{"id":"https://openalex.org/W2896523614","doi":"https://doi.org/10.1145/3270101.3270107","title":"Toward Smarter Vulnerability Discovery Using Machine Learning","display_name":"Toward Smarter Vulnerability Discovery Using Machine Learning","publication_year":2018,"publication_date":"2018-01-15","ids":{"openalex":"https://openalex.org/W2896523614","doi":"https://doi.org/10.1145/3270101.3270107","mag":"2896523614"},"language":"en","primary_location":{"id":"doi:10.1145/3270101.3270107","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3270101.3270107","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 11th ACM Workshop on Artificial Intelligence and Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5048781020","display_name":"Gustavo Grieco","orcid":null},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Gustavo Grieco","raw_affiliation_strings":["Trail Of Bits, Inc., New York, NY, Uae"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Trail Of Bits, Inc., New York, NY, Uae","institution_ids":[]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5002218066","display_name":"Artem Dinaburg","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Artem Dinaburg","raw_affiliation_strings":["Trail Of Bits, Inc., New York, NY, USA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Trail Of Bits, Inc., New York, NY, USA","institution_ids":[]}]}],"institutions":[],"countries_distinct_count":0,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5048781020"],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.6161,"has_fulltext":false,"cited_by_count":13,"citation_normalized_percentile":{"value":0.73400201,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"48","last_page":"56"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9991999864578247,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9991000294685364,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.892883837223053},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8041242361068726},{"id":"https://openalex.org/keywords/heuristics","display_name":"Heuristics","score":0.7682632207870483},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.6131150722503662},{"id":"https://openalex.org/keywords/intuition","display_name":"Intuition","score":0.5477083921432495},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.5463557243347168},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.5243944525718689},{"id":"https://openalex.org/keywords/selection","display_name":"Selection (genetic algorithm)","score":0.45814818143844604},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.4488343894481659},{"id":"https://openalex.org/keywords/software-bug","display_name":"Software bug","score":0.4111291170120239},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.32953542470932007},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.3208942711353302},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.1764465570449829},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.08592113852500916}],"concepts":[{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.892883837223053},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8041242361068726},{"id":"https://openalex.org/C127705205","wikidata":"https://www.wikidata.org/wiki/Q5748245","display_name":"Heuristics","level":2,"score":0.7682632207870483},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.6131150722503662},{"id":"https://openalex.org/C132010649","wikidata":"https://www.wikidata.org/wiki/Q189222","display_name":"Intuition","level":2,"score":0.5477083921432495},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.5463557243347168},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.5243944525718689},{"id":"https://openalex.org/C81917197","wikidata":"https://www.wikidata.org/wiki/Q628760","display_name":"Selection (genetic algorithm)","level":2,"score":0.45814818143844604},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.4488343894481659},{"id":"https://openalex.org/C1009929","wikidata":"https://www.wikidata.org/wiki/Q179550","display_name":"Software bug","level":3,"score":0.4111291170120239},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.32953542470932007},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.3208942711353302},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.1764465570449829},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.08592113852500916},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0},{"id":"https://openalex.org/C111472728","wikidata":"https://www.wikidata.org/wiki/Q9471","display_name":"Epistemology","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3270101.3270107","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3270101.3270107","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 11th ACM Workshop on Artificial Intelligence and Security","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":25,"referenced_works":["https://openalex.org/W133470593","https://openalex.org/W1539179632","https://openalex.org/W1570448133","https://openalex.org/W1941427975","https://openalex.org/W1970005004","https://openalex.org/W1988524530","https://openalex.org/W2000441200","https://openalex.org/W2042033151","https://openalex.org/W2101234009","https://openalex.org/W2101512909","https://openalex.org/W2113864883","https://openalex.org/W2150990339","https://openalex.org/W2159574904","https://openalex.org/W2297419069","https://openalex.org/W2468328197","https://openalex.org/W2485784239","https://openalex.org/W2514974017","https://openalex.org/W2515650212","https://openalex.org/W2574017551","https://openalex.org/W2613534458","https://openalex.org/W2741068848","https://openalex.org/W2743785204","https://openalex.org/W2966207845","https://openalex.org/W3144149715","https://openalex.org/W6675354045"],"related_works":["https://openalex.org/W17155033","https://openalex.org/W3207760230","https://openalex.org/W1496222301","https://openalex.org/W2906845177","https://openalex.org/W4200107511","https://openalex.org/W4306406268","https://openalex.org/W2891427086","https://openalex.org/W1968625315","https://openalex.org/W2886678613","https://openalex.org/W2537809616"],"abstract_inverted_index":{"A":[0],"Cyber":[1],"Reasoning":[2],"System":[3],"(CRS)":[4],"is":[5],"designed":[6],"to":[7,49,89,97,152],"automatically":[8],"find":[9,38],"and":[10,31,47,57,75,101,126,137,146],"exploit":[11],"software":[12],"vulnerabilities":[13],"in":[14,40],"complex":[15],"software.":[16],"To":[17],"be":[18],"effective,":[19],"CRSs":[20],"integrate":[21],"multiple":[22],"vulnerability":[23,107,122],"detection":[24,108,123],"tools":[25],"(VDTs),":[26],"such":[27],"as":[28,149],"symbolic":[29],"executors":[30],"fuzzers.":[32],"Determining":[33],"which":[34],"VDTs":[35],"can":[36,114],"best":[37],"bugs":[39],"a":[41,86,120],"large":[42],"set":[43],"of":[44,103,119],"target":[45],"programs,":[46],"how":[48],"optimally":[50],"configure":[51],"those":[52],"VDTs,":[53],"remains":[54],"an":[55,133],"open":[56,150],"challenging":[58],"problem.":[59],"Current":[60],"solutions":[61],"are":[62,143],"based":[63],"on":[64,72],"heuristics":[65],"created":[66],"by":[67],"security":[68],"analysts":[69],"that":[70,112],"rely":[71],"experience,":[73],"intuition":[74],"luck.":[76],"In":[77],"this":[78],"paper,":[79],"we":[80],"present":[81],"Central":[82],"Exploit":[83],"Organizer":[84],"(CEO),":[85],"proof-of-concept":[87],"tool":[88],"optimize":[90,98],"VDT":[91],"selection.":[92,141],"CEO":[93,113,145],"uses":[94],"machine":[95],"learning":[96],"the":[99,104,116],"selection":[100],"configuration":[102],"most":[105],"suitable":[106],"tool.":[109],"We":[110,142],"show":[111],"predict":[115],"relative":[117],"effectiveness":[118],"given":[121],"tool,":[124],"configuration,":[125],"initial":[127],"input.":[128],"The":[129],"estimation":[130],"accuracy":[131],"presents":[132],"improvement":[134],"between":[135],"$11%$":[136],"$21%$":[138],"over":[139],"random":[140],"releasing":[144],"our":[147],"dataset":[148],"source":[151],"encourage":[153],"further":[154],"research.":[155]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2024,"cited_by_count":7},{"year":2023,"cited_by_count":2},{"year":2022,"cited_by_count":1},{"year":2021,"cited_by_count":1},{"year":2020,"cited_by_count":1}],"updated_date":"2026-06-05T09:01:59.212387","created_date":"2025-10-10T00:00:00"}