{"id":"https://openalex.org/W3125307739","doi":"https://doi.org/10.1145/3324884.3421838","title":"Code-based vulnerability detection in Node.js applications","display_name":"Code-based vulnerability detection in Node.js applications","publication_year":2020,"publication_date":"2020-12-21","ids":{"openalex":"https://openalex.org/W3125307739","doi":"https://doi.org/10.1145/3324884.3421838","mag":"3125307739"},"language":"en","primary_location":{"id":"doi:10.1145/3324884.3421838","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3324884.3421838","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 35th IEEE/ACM International Conference on Automated Software Engineering","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5046306022","display_name":"Bodin Chinthanet","orcid":"https://orcid.org/0000-0003-4439-1608"},"institutions":[{"id":"https://openalex.org/I75917431","display_name":"Nara Institute of Science and Technology","ror":"https://ror.org/05bhada84","country_code":"JP","type":"education","lineage":["https://openalex.org/I75917431"]}],"countries":["JP"],"is_corresponding":true,"raw_author_name":"Bodin Chinthanet","raw_affiliation_strings":["Nara Institute of Science and Technology, Japan"],"affiliations":[{"raw_affiliation_string":"Nara Institute of Science and Technology, Japan","institution_ids":["https://openalex.org/I75917431"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5035492762","display_name":"Serena Elisa Ponta","orcid":"https://orcid.org/0000-0002-6208-4743"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Serena Elisa Ponta","raw_affiliation_strings":["SAP Security Research, France"],"affiliations":[{"raw_affiliation_string":"SAP Security Research, France","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5064821194","display_name":"Henrik Plate","orcid":"https://orcid.org/0000-0001-8862-3488"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Henrik Plate","raw_affiliation_strings":["SAP Security Research, France"],"affiliations":[{"raw_affiliation_string":"SAP Security Research, France","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5040107971","display_name":"Antonino Sabetta","orcid":"https://orcid.org/0000-0003-3506-8374"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Antonino Sabetta","raw_affiliation_strings":["SAP Security Research, France"],"affiliations":[{"raw_affiliation_string":"SAP Security Research, France","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5091820517","display_name":"Raula Gaikovina Kula","orcid":"https://orcid.org/0000-0003-2324-0608"},"institutions":[{"id":"https://openalex.org/I75917431","display_name":"Nara Institute of Science and Technology","ror":"https://ror.org/05bhada84","country_code":"JP","type":"education","lineage":["https://openalex.org/I75917431"]}],"countries":["JP"],"is_corresponding":false,"raw_author_name":"Raula Gaikovina Kula","raw_affiliation_strings":["Nara Institute of Science and Technology, Japan"],"affiliations":[{"raw_affiliation_string":"Nara Institute of Science and Technology, Japan","institution_ids":["https://openalex.org/I75917431"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5031518343","display_name":"Takashi Ishio","orcid":"https://orcid.org/0000-0003-4106-699X"},"institutions":[{"id":"https://openalex.org/I75917431","display_name":"Nara Institute of Science and Technology","ror":"https://ror.org/05bhada84","country_code":"JP","type":"education","lineage":["https://openalex.org/I75917431"]}],"countries":["JP"],"is_corresponding":false,"raw_author_name":"Takashi Ishio","raw_affiliation_strings":["Nara Institute of Science and Technology, Japan"],"affiliations":[{"raw_affiliation_string":"Nara Institute of Science and Technology, Japan","institution_ids":["https://openalex.org/I75917431"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5011588138","display_name":"Kenichi Matsumoto","orcid":"https://orcid.org/0000-0002-7418-9323"},"institutions":[{"id":"https://openalex.org/I75917431","display_name":"Nara Institute of Science and Technology","ror":"https://ror.org/05bhada84","country_code":"JP","type":"education","lineage":["https://openalex.org/I75917431"]}],"countries":["JP"],"is_corresponding":false,"raw_author_name":"Kenichi Matsumoto","raw_affiliation_strings":["Nara Institute of Science and Technology, Japan"],"affiliations":[{"raw_affiliation_string":"Nara Institute of Science and Technology, Japan","institution_ids":["https://openalex.org/I75917431"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":7,"corresponding_author_ids":["https://openalex.org/A5046306022"],"corresponding_institution_ids":["https://openalex.org/I75917431"],"apc_list":null,"apc_paid":null,"fwci":1.6669,"has_fulltext":false,"cited_by_count":15,"citation_normalized_percentile":{"value":0.85088874,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":94,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"1199","last_page":"1203"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9987999796867371,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9987999796867371,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9984999895095825,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9983000159263611,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8082736134529114},{"id":"https://openalex.org/keywords/javascript","display_name":"JavaScript","score":0.8060857653617859},{"id":"https://openalex.org/keywords/node","display_name":"Node (physics)","score":0.623480498790741},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.5395194292068481},{"id":"https://openalex.org/keywords/source-code","display_name":"Source code","score":0.5081493854522705},{"id":"https://openalex.org/keywords/code","display_name":"Code (set theory)","score":0.48664388060569763},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.468142569065094},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.46204277873039246},{"id":"https://openalex.org/keywords/open-source","display_name":"Open source","score":0.43827682733535767},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.4193325936794281},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.3509714603424072},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.27121758460998535},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.1188352108001709}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8082736134529114},{"id":"https://openalex.org/C544833334","wikidata":"https://www.wikidata.org/wiki/Q2005","display_name":"JavaScript","level":2,"score":0.8060857653617859},{"id":"https://openalex.org/C62611344","wikidata":"https://www.wikidata.org/wiki/Q1062658","display_name":"Node (physics)","level":2,"score":0.623480498790741},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.5395194292068481},{"id":"https://openalex.org/C43126263","wikidata":"https://www.wikidata.org/wiki/Q128751","display_name":"Source code","level":2,"score":0.5081493854522705},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.48664388060569763},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.468142569065094},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.46204277873039246},{"id":"https://openalex.org/C3018397939","wikidata":"https://www.wikidata.org/wiki/Q3644502","display_name":"Open source","level":3,"score":0.43827682733535767},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.4193325936794281},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.3509714603424072},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.27121758460998535},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.1188352108001709},{"id":"https://openalex.org/C66938386","wikidata":"https://www.wikidata.org/wiki/Q633538","display_name":"Structural engineering","level":1,"score":0.0},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3324884.3421838","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3324884.3421838","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 35th IEEE/ACM International Conference on Automated Software Engineering","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":10,"referenced_works":["https://openalex.org/W1989147905","https://openalex.org/W2546660241","https://openalex.org/W2606589758","https://openalex.org/W2733373979","https://openalex.org/W2789570312","https://openalex.org/W2801591443","https://openalex.org/W2901560623","https://openalex.org/W2963321189","https://openalex.org/W2963923573","https://openalex.org/W3040158574"],"related_works":["https://openalex.org/W2461078469","https://openalex.org/W123790205","https://openalex.org/W2085515337","https://openalex.org/W3087706721","https://openalex.org/W2113128227","https://openalex.org/W632256878","https://openalex.org/W2491403535","https://openalex.org/W2479811461","https://openalex.org/W2104915799","https://openalex.org/W4311938462"],"abstract_inverted_index":{"With":[0,23],"one":[1,16],"of":[2,7,17],"the":[3,10,18,57],"largest":[4],"available":[5],"collection":[6],"reusable":[8],"packages,":[9],"JavaScript":[11],"runtime":[12],"environment":[13],"Node.js":[14,51,63],"is":[15],"most":[19],"popular":[20],"programming":[21],"application.":[22],"recent":[24],"work":[25],"showing":[26],"evidence":[27],"that":[28],"known":[29],"vulnerabilities":[30],"are":[31],"prevalent":[32],"in":[33],"both":[34],"open":[35],"source":[36],"and":[37,42],"industrial":[38],"software,":[39],"we":[40],"propose":[41],"implement":[43],"a":[44],"viable":[45],"code-based":[46],"vulnerability":[47],"detection":[48],"tool":[49],"for":[50],"applications.":[52],"Our":[53],"case":[54],"study":[55],"lists":[56],"challenges":[58],"encountered":[59],"while":[60],"implementing":[61],"our":[62],"vulnerable":[64],"code":[65],"detector.":[66]},"counts_by_year":[{"year":2025,"cited_by_count":2},{"year":2024,"cited_by_count":2},{"year":2023,"cited_by_count":5},{"year":2022,"cited_by_count":3},{"year":2021,"cited_by_count":3}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}