{"id":"https://openalex.org/W4394769405","doi":"https://doi.org/10.1145/3597503.3639222","title":"Out of Sight, Out of Mind: Better Automatic Vulnerability Repair by Broadening Input Ranges and Sources","display_name":"Out of Sight, Out of Mind: Better Automatic Vulnerability Repair by Broadening Input Ranges and Sources","publication_year":2024,"publication_date":"2024-04-12","ids":{"openalex":"https://openalex.org/W4394769405","doi":"https://doi.org/10.1145/3597503.3639222"},"language":"en","primary_location":{"id":"doi:10.1145/3597503.3639222","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3597503.3639222","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3597503.3639222","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the IEEE/ACM 46th International Conference on Software Engineering","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3597503.3639222","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5100424233","display_name":"Xin Zhou","orcid":"https://orcid.org/0000-0002-4558-0622"},"institutions":[{"id":"https://openalex.org/I79891267","display_name":"Singapore Management University","ror":"https://ror.org/050qmg959","country_code":"SG","type":"education","lineage":["https://openalex.org/I79891267"]}],"countries":["SG"],"is_corresponding":true,"raw_author_name":"Xin Zhou","raw_affiliation_strings":["Singapore Management University, Singapore, Singapore"],"affiliations":[{"raw_affiliation_string":"Singapore Management University, Singapore, Singapore","institution_ids":["https://openalex.org/I79891267"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5074029092","display_name":"Kisub Kim","orcid":"https://orcid.org/0000-0002-4462-6916"},"institutions":[{"id":"https://openalex.org/I79891267","display_name":"Singapore Management University","ror":"https://ror.org/050qmg959","country_code":"SG","type":"education","lineage":["https://openalex.org/I79891267"]}],"countries":["SG"],"is_corresponding":false,"raw_author_name":"Kisub Kim","raw_affiliation_strings":["Singapore Management University, Singapore, Singapore"],"affiliations":[{"raw_affiliation_string":"Singapore Management University, Singapore, Singapore","institution_ids":["https://openalex.org/I79891267"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5008013136","display_name":"Bowen Xu","orcid":"https://orcid.org/0000-0002-1006-8493"},"institutions":[{"id":"https://openalex.org/I137902535","display_name":"North Carolina State University","ror":"https://ror.org/04tj63d06","country_code":"US","type":"education","lineage":["https://openalex.org/I137902535"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Bowen Xu","raw_affiliation_strings":["North Carolina State University, Raleigh, North Carolina, USA"],"affiliations":[{"raw_affiliation_string":"North Carolina State University, Raleigh, North Carolina, USA","institution_ids":["https://openalex.org/I137902535"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5054365831","display_name":"DongGyun Han","orcid":"https://orcid.org/0000-0002-8599-2197"},"institutions":[{"id":"https://openalex.org/I184558857","display_name":"Royal Holloway University of London","ror":"https://ror.org/04g2vpn86","country_code":"GB","type":"education","lineage":["https://openalex.org/I124357947","https://openalex.org/I184558857"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Donggyun Han","raw_affiliation_strings":["Royal Holloway, University of London, Surrery, United Kingdom"],"affiliations":[{"raw_affiliation_string":"Royal Holloway, University of London, Surrery, United Kingdom","institution_ids":["https://openalex.org/I184558857"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5081036622","display_name":"David Lo","orcid":"https://orcid.org/0000-0002-4367-7201"},"institutions":[{"id":"https://openalex.org/I79891267","display_name":"Singapore Management University","ror":"https://ror.org/050qmg959","country_code":"SG","type":"education","lineage":["https://openalex.org/I79891267"]}],"countries":["SG"],"is_corresponding":false,"raw_author_name":"David Lo","raw_affiliation_strings":["School of Computing and Information Systems, Singapore Management University, Singapore, Singapore"],"affiliations":[{"raw_affiliation_string":"School of Computing and Information Systems, Singapore Management University, Singapore, Singapore","institution_ids":["https://openalex.org/I79891267"]}]}],"institutions":[],"countries_distinct_count":3,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5100424233"],"corresponding_institution_ids":["https://openalex.org/I79891267"],"apc_list":null,"apc_paid":null,"fwci":24.43,"has_fulltext":true,"cited_by_count":32,"citation_normalized_percentile":{"value":0.99531676,"is_in_top_1_percent":true,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":99,"max":100},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"13"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9986000061035156,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9986000061035156,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9973999857902527,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9958000183105469,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.7528718709945679},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7214623093605042},{"id":"https://openalex.org/keywords/code","display_name":"Code (set theory)","score":0.633480429649353},{"id":"https://openalex.org/keywords/sight","display_name":"Sight","score":0.5330779552459717},{"id":"https://openalex.org/keywords/source-code","display_name":"Source code","score":0.5219413638114929},{"id":"https://openalex.org/keywords/vulnerability-assessment","display_name":"Vulnerability assessment","score":0.5060421824455261},{"id":"https://openalex.org/keywords/deep-learning","display_name":"Deep learning","score":0.4925759434700012},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.48897993564605713},{"id":"https://openalex.org/keywords/artificial-neural-network","display_name":"Artificial neural network","score":0.41688844561576843},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.41336846351623535},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.4117371737957001},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.3412492871284485},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.30554717779159546},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.15512222051620483}],"concepts":[{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.7528718709945679},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7214623093605042},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.633480429649353},{"id":"https://openalex.org/C1517167","wikidata":"https://www.wikidata.org/wiki/Q1134322","display_name":"Sight","level":2,"score":0.5330779552459717},{"id":"https://openalex.org/C43126263","wikidata":"https://www.wikidata.org/wiki/Q128751","display_name":"Source code","level":2,"score":0.5219413638114929},{"id":"https://openalex.org/C167063184","wikidata":"https://www.wikidata.org/wiki/Q1400839","display_name":"Vulnerability assessment","level":3,"score":0.5060421824455261},{"id":"https://openalex.org/C108583219","wikidata":"https://www.wikidata.org/wiki/Q197536","display_name":"Deep learning","level":2,"score":0.4925759434700012},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.48897993564605713},{"id":"https://openalex.org/C50644808","wikidata":"https://www.wikidata.org/wiki/Q192776","display_name":"Artificial neural network","level":2,"score":0.41688844561576843},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.41336846351623535},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.4117371737957001},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.3412492871284485},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.30554717779159546},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.15512222051620483},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.0},{"id":"https://openalex.org/C137176749","wikidata":"https://www.wikidata.org/wiki/Q4105337","display_name":"Psychological resilience","level":2,"score":0.0},{"id":"https://openalex.org/C15744967","wikidata":"https://www.wikidata.org/wiki/Q9418","display_name":"Psychology","level":0,"score":0.0},{"id":"https://openalex.org/C1276947","wikidata":"https://www.wikidata.org/wiki/Q333","display_name":"Astronomy","level":1,"score":0.0},{"id":"https://openalex.org/C542102704","wikidata":"https://www.wikidata.org/wiki/Q183257","display_name":"Psychotherapist","level":1,"score":0.0},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1145/3597503.3639222","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3597503.3639222","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3597503.3639222","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the IEEE/ACM 46th International Conference on Software Engineering","raw_type":"proceedings-article"},{"id":"pmh:oai:ink.library.smu.edu.sg:sis_research-10248","is_oa":true,"landing_page_url":"https://ink.library.smu.edu.sg/sis_research/9248","pdf_url":null,"source":{"id":"https://openalex.org/S4306401925","display_name":"Singapore Management University Institutional Knowledge (InK) (Singapore Management University)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I79891267","host_organization_name":"Singapore Management University","host_organization_lineage":["https://openalex.org/I79891267"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"https://doi.org/10.1145/3597503.3639222","raw_type":"Conference Proceeding Article"}],"best_oa_location":{"id":"doi:10.1145/3597503.3639222","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3597503.3639222","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3597503.3639222","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the IEEE/ACM 46th International Conference on Software Engineering","raw_type":"proceedings-article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G5332036567","display_name":null,"funder_award_id":"NRF-NRFI08-2022-0002","funder_id":"https://openalex.org/F4320320671","funder_display_name":"National Research Foundation"},{"id":"https://openalex.org/G7169835300","display_name":null,"funder_award_id":"NRF-NRFI08-2022-0002","funder_id":"https://openalex.org/F4320320709","funder_display_name":"National Research Foundation Singapore"},{"id":"https://openalex.org/G875168909","display_name":null,"funder_award_id":"NRF-NRFI08-2022","funder_id":"https://openalex.org/F4320320709","funder_display_name":"National Research Foundation Singapore"}],"funders":[{"id":"https://openalex.org/F4320320671","display_name":"National Research Foundation","ror":"https://ror.org/05s0g1g46"},{"id":"https://openalex.org/F4320320709","display_name":"National Research Foundation Singapore","ror":"https://ror.org/03cpyc314"}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4394769405.pdf","grobid_xml":"https://content.openalex.org/works/W4394769405.grobid-xml"},"referenced_works_count":56,"referenced_works":["https://openalex.org/W841012168","https://openalex.org/W1593271688","https://openalex.org/W2171033594","https://openalex.org/W2250342921","https://openalex.org/W2400329213","https://openalex.org/W2400994325","https://openalex.org/W2588990040","https://openalex.org/W2745087117","https://openalex.org/W2795338679","https://openalex.org/W2884276923","https://openalex.org/W2898534288","https://openalex.org/W2898887472","https://openalex.org/W2960756002","https://openalex.org/W2962931396","https://openalex.org/W2974889942","https://openalex.org/W2979792666","https://openalex.org/W3027879771","https://openalex.org/W3085139254","https://openalex.org/W3087079383","https://openalex.org/W3091097332","https://openalex.org/W3091588759","https://openalex.org/W3094130708","https://openalex.org/W3098605233","https://openalex.org/W3134686229","https://openalex.org/W3156480510","https://openalex.org/W3156789018","https://openalex.org/W3160155705","https://openalex.org/W3161027892","https://openalex.org/W3161465675","https://openalex.org/W3167325648","https://openalex.org/W3176859472","https://openalex.org/W3183469243","https://openalex.org/W3193682477","https://openalex.org/W3217001695","https://openalex.org/W4223909856","https://openalex.org/W4249033934","https://openalex.org/W4281763794","https://openalex.org/W4284697810","https://openalex.org/W4285490485","https://openalex.org/W4287673430","https://openalex.org/W4308641648","https://openalex.org/W4308643152","https://openalex.org/W4309023067","https://openalex.org/W4312247631","https://openalex.org/W4313563760","https://openalex.org/W4375859932","https://openalex.org/W4384302785","https://openalex.org/W4384345635","https://openalex.org/W4384345649","https://openalex.org/W4384345708","https://openalex.org/W4384345728","https://openalex.org/W4384345748","https://openalex.org/W4384345778","https://openalex.org/W4386362878","https://openalex.org/W4386614573","https://openalex.org/W4388483502"],"related_works":["https://openalex.org/W1883246888","https://openalex.org/W2370114625","https://openalex.org/W1756374135","https://openalex.org/W2947584067","https://openalex.org/W3118510577","https://openalex.org/W2280562859","https://openalex.org/W230721595","https://openalex.org/W3157230915","https://openalex.org/W1496728123","https://openalex.org/W2062873522"],"abstract_inverted_index":{"The":[0,136],"advances":[1],"of":[2,99],"deep":[3],"learning":[4],"(DL)":[5],"have":[6],"paved":[7],"the":[8,19,22,26,65,71,94,116,147,156],"way":[9],"for":[10],"automatic":[11],"software":[12],"vulnerability":[13,32,89,126,150],"repair":[14,33,127,151],"approaches,":[15],"which":[16],"effectively":[17],"learn":[18],"mapping":[20],"from":[21,115,162],"vulnerable":[23,44,96,109,134],"code":[24,49,110],"to":[25,41,146,164,167,171],"fixed":[27],"code.":[28],"Nevertheless,":[29],"existing":[30],"DL-based":[31],"methods":[34],"face":[35],"notable":[36],"limitations:":[37],"1)":[38],"they":[39,47,60],"struggle":[40],"handle":[42],"lengthy":[43],"code,":[45,97],"2)":[46],"treat":[48],"as":[50],"natural":[51],"language":[52],"texts,":[53],"neglecting":[54],"its":[55,100],"inherent":[56],"structure,":[57],"and":[58,112,159,169],"3)":[59],"do":[61],"not":[62],"tap":[63],"into":[64],"valuable":[66],"expert":[67,72,113],"knowledge":[68,114],"present":[69],"in":[70],"system.":[73,118],"To":[74],"address":[75],"this,":[76],"we":[77],"propose":[78],"VulMaster,":[79],"a":[80,123],"Transformer-based":[81],"neural":[82],"network":[83],"model":[84,103],"that":[85,140],"excels":[86],"at":[87],"generating":[88],"repairs":[90],"by":[91],"comprehensively":[92],"understanding":[93],"entire":[95],"irrespective":[98],"length.":[101],"This":[102],"also":[104],"integrates":[105],"diverse":[106],"information,":[107],"encompassing":[108],"structures":[111],"CWE":[117],"We":[119],"evaluated":[120],"VulMaster":[121,141,154],"on":[122],"real-world":[124],"C/C++":[125],"dataset":[128],"comprising":[129],"1,754":[130],"projects":[131],"with":[132],"5,800":[133],"functions.":[135],"experimental":[137],"results":[138],"demonstrated":[139],"exhibits":[142],"substantial":[143],"improvements":[144],"compared":[145],"learning-based":[148],"state-of-the-art":[149],"approach.":[152],"Specifically,":[153],"improves":[155],"EM,":[157],"BLEU,":[158],"CodeBLEU":[160],"scores":[161],"10.2%":[163],"20.0%,":[165],"21.3%":[166],"29.3%,":[168],"32.5%":[170],"40.9%,":[172],"respectively.":[173]},"counts_by_year":[{"year":2025,"cited_by_count":24},{"year":2024,"cited_by_count":8}],"updated_date":"2026-04-10T15:06:20.359241","created_date":"2025-10-10T00:00:00"}