{"id":"https://openalex.org/W4390831554","doi":"https://doi.org/10.1142/s0218194024500013","title":"Toward Pointer-Analysis-Based Vulnerability Discovery in Human\u2013Machine Pair Programming","display_name":"Toward Pointer-Analysis-Based Vulnerability Discovery in Human\u2013Machine Pair Programming","publication_year":2024,"publication_date":"2024-01-12","ids":{"openalex":"https://openalex.org/W4390831554","doi":"https://doi.org/10.1142/s0218194024500013"},"language":"en","primary_location":{"id":"doi:10.1142/s0218194024500013","is_oa":false,"landing_page_url":"http://dx.doi.org/10.1142/s0218194024500013","pdf_url":null,"source":{"id":"https://openalex.org/S131442419","display_name":"International Journal of Software Engineering and Knowledge Engineering","issn_l":"0218-1940","issn":["0218-1940","1793-6403"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319815","host_organization_name":"World Scientific","host_organization_lineage":["https://openalex.org/P4310319815"],"host_organization_lineage_names":["World Scientific"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"International Journal of Software Engineering and Knowledge Engineering","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5090314809","display_name":"Pingyan Wang","orcid":"https://orcid.org/0000-0002-1085-5999"},"institutions":[{"id":"https://openalex.org/I113306721","display_name":"Hiroshima University","ror":"https://ror.org/03t78wx29","country_code":"JP","type":"education","lineage":["https://openalex.org/I113306721"]}],"countries":["JP"],"is_corresponding":true,"raw_author_name":"Pingyan Wang","raw_affiliation_strings":["Graduate School of Advanced Science and Engineering, Hiroshima University, Higashi-Hiroshima 739-8511, Japan"],"raw_orcid":"https://orcid.org/0000-0002-1085-5999","affiliations":[{"raw_affiliation_string":"Graduate School of Advanced Science and Engineering, Hiroshima University, Higashi-Hiroshima 739-8511, Japan","institution_ids":["https://openalex.org/I113306721"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5091475506","display_name":"Shaoying Liu","orcid":"https://orcid.org/0000-0002-6748-5052"},"institutions":[{"id":"https://openalex.org/I113306721","display_name":"Hiroshima University","ror":"https://ror.org/03t78wx29","country_code":"JP","type":"education","lineage":["https://openalex.org/I113306721"]}],"countries":["JP"],"is_corresponding":false,"raw_author_name":"Shaoying Liu","raw_affiliation_strings":["Graduate School of Advanced Science and Engineering, Hiroshima University, Higashi-Hiroshima 739-8511, Japan"],"raw_orcid":"https://orcid.org/0000-0002-6748-5052","affiliations":[{"raw_affiliation_string":"Graduate School of Advanced Science and Engineering, Hiroshima University, Higashi-Hiroshima 739-8511, Japan","institution_ids":["https://openalex.org/I113306721"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5090314809"],"corresponding_institution_ids":["https://openalex.org/I113306721"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.0351894,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":"34","issue":"05","first_page":"751","last_page":"774"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.9873999953269958,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.9873999953269958,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12423","display_name":"Software Reliability and Analysis Research","score":0.9869999885559082,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10430","display_name":"Software Engineering Techniques and Practices","score":0.944100022315979,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7133389711380005},{"id":"https://openalex.org/keywords/pointer","display_name":"Pointer (user interface)","score":0.6277890205383301},{"id":"https://openalex.org/keywords/pointer-analysis","display_name":"Pointer analysis","score":0.4549337327480316},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.3286592662334442},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.32682740688323975},{"id":"https://openalex.org/keywords/static-analysis","display_name":"Static analysis","score":0.23227137327194214}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7133389711380005},{"id":"https://openalex.org/C150202949","wikidata":"https://www.wikidata.org/wiki/Q107602","display_name":"Pointer (user interface)","level":2,"score":0.6277890205383301},{"id":"https://openalex.org/C7263679","wikidata":"https://www.wikidata.org/wiki/Q5978076","display_name":"Pointer analysis","level":3,"score":0.4549337327480316},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.3286592662334442},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.32682740688323975},{"id":"https://openalex.org/C97686452","wikidata":"https://www.wikidata.org/wiki/Q7604153","display_name":"Static analysis","level":2,"score":0.23227137327194214}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1142/s0218194024500013","is_oa":false,"landing_page_url":"http://dx.doi.org/10.1142/s0218194024500013","pdf_url":null,"source":{"id":"https://openalex.org/S131442419","display_name":"International Journal of Software Engineering and Knowledge Engineering","issn_l":"0218-1940","issn":["0218-1940","1793-6403"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319815","host_organization_name":"World Scientific","host_organization_lineage":["https://openalex.org/P4310319815"],"host_organization_lineage_names":["World Scientific"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"International Journal of Software Engineering and Knowledge Engineering","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G5180738964","display_name":null,"funder_award_id":"JPMJSP2132","funder_id":"https://openalex.org/F4320320907","funder_display_name":"Japan Science and Technology Corporation"}],"funders":[{"id":"https://openalex.org/F4320320907","display_name":"Japan Science and Technology Corporation","ror":"https://ror.org/00097mb19"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":27,"referenced_works":["https://openalex.org/W1486481742","https://openalex.org/W1536098516","https://openalex.org/W1595979272","https://openalex.org/W1663388364","https://openalex.org/W2011458734","https://openalex.org/W2017842497","https://openalex.org/W2020841721","https://openalex.org/W2040739365","https://openalex.org/W2050320220","https://openalex.org/W2088569679","https://openalex.org/W2110833886","https://openalex.org/W2112736324","https://openalex.org/W2125357166","https://openalex.org/W2131135493","https://openalex.org/W2144696387","https://openalex.org/W2145071552","https://openalex.org/W2166743230","https://openalex.org/W2293797831","https://openalex.org/W2614034378","https://openalex.org/W2763994238","https://openalex.org/W2768875238","https://openalex.org/W2794889478","https://openalex.org/W3006613871","https://openalex.org/W4206770190","https://openalex.org/W4251477416","https://openalex.org/W4297347957","https://openalex.org/W4388538015"],"related_works":["https://openalex.org/W2553375745","https://openalex.org/W2363386825","https://openalex.org/W2188526093","https://openalex.org/W1996094959","https://openalex.org/W2999115679","https://openalex.org/W2891057055","https://openalex.org/W2370320024","https://openalex.org/W3147482974","https://openalex.org/W82217049","https://openalex.org/W92485060"],"abstract_inverted_index":{"Pointer":[0],"analysis":[1,9,38,57],"is":[2],"the":[3,44,59,99,138,143,147],"underlying":[4],"technique":[5],"of":[6,24,75,129],"many":[7],"static":[8],"tools":[10],"for":[11],"vulnerability":[12],"discovery.":[13],"It":[14],"has":[15],"proved":[16],"to":[17,46,79,91],"be":[18,47,50],"effective":[19],"in":[20,98,107,121,146],"identifying":[21],"a":[22,55,80],"variety":[23],"vulnerabilities,":[25],"such":[26],"as":[27,83,95,97],"buffer":[28],"overflow":[29],"vulnerabilities":[30,145],"and":[31,70,115,118,135],"injection":[32],"vulnerabilities.":[33],"However,":[34],"most":[35],"existing":[36],"pointer":[37,72],"approaches":[39,111,131,139],"require":[40],"whole-program":[41],"availability,":[42],"i.e.":[43],"program":[45],"analyzed":[48],"should":[49],"complete,":[51],"which":[52,76],"may":[53],"hinder":[54],"timely":[56],"during":[58],"coding":[60,100],"phase.":[61,101],"In":[62,102],"this":[63,103],"paper,":[64,104],"we":[65,105],"present":[66],"two":[67],"approaches,":[68],"exhaustive":[69],"demand-driven":[71],"analyses,":[73],"both":[74],"are":[77,154],"applied":[78],"paradigm":[81],"known":[82],"Human\u2013Machine":[84],"Pair":[85],"Programming.":[86],"The":[87],"ideas":[88],"enable":[89],"us":[90],"discover":[92],"security":[93],"flaws":[94],"early":[96],"describe":[106],"detail":[108],"how":[109],"our":[110,130],"maintain":[112],"flow":[113],"sensitivity":[114],"propagate":[116],"points-to":[117],"taint":[119],"information":[120],"an":[122,127],"incremental":[123],"fashion.":[124],"We":[125],"conduct":[126],"evaluation":[128],"on":[132],"SecuriBench":[133],"Micro":[134],"show":[136],"that":[137],"can":[140],"capture":[141],"all":[142],"potential":[144],"test":[148],"cases,":[149],"though":[150],"several":[151],"false":[152],"alarms":[153],"reported.":[155]},"counts_by_year":[],"updated_date":"2026-05-21T06:26:12.895304","created_date":"2025-10-10T00:00:00"}