{"id":"https://openalex.org/W2796200341","doi":"https://doi.org/10.1109/tii.2018.2821768","title":"Cross-Project Transfer Representation Learning for Vulnerable Function Discovery","display_name":"Cross-Project Transfer Representation Learning for Vulnerable Function Discovery","publication_year":2018,"publication_date":"2018-04-02","ids":{"openalex":"https://openalex.org/W2796200341","doi":"https://doi.org/10.1109/tii.2018.2821768","mag":"2796200341"},"language":"en","primary_location":{"id":"doi:10.1109/tii.2018.2821768","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tii.2018.2821768","pdf_url":null,"source":{"id":"https://openalex.org/S184777250","display_name":"IEEE Transactions on Industrial Informatics","issn_l":"1551-3203","issn":["1551-3203","1941-0050"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Industrial Informatics","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://figshare.com/articles/journal_contribution/Cross-project_transfer_representation_learning_for_vulnerable_function_discovery/20807503","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5085946103","display_name":"Guanjun Lin","orcid":"https://orcid.org/0000-0003-3280-1307"},"institutions":[{"id":"https://openalex.org/I149704539","display_name":"Deakin University","ror":"https://ror.org/02czsnj07","country_code":"AU","type":"education","lineage":["https://openalex.org/I149704539"]}],"countries":["AU"],"is_corresponding":true,"raw_author_name":"Guanjun Lin","raw_affiliation_strings":["School of Information Technology, Deakin University, Geelong, VIC, Australia"],"affiliations":[{"raw_affiliation_string":"School of Information Technology, Deakin University, Geelong, VIC, Australia","institution_ids":["https://openalex.org/I149704539"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5044019139","display_name":"Jun Zhang","orcid":"https://orcid.org/0000-0002-2189-7801"},"institutions":[{"id":"https://openalex.org/I57093077","display_name":"Swinburne University of Technology","ror":"https://ror.org/031rekg67","country_code":"AU","type":"education","lineage":["https://openalex.org/I57093077"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Jun Zhang","raw_affiliation_strings":["School of Software and Electrical Engineering, Swinburne University of Technology, Melbourne, VIC, Australia"],"affiliations":[{"raw_affiliation_string":"School of Software and Electrical Engineering, Swinburne University of Technology, Melbourne, VIC, Australia","institution_ids":["https://openalex.org/I57093077"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5090419741","display_name":"Wei Luo","orcid":"https://orcid.org/0000-0002-4711-7543"},"institutions":[{"id":"https://openalex.org/I149704539","display_name":"Deakin University","ror":"https://ror.org/02czsnj07","country_code":"AU","type":"education","lineage":["https://openalex.org/I149704539"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Wei Luo","raw_affiliation_strings":["School of Information Technology, Deakin University, Geelong, VIC, Australia"],"affiliations":[{"raw_affiliation_string":"School of Information Technology, Deakin University, Geelong, VIC, Australia","institution_ids":["https://openalex.org/I149704539"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5045991464","display_name":"Lei Pan","orcid":"https://orcid.org/0000-0002-4691-8330"},"institutions":[{"id":"https://openalex.org/I149704539","display_name":"Deakin University","ror":"https://ror.org/02czsnj07","country_code":"AU","type":"education","lineage":["https://openalex.org/I149704539"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Lei Pan","raw_affiliation_strings":["School of Information Technology, Deakin University, Geelong, VIC, Australia"],"affiliations":[{"raw_affiliation_string":"School of Information Technology, Deakin University, Geelong, VIC, Australia","institution_ids":["https://openalex.org/I149704539"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100666554","display_name":"Yang Xiang","orcid":"https://orcid.org/0000-0001-5252-0831"},"institutions":[{"id":"https://openalex.org/I57093077","display_name":"Swinburne University of Technology","ror":"https://ror.org/031rekg67","country_code":"AU","type":"education","lineage":["https://openalex.org/I57093077"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Yang Xiang","raw_affiliation_strings":["Digital Research & Innovation Capability Platform, Swinburne University of Technology, Melbourne, VIC, Australia"],"affiliations":[{"raw_affiliation_string":"Digital Research & Innovation Capability Platform, Swinburne University of Technology, Melbourne, VIC, Australia","institution_ids":["https://openalex.org/I57093077"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5026180696","display_name":"Olivier De Vel","orcid":"https://orcid.org/0000-0001-5179-3707"},"institutions":[{"id":"https://openalex.org/I1303474014","display_name":"Defence Science and Technology Group","ror":"https://ror.org/05ddrvt52","country_code":"AU","type":"funder","lineage":["https://openalex.org/I1303474014","https://openalex.org/I2801453606","https://openalex.org/I3139952251"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Olivier De Vel","raw_affiliation_strings":["Department of Defence, Defence Science & Technology Group, Maribyrnong, VIC, Australia"],"affiliations":[{"raw_affiliation_string":"Department of Defence, Defence Science & Technology Group, Maribyrnong, VIC, Australia","institution_ids":["https://openalex.org/I1303474014"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5024595046","display_name":"Paul Montague","orcid":"https://orcid.org/0000-0001-9461-7471"},"institutions":[{"id":"https://openalex.org/I1303474014","display_name":"Defence Science and Technology Group","ror":"https://ror.org/05ddrvt52","country_code":"AU","type":"funder","lineage":["https://openalex.org/I1303474014","https://openalex.org/I2801453606","https://openalex.org/I3139952251"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Paul Montague","raw_affiliation_strings":["Department of Defence, Defence Science & Technology Group, Maribyrnong, VIC, Australia"],"affiliations":[{"raw_affiliation_string":"Department of Defence, Defence Science & Technology Group, Maribyrnong, VIC, Australia","institution_ids":["https://openalex.org/I1303474014"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":7,"corresponding_author_ids":["https://openalex.org/A5085946103"],"corresponding_institution_ids":["https://openalex.org/I149704539"],"apc_list":null,"apc_paid":null,"fwci":33.7156,"has_fulltext":false,"cited_by_count":218,"citation_normalized_percentile":{"value":0.99646528,"is_in_top_1_percent":true,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":97,"max":100},"biblio":{"volume":"14","issue":"7","first_page":"3289","last_page":"3297"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12423","display_name":"Software Reliability and Analysis Research","score":0.9980000257492065,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9894999861717224,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7666541337966919},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.5751904845237732},{"id":"https://openalex.org/keywords/software-quality","display_name":"Software quality","score":0.5691413879394531},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.5437953472137451},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.5335344076156616},{"id":"https://openalex.org/keywords/classifier","display_name":"Classifier (UML)","score":0.48058009147644043},{"id":"https://openalex.org/keywords/feature-learning","display_name":"Feature learning","score":0.46614423394203186},{"id":"https://openalex.org/keywords/source-code","display_name":"Source code","score":0.42047804594039917},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.32619452476501465},{"id":"https://openalex.org/keywords/software-development","display_name":"Software development","score":0.30968958139419556},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.18924787640571594}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7666541337966919},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.5751904845237732},{"id":"https://openalex.org/C117447612","wikidata":"https://www.wikidata.org/wiki/Q1412670","display_name":"Software quality","level":4,"score":0.5691413879394531},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.5437953472137451},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.5335344076156616},{"id":"https://openalex.org/C95623464","wikidata":"https://www.wikidata.org/wiki/Q1096149","display_name":"Classifier (UML)","level":2,"score":0.48058009147644043},{"id":"https://openalex.org/C59404180","wikidata":"https://www.wikidata.org/wiki/Q17013334","display_name":"Feature learning","level":2,"score":0.46614423394203186},{"id":"https://openalex.org/C43126263","wikidata":"https://www.wikidata.org/wiki/Q128751","display_name":"Source code","level":2,"score":0.42047804594039917},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.32619452476501465},{"id":"https://openalex.org/C529173508","wikidata":"https://www.wikidata.org/wiki/Q638608","display_name":"Software development","level":3,"score":0.30968958139419556},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.18924787640571594}],"mesh":[],"locations_count":4,"locations":[{"id":"doi:10.1109/tii.2018.2821768","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tii.2018.2821768","pdf_url":null,"source":{"id":"https://openalex.org/S184777250","display_name":"IEEE Transactions on Industrial Informatics","issn_l":"1551-3203","issn":["1551-3203","1941-0050"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Industrial Informatics","raw_type":"journal-article"},{"id":"pmh:oai:dro.deakin.edu.au:DU:30110369","is_oa":false,"landing_page_url":null,"pdf_url":null,"source":{"id":"https://openalex.org/S4306402457","display_name":"Deakin Research Online (Deakin University)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I149704539","host_organization_name":"Deakin University","host_organization_lineage":["https://openalex.org/I149704539"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"Journal Article"},{"id":"pmh:oai:figshare.com:article/20807503","is_oa":true,"landing_page_url":"https://figshare.com/articles/journal_contribution/Cross-project_transfer_representation_learning_for_vulnerable_function_discovery/20807503","pdf_url":null,"source":{"id":"https://openalex.org/S4377196282","display_name":"Figshare","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I4210132348","host_organization_name":"Figshare (United Kingdom)","host_organization_lineage":["https://openalex.org/I4210132348"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"Text"},{"id":"pmh:oai:researchbank.swinburne.edu.au:2c5d6487-2043-4b64-9de7-796cea1de230/1","is_oa":false,"landing_page_url":"http://hdl.handle.net/1959.3/442942","pdf_url":null,"source":{"id":"https://openalex.org/S4306401157","display_name":"Swinburne Research Bank (Swinburne University of Technology)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I57093077","host_organization_name":"Swinburne University of Technology","host_organization_lineage":["https://openalex.org/I57093077"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"IEEE Transactions on Industrial Informatics, Vol. 14, no. 7 (Jul 2018), pp. 3289-3297","raw_type":""}],"best_oa_location":{"id":"pmh:oai:figshare.com:article/20807503","is_oa":true,"landing_page_url":"https://figshare.com/articles/journal_contribution/Cross-project_transfer_representation_learning_for_vulnerable_function_discovery/20807503","pdf_url":null,"source":{"id":"https://openalex.org/S4377196282","display_name":"Figshare","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I4210132348","host_organization_name":"Figshare (United Kingdom)","host_organization_lineage":["https://openalex.org/I4210132348"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"Text"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":33,"referenced_works":["https://openalex.org/W133470593","https://openalex.org/W179875071","https://openalex.org/W1532325895","https://openalex.org/W1614298861","https://openalex.org/W1710734607","https://openalex.org/W1850047186","https://openalex.org/W1988524530","https://openalex.org/W1990762361","https://openalex.org/W2004758929","https://openalex.org/W2028820179","https://openalex.org/W2043811931","https://openalex.org/W2043837581","https://openalex.org/W2064675550","https://openalex.org/W2069268700","https://openalex.org/W2101234009","https://openalex.org/W2102970979","https://openalex.org/W2131774270","https://openalex.org/W2136173752","https://openalex.org/W2165004968","https://openalex.org/W2166336492","https://openalex.org/W2402144811","https://openalex.org/W2559935471","https://openalex.org/W2634106992","https://openalex.org/W2765858138","https://openalex.org/W2953384591","https://openalex.org/W3004040842","https://openalex.org/W6605468800","https://openalex.org/W6607333740","https://openalex.org/W6636510571","https://openalex.org/W6637688222","https://openalex.org/W6675354045","https://openalex.org/W6675416627","https://openalex.org/W6713134421"],"related_works":["https://openalex.org/W2982642565","https://openalex.org/W3104152981","https://openalex.org/W3164111940","https://openalex.org/W3196098778","https://openalex.org/W3211250490","https://openalex.org/W2113421559","https://openalex.org/W119580281","https://openalex.org/W4380568682","https://openalex.org/W3124296310","https://openalex.org/W2212955619"],"abstract_inverted_index":{"Machine":[0],"learning":[1,62,119],"is":[2,17,22,139,189,201],"now":[3],"widely":[4],"used":[5],"to":[6,45,115,122,142,146],"detect":[7],"security":[8],"vulnerabilities":[9],"in":[10],"the":[11,15,27,85,90,110,131,143,186,208],"software,":[12],"even":[13,151],"before":[14],"software":[16,32,128,137],"released.":[18],"But":[19],"its":[20],"potential":[21],"often":[23],"severely":[24],"compromised":[25],"at":[26],"early":[28,148],"stage":[29],"of":[30,39,58,127,156,191,197],"a":[31,37,81,116,124,153,224],"project":[33,145,225],"when":[34],"we":[35,79,165],"face":[36],"shortage":[38],"high-quality":[40],"training":[41,157],"data":[42],"and":[43,77,171,200,226],"have":[44],"rely":[46],"on":[47],"overly":[48],"generic":[49],"hand-crafted":[50],"features.":[51],"This":[52],"paper":[53],"addresses":[54],"this":[55,161],"cold-start":[56],"problem":[57],"machine":[59],"learning,":[60],"by":[61,104],"rich":[63],"features":[64],"that":[65,185,194],"generalize":[66],"across":[67,203,227],"similar":[68],"projects.":[69,180,205,229],"To":[70,159],"reach":[71],"an":[72],"optimal":[73],"balance":[74],"between":[75],"feature-richness":[76],"generalizability,":[78],"devise":[80],"data-driven":[82],"method":[83],"including":[84],"following":[86],"innovative":[87],"ideas.":[88],"First,":[89],"code":[91,210],"semantics":[92],"are":[93,113,195,215],"revealed":[94],"through":[95],"serialized":[96,111],"abstract":[97],"syntax":[98],"trees":[99],"(ASTs),":[100],"with":[101,152,207],"tokens":[102],"encoded":[103],"Continuous":[105],"Bag-of-Words":[106],"neural":[107,132],"embeddings.":[108],"Next,":[109],"ASTs":[112],"fed":[114],"sequential":[117],"deep":[118],"classifier":[120],"(Bi-LSTM)":[121],"obtain":[123],"representation":[125,133],"indicative":[126,196],"vulnerability.":[129],"Finally,":[130],"obtained":[134],"from":[135,177],"existing":[136],"projects":[138],"then":[140],"transferred":[141],"new":[144],"enable":[147],"vulnerability":[149,162,199],"detection":[150,163],"small":[154],"set":[155],"labels.":[158],"validate":[160],"approach,":[164],"manually":[166],"labeled":[167],"457":[168],"vulnerable":[169,220],"functions":[170,176],"collected":[172],"30":[173],"000+":[174],"nonvulnerable":[175],"six":[178],"open-source":[179],"The":[181],"empirical":[182],"results":[183],"confirmed":[184],"trained":[187],"model":[188],"capable":[190],"generating":[192],"representations":[193,214],"program":[198],"adaptable":[202],"multiple":[204,228],"Compared":[206],"traditional":[209],"metrics,":[211],"our":[212],"transfer-learned":[213],"more":[216],"effective":[217],"for":[218],"predicting":[219],"functions,":[221],"both":[222],"within":[223]},"counts_by_year":[{"year":2026,"cited_by_count":5},{"year":2025,"cited_by_count":19},{"year":2024,"cited_by_count":35},{"year":2023,"cited_by_count":41},{"year":2022,"cited_by_count":36},{"year":2021,"cited_by_count":31},{"year":2020,"cited_by_count":30},{"year":2019,"cited_by_count":17},{"year":2018,"cited_by_count":4}],"updated_date":"2026-04-12T07:58:50.170612","created_date":"2025-10-10T00:00:00"}