{"id":"https://openalex.org/W4391558373","doi":"https://doi.org/10.1145/3597503.3623312","title":"DocFlow: Extracting Taint Specifications from Software Documentation","display_name":"DocFlow: Extracting Taint Specifications from Software Documentation","publication_year":2024,"publication_date":"2024-02-06","ids":{"openalex":"https://openalex.org/W4391558373","doi":"https://doi.org/10.1145/3597503.3623312"},"language":"en","primary_location":{"id":"doi:10.1145/3597503.3623312","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3597503.3623312","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the IEEE/ACM 46th International Conference on Software Engineering","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5046427998","display_name":"Marcos Tileria","orcid":"https://orcid.org/0009-0003-6748-2243"},"institutions":[{"id":"https://openalex.org/I184558857","display_name":"Royal Holloway University of London","ror":"https://ror.org/04g2vpn86","country_code":"GB","type":"education","lineage":["https://openalex.org/I124357947","https://openalex.org/I184558857"]}],"countries":["GB"],"is_corresponding":true,"raw_author_name":"Marcos Tileria","raw_affiliation_strings":["Royal Holloway, University of London, London, United Kingdom"],"raw_orcid":"https://orcid.org/0009-0003-6748-2243","affiliations":[{"raw_affiliation_string":"Royal Holloway, University of London, London, United Kingdom","institution_ids":["https://openalex.org/I184558857"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5043279954","display_name":"Jorge Blasco","orcid":"https://orcid.org/0000-0003-4392-9023"},"institutions":[{"id":"https://openalex.org/I88060688","display_name":"Universidad Polit\u00e9cnica de Madrid","ror":"https://ror.org/03n6nwv02","country_code":"ES","type":"education","lineage":["https://openalex.org/I88060688"]}],"countries":["ES"],"is_corresponding":false,"raw_author_name":"Jorge Blasco","raw_affiliation_strings":["Universidad Politecnica de Madrid, Madrid, Spain"],"raw_orcid":"https://orcid.org/0000-0003-4392-9023","affiliations":[{"raw_affiliation_string":"Universidad Politecnica de Madrid, Madrid, Spain","institution_ids":["https://openalex.org/I88060688"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5004997665","display_name":"Santanu Kumar Dash","orcid":"https://orcid.org/0000-0002-5674-8531"},"institutions":[{"id":"https://openalex.org/I184558857","display_name":"Royal Holloway University of London","ror":"https://ror.org/04g2vpn86","country_code":"GB","type":"education","lineage":["https://openalex.org/I124357947","https://openalex.org/I184558857"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Santanu Kumar Dash","raw_affiliation_strings":["Royal Holloway, University of London, London, United Kingdom"],"raw_orcid":"https://orcid.org/0000-0002-5674-8531","affiliations":[{"raw_affiliation_string":"Royal Holloway, University of London, London, United Kingdom","institution_ids":["https://openalex.org/I184558857"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5046427998"],"corresponding_institution_ids":["https://openalex.org/I184558857"],"apc_list":null,"apc_paid":null,"fwci":1.3153,"has_fulltext":false,"cited_by_count":4,"citation_normalized_percentile":{"value":0.78020463,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":96,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"12"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9962999820709229,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12034","display_name":"Digital and Cyber Forensics","score":0.9959999918937683,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/android","display_name":"Android (operating system)","score":0.8514671325683594},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8095020055770874},{"id":"https://openalex.org/keywords/documentation","display_name":"Documentation","score":0.7943221926689148},{"id":"https://openalex.org/keywords/taint-checking","display_name":"Taint checking","score":0.5753405690193176},{"id":"https://openalex.org/keywords/software-documentation","display_name":"Software documentation","score":0.5593840479850769},{"id":"https://openalex.org/keywords/source-code","display_name":"Source code","score":0.5174849033355713},{"id":"https://openalex.org/keywords/soundness","display_name":"Soundness","score":0.4479484260082245},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.44257909059524536},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.41672757267951965},{"id":"https://openalex.org/keywords/database","display_name":"Database","score":0.3483511209487915},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.30134356021881104},{"id":"https://openalex.org/keywords/software-development","display_name":"Software development","score":0.23107224702835083},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.21137359738349915},{"id":"https://openalex.org/keywords/software-development-process","display_name":"Software development process","score":0.11613687872886658}],"concepts":[{"id":"https://openalex.org/C557433098","wikidata":"https://www.wikidata.org/wiki/Q94","display_name":"Android (operating system)","level":2,"score":0.8514671325683594},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8095020055770874},{"id":"https://openalex.org/C56666940","wikidata":"https://www.wikidata.org/wiki/Q788790","display_name":"Documentation","level":2,"score":0.7943221926689148},{"id":"https://openalex.org/C63116202","wikidata":"https://www.wikidata.org/wiki/Q7676227","display_name":"Taint checking","level":3,"score":0.5753405690193176},{"id":"https://openalex.org/C81587897","wikidata":"https://www.wikidata.org/wiki/Q181702","display_name":"Software documentation","level":5,"score":0.5593840479850769},{"id":"https://openalex.org/C43126263","wikidata":"https://www.wikidata.org/wiki/Q128751","display_name":"Source code","level":2,"score":0.5174849033355713},{"id":"https://openalex.org/C39920170","wikidata":"https://www.wikidata.org/wiki/Q693083","display_name":"Soundness","level":2,"score":0.4479484260082245},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.44257909059524536},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.41672757267951965},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.3483511209487915},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.30134356021881104},{"id":"https://openalex.org/C529173508","wikidata":"https://www.wikidata.org/wiki/Q638608","display_name":"Software development","level":3,"score":0.23107224702835083},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.21137359738349915},{"id":"https://openalex.org/C180152950","wikidata":"https://www.wikidata.org/wiki/Q2904257","display_name":"Software development process","level":4,"score":0.11613687872886658}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3597503.3623312","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3597503.3623312","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the IEEE/ACM 46th International Conference on Software Engineering","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","score":0.699999988079071,"id":"https://metadata.un.org/sdg/16"}],"awards":[{"id":"https://openalex.org/G2132816342","display_name":"MUSE: Multi-Modal Software Evolution","funder_award_id":"EP/W015927/1","funder_id":"https://openalex.org/F4320334627","funder_display_name":"Engineering and Physical Sciences Research Council"},{"id":"https://openalex.org/G2393198434","display_name":null,"funder_award_id":"EP/W015927/2","funder_id":"https://openalex.org/F4320334627","funder_display_name":"Engineering and Physical Sciences Research Council"},{"id":"https://openalex.org/G3746453095","display_name":null,"funder_award_id":"TA101722","funder_id":"https://openalex.org/F4320335100","funder_display_name":"Direcci\u00f3n General de Asuntos del Personal Acad\u00e9mico, Universidad Nacional Aut\u00f3noma de M\u00e9xico"},{"id":"https://openalex.org/G4325523037","display_name":null,"funder_award_id":"EP/P009301/1","funder_id":"https://openalex.org/F4320335935","funder_display_name":"Royal Holloway, University of London"},{"id":"https://openalex.org/G6397540830","display_name":null,"funder_award_id":"EP/W015927/1","funder_id":"https://openalex.org/F4320334627","funder_display_name":"Engineering and Physical Sciences Research Council"},{"id":"https://openalex.org/G8498677286","display_name":"Centre for Doctoral Training in Cyber Security at Royal Holloway: Renewal of the CS-CDT at RHUL","funder_award_id":"EP/P009301/1","funder_id":"https://openalex.org/F4320334627","funder_display_name":"Engineering and Physical Sciences Research Council"}],"funders":[{"id":"https://openalex.org/F4320334627","display_name":"Engineering and Physical Sciences Research Council","ror":"https://ror.org/0439y7842"},{"id":"https://openalex.org/F4320335100","display_name":"Direcci\u00f3n General de Asuntos del Personal Acad\u00e9mico, Universidad Nacional Aut\u00f3noma de M\u00e9xico","ror":"https://ror.org/01tmp8f25"},{"id":"https://openalex.org/F4320335935","display_name":"Royal Holloway, University of London","ror":"https://ror.org/04g2vpn86"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":45,"referenced_works":["https://openalex.org/W1975879668","https://openalex.org/W1996134788","https://openalex.org/W2013731130","https://openalex.org/W2019798206","https://openalex.org/W2022429945","https://openalex.org/W2060692877","https://openalex.org/W2157364932","https://openalex.org/W2158874007","https://openalex.org/W2168649891","https://openalex.org/W2187089797","https://openalex.org/W2313983271","https://openalex.org/W2385474486","https://openalex.org/W2402619042","https://openalex.org/W2735392951","https://openalex.org/W2884126302","https://openalex.org/W2890188242","https://openalex.org/W2898120212","https://openalex.org/W2899469232","https://openalex.org/W2953940813","https://openalex.org/W2955355561","https://openalex.org/W2959406073","https://openalex.org/W2961642335","https://openalex.org/W2963070937","https://openalex.org/W2963732033","https://openalex.org/W2963846996","https://openalex.org/W2963935794","https://openalex.org/W2970352191","https://openalex.org/W2970641574","https://openalex.org/W2979792666","https://openalex.org/W3025298766","https://openalex.org/W3089599084","https://openalex.org/W3101835033","https://openalex.org/W3102072454","https://openalex.org/W3185341429","https://openalex.org/W3204578495","https://openalex.org/W4210345192","https://openalex.org/W4242156770","https://openalex.org/W4243774012","https://openalex.org/W4244726870","https://openalex.org/W4246553962","https://openalex.org/W4248587618","https://openalex.org/W4281737341","https://openalex.org/W4284692010","https://openalex.org/W4286255673","https://openalex.org/W4382938482"],"related_works":["https://openalex.org/W2466303427","https://openalex.org/W1849042743","https://openalex.org/W2942010890","https://openalex.org/W2646159910","https://openalex.org/W2292865721","https://openalex.org/W2898697275","https://openalex.org/W2767775279","https://openalex.org/W3154959642","https://openalex.org/W2181712945","https://openalex.org/W4391558373"],"abstract_inverted_index":{"Security":[0],"practitioners":[1],"routinely":[2],"use":[3],"static":[4],"analysis":[5,156],"to":[6,82,112,133,151,192,201,217,224],"detect":[7,134,202],"security":[8],"problems":[9],"and":[10,28,55,107,138,140,173,196],"privacy":[11],"violations":[12],"in":[13],"Android":[14,51,71,90,106,170,211],"apps.":[15],"The":[16],"soundness":[17],"of":[18,31,43,69,98,127,157],"these":[19,35,78],"analyses":[20],"depends":[21],"on":[22,61],"how":[23],"the":[24,29,41,46,50,56,66,70,83,99,125,155,162,222],"platform":[25,52,171],"is":[26,53,164],"modelled":[27],"list":[30],"sensitive":[32,135,186,219],"methods.":[33],"Collecting":[34],"methods":[36,44,129,136,187],"often":[37],"becomes":[38],"impractical":[39],"given":[40],"number":[42],"available,":[45],"pace":[47],"at":[48],"which":[49,161],"updated,":[54],"proprietary":[57,158],"libraries":[58,159],"Google":[59,175],"releases":[60],"each":[62,88],"new":[63,79,89,193],"version.":[64],"Despite":[65],"constant":[67],"evolution":[68],"platform,":[72,118],"app":[73],"developers":[74],"cope":[75],"with":[76,87,188],"all":[77],"features":[80],"thanks":[81],"documentation":[84,101,132,212],"that":[85,182,210],"comes":[86],"release.":[91],"In":[92],"this":[93],"work,":[94],"we":[95],"take":[96],"advantage":[97],"rich":[100,214],"provided":[102],"by":[103],"platforms":[104],"like":[105],"propose":[108],"DocFlow,":[109],"a":[110,117],"framework":[111,184],"generate":[113],"taint":[114],"specifications":[115],"for":[116,160],"directly":[119],"from":[120],"its":[121],"documentation.":[122],"DocFlow":[123,168],"models":[124],"semantics":[126],"API":[128,194],"using":[130,169],"their":[131],"(sources":[137],"sinks)":[139],"assigns":[141],"them":[142],"semantic":[143,215],"labels.":[144],"Our":[145,179,206],"approach":[146,207],"does":[147],"not":[148],"require":[149],"access":[150],"source":[152,226],"code,":[153],"enabling":[154],"code":[163,227],"unavailable.":[165],"We":[166],"evaluate":[167],"packages":[172],"closed-source":[174],"Play":[176],"Services":[177],"libraries.":[178],"results":[180],"show":[181],"our":[183],"detects":[185],"high":[189],"precision,":[190],"adapts":[191],"versions,":[195],"can":[197],"be":[198],"easily":[199],"extended":[200],"other":[203],"method":[204],"types.":[205],"provides":[208],"evidence":[209],"encodes":[213],"information":[216],"categorise":[218],"methods,":[220],"removing":[221],"need":[223],"analyse":[225],"or":[228],"perform":[229],"feature":[230],"extraction.":[231]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":3}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}