{"id":"https://openalex.org/W1973175197","doi":"https://doi.org/10.1145/2591062.2591200","title":"Characteristics of the vulnerable code changes identified through peer code review","display_name":"Characteristics of the vulnerable code changes identified through peer code review","publication_year":2014,"publication_date":"2014-05-20","ids":{"openalex":"https://openalex.org/W1973175197","doi":"https://doi.org/10.1145/2591062.2591200","mag":"1973175197"},"language":"en","primary_location":{"id":"doi:10.1145/2591062.2591200","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2591062.2591200","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Companion Proceedings of the 36th International Conference on Software Engineering","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5078536980","display_name":"Amiangshu Bosu","orcid":"https://orcid.org/0000-0002-3178-6232"},"institutions":[{"id":"https://openalex.org/I17301866","display_name":"University of Alabama","ror":"https://ror.org/03xrrjk67","country_code":"US","type":"education","lineage":["https://openalex.org/I17301866"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Amiangshu Bosu","raw_affiliation_strings":["University of Alabama, USA","University of Alabama , USA"],"affiliations":[{"raw_affiliation_string":"University of Alabama, USA","institution_ids":["https://openalex.org/I17301866"]},{"raw_affiliation_string":"University of Alabama , USA","institution_ids":["https://openalex.org/I17301866"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":1,"corresponding_author_ids":["https://openalex.org/A5078536980"],"corresponding_institution_ids":["https://openalex.org/I17301866"],"apc_list":null,"apc_paid":null,"fwci":4.9143,"has_fulltext":false,"cited_by_count":18,"citation_normalized_percentile":{"value":0.9489577,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":90,"max":97},"biblio":{"volume":null,"issue":null,"first_page":"736","last_page":"738"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12423","display_name":"Software Reliability and Analysis Research","score":0.9944000244140625,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.992900013923645,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/code-review","display_name":"Code review","score":0.7800782918930054},{"id":"https://openalex.org/keywords/code","display_name":"Code (set theory)","score":0.5667712688446045},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.5578897595405579},{"id":"https://openalex.org/keywords/empirical-research","display_name":"Empirical research","score":0.5149450898170471},{"id":"https://openalex.org/keywords/open-source","display_name":"Open source","score":0.4601806402206421},{"id":"https://openalex.org/keywords/key","display_name":"Key (lock)","score":0.44813072681427},{"id":"https://openalex.org/keywords/open-source-software","display_name":"Open source software","score":0.4372445046901703},{"id":"https://openalex.org/keywords/software-bug","display_name":"Software bug","score":0.42754215002059937},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.37121477723121643},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.36728668212890625},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.34544116258621216},{"id":"https://openalex.org/keywords/software-development","display_name":"Software development","score":0.2821212708950043},{"id":"https://openalex.org/keywords/static-program-analysis","display_name":"Static program analysis","score":0.22802603244781494},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.12205919623374939}],"concepts":[{"id":"https://openalex.org/C150292731","wikidata":"https://www.wikidata.org/wiki/Q1342704","display_name":"Code review","level":5,"score":0.7800782918930054},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.5667712688446045},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.5578897595405579},{"id":"https://openalex.org/C120936955","wikidata":"https://www.wikidata.org/wiki/Q2155640","display_name":"Empirical research","level":2,"score":0.5149450898170471},{"id":"https://openalex.org/C3018397939","wikidata":"https://www.wikidata.org/wiki/Q3644502","display_name":"Open source","level":3,"score":0.4601806402206421},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.44813072681427},{"id":"https://openalex.org/C2988343187","wikidata":"https://www.wikidata.org/wiki/Q1130645","display_name":"Open source software","level":3,"score":0.4372445046901703},{"id":"https://openalex.org/C1009929","wikidata":"https://www.wikidata.org/wiki/Q179550","display_name":"Software bug","level":3,"score":0.42754215002059937},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.37121477723121643},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.36728668212890625},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.34544116258621216},{"id":"https://openalex.org/C529173508","wikidata":"https://www.wikidata.org/wiki/Q638608","display_name":"Software development","level":3,"score":0.2821212708950043},{"id":"https://openalex.org/C137287247","wikidata":"https://www.wikidata.org/wiki/Q1329550","display_name":"Static program analysis","level":4,"score":0.22802603244781494},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.12205919623374939},{"id":"https://openalex.org/C111472728","wikidata":"https://www.wikidata.org/wiki/Q9471","display_name":"Epistemology","level":1,"score":0.0},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.0},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/2591062.2591200","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2591062.2591200","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Companion Proceedings of the 36th International Conference on Software Engineering","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[{"id":"https://openalex.org/F4320310013","display_name":"North Carolina State University","ror":"https://ror.org/04tj63d06"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":17,"referenced_works":["https://openalex.org/W1501506223","https://openalex.org/W1967446222","https://openalex.org/W2003315002","https://openalex.org/W2015004885","https://openalex.org/W2015696622","https://openalex.org/W2043837581","https://openalex.org/W2063770056","https://openalex.org/W2085701101","https://openalex.org/W2088498570","https://openalex.org/W2113035899","https://openalex.org/W2119871945","https://openalex.org/W2135541598","https://openalex.org/W2136173752","https://openalex.org/W2137789775","https://openalex.org/W2140466350","https://openalex.org/W2166336492","https://openalex.org/W6681047553"],"related_works":["https://openalex.org/W4376877853","https://openalex.org/W1493891899","https://openalex.org/W4250928611","https://openalex.org/W166480398","https://openalex.org/W1612808768","https://openalex.org/W167327709","https://openalex.org/W1977393088","https://openalex.org/W4387839566","https://openalex.org/W4210922265","https://openalex.org/W2288962794"],"abstract_inverted_index":{"To":[0],"effectively":[1],"utilize":[2],"the":[3,17,54,59,62,88,91],"efforts":[4],"of":[5,19,27,61,87],"scarce":[6],"security":[7,20],"experts,":[8],"this":[9,40],"study":[10,41],"aims":[11],"to":[12,77,82,97],"provide":[13],"empirical":[14],"evidence":[15],"about":[16],"characteristics":[18],"vulnerabilities.":[21],"Using":[22],"a":[23],"three-stage,":[24],"manual":[25],"analysis":[26],"peer":[28],"code":[29,46,73],"review":[30],"data":[31],"from":[32],"10":[33],"popular":[34],"Open":[35],"Source":[36],"Software":[37],"(OSS)":[38],"projects,":[39],"identified":[42],"413":[43],"potentially":[44],"vulnerable":[45],"changes":[47,74],"(VCC).":[48],"Some":[49],"key":[50],"results":[51],"include:":[52],"1)":[53],"most":[55],"experienced":[56,67],"contributors":[57],"authored":[58],"majority":[60],"VCCs,":[63,71],"2)":[64],"while":[65],"less":[66],"authors":[68],"wrote":[69],"fewer":[70],"their":[72],"were":[75],"1.5":[76],"24":[78],"times":[79],"more":[80,95],"likely":[81,96],"be":[83],"vulnerable,":[84],"3)":[85],"employees":[86],"organization":[89],"sponsoring":[90],"OSS":[92],"projects":[93],"are":[94],"write":[98],"VCCs.":[99]},"counts_by_year":[{"year":2023,"cited_by_count":3},{"year":2022,"cited_by_count":1},{"year":2021,"cited_by_count":4},{"year":2020,"cited_by_count":2},{"year":2019,"cited_by_count":2},{"year":2017,"cited_by_count":1},{"year":2016,"cited_by_count":1},{"year":2015,"cited_by_count":3},{"year":2014,"cited_by_count":1}],"updated_date":"2026-04-04T16:13:02.066488","created_date":"2025-10-10T00:00:00"}