https://openalex.org/W3089825636","https://openalex.org/W1567493346","https://openalex.org/W2401085479","https://openalex.org/W2913797084","https://openalex.org/W2527850347","https://openalex.org/W4300962513","https://openalex.org/W3003055204","https://openalex.org/W4387982387","https://openalex.org/W2135849267","https://openalex.org/W2348335144"],"abstract_inverted_index":{"Vulnerability":[0],"detection":[1,50,113,168,198],"in":[2,12,56,202],"source":[3,46,134,151],"code":[4,57,67,89,100],"has":[5,171,184],"been":[6,172,185],"a":[7,109,124,146],"focal":[8],"point":[9],"of":[10,63,88,139,150,157],"research":[11],"recent":[13],"years.":[14],"Traditional":[15],"rule-based":[16],"methods":[17,33,69,94],"fail":[18],"to":[19,26,178,208],"identify":[20,209],"complex":[21],"and":[22,59,107,123,143,192,199,205],"unknown":[23,210],"vulnerabilities,":[24],"leading":[25],"poor":[27],"performance.":[28],"While":[29],"deep":[30],"learning":[31],"(DL)-based":[32],"have":[34],"improved":[35],"these":[36],"shortcomings,":[37],"there":[38],"is":[39],"still":[40],"room":[41],"for":[42,98,133],"enhancement.":[43],"For":[44],"C/C++":[45,99,111,166],"code,":[47],"effective":[48],"vulnerability":[49,112,167],"requires":[51],"considering":[52],"both":[53,140],"the":[54,60,64,160,193],"information":[55,62],"statements":[58,90],"structural":[61],"code.":[65,135,152],"Graph-based":[66],"representation":[68,149],"can":[70],"address":[71],"this":[72,105],"need,":[73],"but":[74],"existing":[75],"approaches":[76,122],"often":[77],"use":[78,95],"homogeneous":[79],"graphs":[80,97],"that":[81],"do":[82],"not":[83],"differentiate":[84],"between":[85],"various":[86],"types":[87],"or":[91],"dependencies.":[92],"Few":[93],"heterogeneous":[96,130,141],"representation.":[101],"This":[102],"study":[103],"explores":[104],"potential":[106],"proposes":[108],"new":[110],"method":[114],"named":[115],"HeVulD.":[116],"HeVulD":[117,153,170,183],"introduces":[118],"two":[119],"node":[120],"definition":[121],"key-node-based":[125],"program":[126],"slicing":[127],"method,":[128],"generating":[129],"graph":[131],"representations":[132,137],"These":[136],"consist":[138],"nodes":[142],"edges,":[144],"providing":[145],"more":[147],"precise":[148],"achieves":[154],"an":[155],"F1-score":[156],"96.4%":[158],"on":[159,187],"SARD":[161],"dataset,":[162],"outperforming":[163],"nine":[164],"baseline":[165],"methods.":[169],"tested":[173,186],"under":[174],"adversarial":[175],"attack":[176],"scenarios":[177,204],"assess":[179],"its":[180,197,206],"robustness.":[181],"Additionally,":[182],"ten":[188],"open-source":[189],"software":[190],"projects":[191],"latest":[194],"CVEs,":[195],"demonstrating":[196],"generalization":[200],"capabilities":[201],"real-world":[203],"ability":[207],"vulnerabilities.":[211]},"counts_by_year":[{"year":2026,"cited_by_count":5},{"year":2025,"cited_by_count":3}],"updated_date":"2026-04-09T08:11:56.329763","created_date":"2025-10-10T00:00:00"}