{"id":"https://openalex.org/W2122505621","doi":"https://doi.org/10.1145/1810295.1810336","title":"Detecting recurring and similar software vulnerabilities","display_name":"Detecting recurring and similar software vulnerabilities","publication_year":2010,"publication_date":"2010-05-01","ids":{"openalex":"https://openalex.org/W2122505621","doi":"https://doi.org/10.1145/1810295.1810336","mag":"2122505621"},"language":"en","primary_location":{"id":"doi:10.1145/1810295.1810336","is_oa":false,"landing_page_url":"https://doi.org/10.1145/1810295.1810336","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 32nd ACM/IEEE International Conference on Software Engineering - Volume 2","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5102141585","display_name":"Nam H. Pham","orcid":null},"institutions":[{"id":"https://openalex.org/I173911158","display_name":"Iowa State University","ror":"https://ror.org/04rswrd78","country_code":"US","type":"education","lineage":["https://openalex.org/I173911158"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Nam H. Pham","raw_affiliation_strings":["Iowa State University"],"affiliations":[{"raw_affiliation_string":"Iowa State University","institution_ids":["https://openalex.org/I173911158"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100642009","display_name":"Tung Nguyen","orcid":"https://orcid.org/0000-0003-4232-0566"},"institutions":[{"id":"https://openalex.org/I173911158","display_name":"Iowa State University","ror":"https://ror.org/04rswrd78","country_code":"US","type":"education","lineage":["https://openalex.org/I173911158"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Tung Thanh Nguyen","raw_affiliation_strings":["Iowa State University"],"affiliations":[{"raw_affiliation_string":"Iowa State University","institution_ids":["https://openalex.org/I173911158"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5044339946","display_name":"Hoan Anh Nguyen","orcid":"https://orcid.org/0000-0002-6194-7930"},"institutions":[{"id":"https://openalex.org/I173911158","display_name":"Iowa State University","ror":"https://ror.org/04rswrd78","country_code":"US","type":"education","lineage":["https://openalex.org/I173911158"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Hoan Anh Nguyen","raw_affiliation_strings":["Iowa State University"],"affiliations":[{"raw_affiliation_string":"Iowa State University","institution_ids":["https://openalex.org/I173911158"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100740739","display_name":"Xinying Wang","orcid":"https://orcid.org/0000-0001-7607-7432"},"institutions":[{"id":"https://openalex.org/I173911158","display_name":"Iowa State University","ror":"https://ror.org/04rswrd78","country_code":"US","type":"education","lineage":["https://openalex.org/I173911158"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Xinying Wang","raw_affiliation_strings":["Iowa State University"],"affiliations":[{"raw_affiliation_string":"Iowa State University","institution_ids":["https://openalex.org/I173911158"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5065748190","display_name":"Anh Tuan Nguyen","orcid":"https://orcid.org/0000-0002-9235-4759"},"institutions":[{"id":"https://openalex.org/I173911158","display_name":"Iowa State University","ror":"https://ror.org/04rswrd78","country_code":"US","type":"education","lineage":["https://openalex.org/I173911158"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Anh Tuan Nguyen","raw_affiliation_strings":["Iowa State University"],"affiliations":[{"raw_affiliation_string":"Iowa State University","institution_ids":["https://openalex.org/I173911158"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5089000736","display_name":"Tien N. Nguyen","orcid":"https://orcid.org/0009-0006-7962-6090"},"institutions":[{"id":"https://openalex.org/I173911158","display_name":"Iowa State University","ror":"https://ror.org/04rswrd78","country_code":"US","type":"education","lineage":["https://openalex.org/I173911158"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Tien N. Nguyen","raw_affiliation_strings":["Iowa State University"],"affiliations":[{"raw_affiliation_string":"Iowa State University","institution_ids":["https://openalex.org/I173911158"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5102141585"],"corresponding_institution_ids":["https://openalex.org/I173911158"],"apc_list":null,"apc_paid":null,"fwci":2.0811,"has_fulltext":false,"cited_by_count":14,"citation_normalized_percentile":{"value":0.9123052,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":89,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"227","last_page":"230"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9984999895095825,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12423","display_name":"Software Reliability and Analysis Research","score":0.9979000091552734,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8078541159629822},{"id":"https://openalex.org/keywords/secure-coding","display_name":"Secure coding","score":0.7281565070152283},{"id":"https://openalex.org/keywords/software-security-assurance","display_name":"Software security assurance","score":0.6111530661582947},{"id":"https://openalex.org/keywords/tracing","display_name":"Tracing","score":0.6002929210662842},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.5776698589324951},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.5498759746551514},{"id":"https://openalex.org/keywords/vulnerability-management","display_name":"Vulnerability management","score":0.5479894876480103},{"id":"https://openalex.org/keywords/code","display_name":"Code (set theory)","score":0.5192980170249939},{"id":"https://openalex.org/keywords/source-code","display_name":"Source code","score":0.4775876998901367},{"id":"https://openalex.org/keywords/software-system","display_name":"Software system","score":0.4267085790634155},{"id":"https://openalex.org/keywords/security-bug","display_name":"Security bug","score":0.41985630989074707},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.39296841621398926},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.34865859150886536},{"id":"https://openalex.org/keywords/vulnerability-assessment","display_name":"Vulnerability assessment","score":0.25578802824020386},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.23061490058898926},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.1567765474319458}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8078541159629822},{"id":"https://openalex.org/C22680326","wikidata":"https://www.wikidata.org/wiki/Q7444867","display_name":"Secure coding","level":5,"score":0.7281565070152283},{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.6111530661582947},{"id":"https://openalex.org/C138673069","wikidata":"https://www.wikidata.org/wiki/Q322229","display_name":"Tracing","level":2,"score":0.6002929210662842},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.5776698589324951},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.5498759746551514},{"id":"https://openalex.org/C172776598","wikidata":"https://www.wikidata.org/wiki/Q7943570","display_name":"Vulnerability management","level":4,"score":0.5479894876480103},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.5192980170249939},{"id":"https://openalex.org/C43126263","wikidata":"https://www.wikidata.org/wiki/Q128751","display_name":"Source code","level":2,"score":0.4775876998901367},{"id":"https://openalex.org/C149091818","wikidata":"https://www.wikidata.org/wiki/Q2429814","display_name":"Software system","level":3,"score":0.4267085790634155},{"id":"https://openalex.org/C131275738","wikidata":"https://www.wikidata.org/wiki/Q7445023","display_name":"Security bug","level":5,"score":0.41985630989074707},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.39296841621398926},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.34865859150886536},{"id":"https://openalex.org/C167063184","wikidata":"https://www.wikidata.org/wiki/Q1400839","display_name":"Vulnerability assessment","level":3,"score":0.25578802824020386},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.23061490058898926},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.1567765474319458},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.0},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.0},{"id":"https://openalex.org/C542102704","wikidata":"https://www.wikidata.org/wiki/Q183257","display_name":"Psychotherapist","level":1,"score":0.0},{"id":"https://openalex.org/C137176749","wikidata":"https://www.wikidata.org/wiki/Q4105337","display_name":"Psychological resilience","level":2,"score":0.0},{"id":"https://openalex.org/C15744967","wikidata":"https://www.wikidata.org/wiki/Q9418","display_name":"Psychology","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/1810295.1810336","is_oa":false,"landing_page_url":"https://doi.org/10.1145/1810295.1810336","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 32nd ACM/IEEE International Conference on Software Engineering - Volume 2","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"Reduced inequalities","score":0.4099999964237213,"id":"https://metadata.un.org/sdg/10"}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":4,"referenced_works":["https://openalex.org/W1519220202","https://openalex.org/W2050764671","https://openalex.org/W2059215200","https://openalex.org/W2165363894"],"related_works":["https://openalex.org/W2560421591","https://openalex.org/W1978034799","https://openalex.org/W2796094063","https://openalex.org/W4384518368","https://openalex.org/W2537414278","https://openalex.org/W2123075981","https://openalex.org/W2062583373","https://openalex.org/W2509785410","https://openalex.org/W2383958993","https://openalex.org/W2504659933"],"abstract_inverted_index":{"New":[0],"software":[1,28,74],"security":[2],"vulnerabilities":[3,29,51,75],"are":[4,30],"discovered":[5],"on":[6,76],"almost":[7],"daily":[8],"basis":[9],"and":[10,19,40,52,68,93,112],"it":[11],"is":[12],"vital":[13],"to":[14,17,66,119],"be":[15],"able":[16],"identify":[18],"resolve":[20],"them":[21],"as":[22,24],"early":[23],"possible.":[25],"Fortunately,":[26],"many":[27],"recurring":[31,73],"or":[32,82],"very":[33],"similar,":[34],"thus,":[35],"one":[36],"could":[37],"effectively":[38],"detect":[39,67],"fix":[41],"a":[42,45,90,94,104,113,117],"vulnerability":[43,110],"in":[44],"system":[46],"by":[47],"consulting":[48],"the":[49,107,130],"similar":[50,80],"fixes":[53],"from":[54,116],"other":[55],"systems.":[56],"In":[57],"this":[58],"paper,":[59],"we":[60],"propose,":[61],"SecureSync,":[62],"an":[63],"automatic":[64],"approach":[65],"provide":[69],"suggested":[70],"resolutions":[71],"for":[72,97,106],"multiple":[77],"systems":[78],"sharing/using":[79],"code":[81,100],"API":[83],"libraries.":[84],"The":[85],"core":[86],"of":[87,109,133],"SecureSync":[88],"includes":[89],"usage":[91],"model":[92,105],"mapping":[95],"algorithm":[96],"matching":[98],"vulnerable":[99],"across":[101],"different":[102],"systems,":[103],"comparison":[108],"reports,":[111],"tracing":[114],"technique":[115],"report":[118],"corresponding":[120],"source":[121],"code.":[122],"Our":[123],"preliminary":[124],"evaluation":[125],"with":[126],"case":[127],"studies":[128],"showed":[129],"potential":[131],"usefulness":[132],"SecureSync.":[134]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2022,"cited_by_count":1},{"year":2021,"cited_by_count":2},{"year":2020,"cited_by_count":5},{"year":2019,"cited_by_count":1},{"year":2018,"cited_by_count":1},{"year":2013,"cited_by_count":2}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}