{"id":"https://openalex.org/W4389165160","doi":"https://doi.org/10.1145/3611643.3616346","title":"Commit-Level, Neural Vulnerability Detection and Assessment","display_name":"Commit-Level, Neural Vulnerability Detection and Assessment","publication_year":2023,"publication_date":"2023-11-30","ids":{"openalex":"https://openalex.org/W4389165160","doi":"https://doi.org/10.1145/3611643.3616346"},"language":"en","primary_location":{"id":"doi:10.1145/3611643.3616346","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3611643.3616346","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3611643.3616346","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 31st ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3611643.3616346","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5107249192","display_name":"Yi Li","orcid":"https://orcid.org/0009-0007-0143-0677"},"institutions":[{"id":"https://openalex.org/I118118575","display_name":"New Jersey Institute of Technology","ror":"https://ror.org/05e74xb87","country_code":"US","type":"education","lineage":["https://openalex.org/I118118575"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Yi Li","raw_affiliation_strings":["New Jersey Institute of Technology, Newark, USA"],"raw_orcid":"https://orcid.org/0009-0007-0143-0677","affiliations":[{"raw_affiliation_string":"New Jersey Institute of Technology, Newark, USA","institution_ids":["https://openalex.org/I118118575"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5013721981","display_name":"Aashish Yadavally","orcid":"https://orcid.org/0000-0001-8785-6319"},"institutions":[{"id":"https://openalex.org/I162577319","display_name":"The University of Texas at Dallas","ror":"https://ror.org/049emcs32","country_code":"US","type":"education","lineage":["https://openalex.org/I162577319"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Aashish Yadavally","raw_affiliation_strings":["University of Texas at Dallas, Richardson, USA"],"raw_orcid":"https://orcid.org/0000-0001-8785-6319","affiliations":[{"raw_affiliation_string":"University of Texas at Dallas, Richardson, USA","institution_ids":["https://openalex.org/I162577319"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5107249265","display_name":"Jiaxing Zhang","orcid":"https://orcid.org/0009-0007-8031-661X"},"institutions":[{"id":"https://openalex.org/I118118575","display_name":"New Jersey Institute of Technology","ror":"https://ror.org/05e74xb87","country_code":"US","type":"education","lineage":["https://openalex.org/I118118575"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Jiaxing Zhang","raw_affiliation_strings":["New Jersey Institute of Technology, Newark, USA"],"raw_orcid":"https://orcid.org/0009-0007-8031-661X","affiliations":[{"raw_affiliation_string":"New Jersey Institute of Technology, Newark, USA","institution_ids":["https://openalex.org/I118118575"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5070990953","display_name":"Shaohua Wang","orcid":"https://orcid.org/0000-0001-5777-7759"},"institutions":[{"id":"https://openalex.org/I118118575","display_name":"New Jersey Institute of Technology","ror":"https://ror.org/05e74xb87","country_code":"US","type":"education","lineage":["https://openalex.org/I118118575"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Shaohua Wang","raw_affiliation_strings":["New Jersey Institute of Technology, Newark, USA"],"raw_orcid":"https://orcid.org/0000-0001-5777-7759","affiliations":[{"raw_affiliation_string":"New Jersey Institute of Technology, Newark, USA","institution_ids":["https://openalex.org/I118118575"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5089000736","display_name":"Tien N. Nguyen","orcid":"https://orcid.org/0009-0006-7962-6090"},"institutions":[{"id":"https://openalex.org/I162577319","display_name":"The University of Texas at Dallas","ror":"https://ror.org/049emcs32","country_code":"US","type":"education","lineage":["https://openalex.org/I162577319"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Tien N. Nguyen","raw_affiliation_strings":["University of Texas at Dallas, Richardson, USA"],"raw_orcid":"https://orcid.org/0009-0006-7962-6090","affiliations":[{"raw_affiliation_string":"University of Texas at Dallas, Richardson, USA","institution_ids":["https://openalex.org/I162577319"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5107249192"],"corresponding_institution_ids":["https://openalex.org/I118118575"],"apc_list":null,"apc_paid":null,"fwci":4.4771,"has_fulltext":true,"cited_by_count":10,"citation_normalized_percentile":{"value":0.95161211,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":90,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"1024","last_page":"1036"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9965999722480774,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9965999722480774,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9890999794006348,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9882000088691711,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/commit","display_name":"Commit","score":0.9290652871131897},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.7574979066848755},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.73927903175354},{"id":"https://openalex.org/keywords/vulnerability-assessment","display_name":"Vulnerability assessment","score":0.6395628452301025},{"id":"https://openalex.org/keywords/code","display_name":"Code (set theory)","score":0.5324284434318542},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5193377733230591},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.513613224029541},{"id":"https://openalex.org/keywords/psychology","display_name":"Psychology","score":0.081379234790802},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.0708809494972229},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.06772032380104065},{"id":"https://openalex.org/keywords/set","display_name":"Set (abstract data type)","score":0.06340393424034119}],"concepts":[{"id":"https://openalex.org/C153180980","wikidata":"https://www.wikidata.org/wiki/Q19776675","display_name":"Commit","level":2,"score":0.9290652871131897},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.7574979066848755},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.73927903175354},{"id":"https://openalex.org/C167063184","wikidata":"https://www.wikidata.org/wiki/Q1400839","display_name":"Vulnerability assessment","level":3,"score":0.6395628452301025},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.5324284434318542},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5193377733230591},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.513613224029541},{"id":"https://openalex.org/C15744967","wikidata":"https://www.wikidata.org/wiki/Q9418","display_name":"Psychology","level":0,"score":0.081379234790802},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0708809494972229},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.06772032380104065},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.06340393424034119},{"id":"https://openalex.org/C542102704","wikidata":"https://www.wikidata.org/wiki/Q183257","display_name":"Psychotherapist","level":1,"score":0.0},{"id":"https://openalex.org/C137176749","wikidata":"https://www.wikidata.org/wiki/Q4105337","display_name":"Psychological resilience","level":2,"score":0.0},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3611643.3616346","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3611643.3616346","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3611643.3616346","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 31st ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering","raw_type":"proceedings-article"}],"best_oa_location":{"id":"doi:10.1145/3611643.3616346","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3611643.3616346","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3611643.3616346","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 31st ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering","raw_type":"proceedings-article"},"sustainable_development_goals":[{"score":0.7699999809265137,"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions"}],"awards":[{"id":"https://openalex.org/G4604030585","display_name":null,"funder_award_id":"NCAE-C-002-2021","funder_id":"https://openalex.org/F4320311089","funder_display_name":"National Security Agency"},{"id":"https://openalex.org/G5204842600","display_name":null,"funder_award_id":"CNS-2120386","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G758310216","display_name":"Collaborative Research: CCRI: ENS: Boa 2.0: Enhancing Infrastructure for Studying Software and its Evolution at a Large Scale","funder_award_id":"2120386","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"}],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"},{"id":"https://openalex.org/F4320311089","display_name":"National Security Agency","ror":"https://ror.org/0047bvr32"}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4389165160.pdf","grobid_xml":"https://content.openalex.org/works/W4389165160.grobid-xml"},"referenced_works_count":31,"referenced_works":["https://openalex.org/W150078352","https://openalex.org/W199832099","https://openalex.org/W1971733255","https://openalex.org/W2059185913","https://openalex.org/W2069268700","https://openalex.org/W2102193394","https://openalex.org/W2144344516","https://openalex.org/W2740329368","https://openalex.org/W2767521898","https://openalex.org/W2890264517","https://openalex.org/W2902415484","https://openalex.org/W2962960733","https://openalex.org/W2963321189","https://openalex.org/W2969223458","https://openalex.org/W3009129408","https://openalex.org/W3011013751","https://openalex.org/W3040158574","https://openalex.org/W3081792418","https://openalex.org/W3091588759","https://openalex.org/W3102072454","https://openalex.org/W3105867435","https://openalex.org/W3127736190","https://openalex.org/W3161938055","https://openalex.org/W3166095789","https://openalex.org/W3177116043","https://openalex.org/W3194346579","https://openalex.org/W3195612455","https://openalex.org/W4232648333","https://openalex.org/W4242177601","https://openalex.org/W4312436517","https://openalex.org/W4312969325"],"related_works":["https://openalex.org/W1883246888","https://openalex.org/W2370114625","https://openalex.org/W1756374135","https://openalex.org/W2947584067","https://openalex.org/W3118510577","https://openalex.org/W2280562859","https://openalex.org/W230721595","https://openalex.org/W3157230915","https://openalex.org/W1496728123","https://openalex.org/W2062873522"],"abstract_inverted_index":{"Software":[0],"Vulnerabilities":[1],"(SVs)":[2],"are":[3,7],"security":[4],"flaws":[5],"that":[6],"exploitable":[8],"in":[9,12],"cyber-attacks.":[10],"Delay":[11],"the":[13,25,29,42,64],"detection":[14,58],"and":[15,59,78],"assessment":[16,60,65],"of":[17,51],"SVs":[18],"might":[19],"cause":[20],"serious":[21],"consequences":[22],"due":[23,71],"to":[24,38,72],"unknown":[26],"impacts":[27],"on":[28,41],"attacked":[30],"systems.":[31],"The":[32],"state-of-the-art":[33],"approaches":[34,66],"have":[35],"been":[36],"proposed":[37],"work":[39],"directly":[40],"committed":[43],"code":[44,76],"changes":[45,77],"for":[46,75],"early":[47],"detection.":[48],"However,":[49],"none":[50],"them":[52],"could":[53],"provide":[54],"both":[55],"commit-level":[56],"vulnerability":[57],"at":[61],"once.":[62],"Moreover,":[63],"still":[67],"suffer":[68],"low":[69],"accuracy":[70],"limited":[73],"representations":[74],"surrounding":[79],"contexts.":[80]},"counts_by_year":[{"year":2025,"cited_by_count":9},{"year":2024,"cited_by_count":1}],"updated_date":"2026-04-26T08:31:28.666265","created_date":"2025-10-10T00:00:00"}