{"id":"https://openalex.org/W4399477683","doi":"https://doi.org/10.1145/3626232.3653256","title":"CrashTalk: Automated Generation of Precise, Human Readable, Descriptions of Software Security Bugs","display_name":"CrashTalk: Automated Generation of Precise, Human Readable, Descriptions of Software Security Bugs","publication_year":2024,"publication_date":"2024-06-10","ids":{"openalex":"https://openalex.org/W4399477683","doi":"https://doi.org/10.1145/3626232.3653256"},"language":"en","primary_location":{"id":"doi:10.1145/3626232.3653256","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3626232.3653256","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the Fourteenth ACM Conference on Data and Application Security and Privacy","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5022108957","display_name":"Kedrian James","orcid":"https://orcid.org/0009-0006-4810-1945"},"institutions":[{"id":"https://openalex.org/I114027177","display_name":"University of North Carolina at Chapel Hill","ror":"https://ror.org/0130frc33","country_code":"US","type":"education","lineage":["https://openalex.org/I114027177"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Kedrian James","raw_affiliation_strings":["University of North Carolina at Chapel Hill, Chapel Hill, NC, USA"],"raw_orcid":"https://orcid.org/0009-0006-4810-1945","affiliations":[{"raw_affiliation_string":"University of North Carolina at Chapel Hill, Chapel Hill, NC, USA","institution_ids":["https://openalex.org/I114027177"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5041185630","display_name":"Kevin Valakuzhy","orcid":"https://orcid.org/0009-0006-6565-3856"},"institutions":[{"id":"https://openalex.org/I130701444","display_name":"Georgia Institute of Technology","ror":"https://ror.org/01zkghx44","country_code":"US","type":"education","lineage":["https://openalex.org/I130701444"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Kevin Valakuzhy","raw_affiliation_strings":["Georgia Institute of Technology, Atlanta, GA, USA"],"raw_orcid":"https://orcid.org/0009-0006-6565-3856","affiliations":[{"raw_affiliation_string":"Georgia Institute of Technology, Atlanta, GA, USA","institution_ids":["https://openalex.org/I130701444"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5019527145","display_name":"Kevin Z. Snow","orcid":"https://orcid.org/0009-0007-3666-9880"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Kevin Snow","raw_affiliation_strings":["Zeropoint Dynamics, Chapel Hill, NC, USA"],"raw_orcid":"https://orcid.org/0009-0007-3666-9880","affiliations":[{"raw_affiliation_string":"Zeropoint Dynamics, Chapel Hill, NC, USA","institution_ids":[]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5069862528","display_name":"Fabian Monrose","orcid":"https://orcid.org/0000-0002-9805-2217"},"institutions":[{"id":"https://openalex.org/I130701444","display_name":"Georgia Institute of Technology","ror":"https://ror.org/01zkghx44","country_code":"US","type":"education","lineage":["https://openalex.org/I130701444"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Fabian Monrose","raw_affiliation_strings":["Georgia Institute of Technology, Atlanta, GA, USA"],"raw_orcid":"https://orcid.org/0000-0002-9805-2217","affiliations":[{"raw_affiliation_string":"Georgia Institute of Technology, Atlanta, GA, USA","institution_ids":["https://openalex.org/I130701444"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5022108957"],"corresponding_institution_ids":["https://openalex.org/I114027177"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.10877885,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"337","last_page":"347"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.9993000030517578,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7669945359230042},{"id":"https://openalex.org/keywords/software-bug","display_name":"Software bug","score":0.536372184753418},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.47398629784584045},{"id":"https://openalex.org/keywords/software-security-assurance","display_name":"Software security assurance","score":0.4499656558036804},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.39614802598953247},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.3676624298095703},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.22938448190689087},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.18028473854064941}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7669945359230042},{"id":"https://openalex.org/C1009929","wikidata":"https://www.wikidata.org/wiki/Q179550","display_name":"Software bug","level":3,"score":0.536372184753418},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.47398629784584045},{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.4499656558036804},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.39614802598953247},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.3676624298095703},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.22938448190689087},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.18028473854064941},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3626232.3653256","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3626232.3653256","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the Fourteenth ACM Conference on Data and Application Security and Privacy","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":50,"referenced_works":["https://openalex.org/W2018582844","https://openalex.org/W2022759867","https://openalex.org/W2075206329","https://openalex.org/W2090094826","https://openalex.org/W2108747667","https://openalex.org/W2121713513","https://openalex.org/W2160517961","https://openalex.org/W2172154252","https://openalex.org/W2350778671","https://openalex.org/W2467903332","https://openalex.org/W2528179723","https://openalex.org/W2538458302","https://openalex.org/W2736091366","https://openalex.org/W2740264376","https://openalex.org/W2766411424","https://openalex.org/W2767521898","https://openalex.org/W2771090858","https://openalex.org/W2792425537","https://openalex.org/W2794283311","https://openalex.org/W2884293495","https://openalex.org/W2921022558","https://openalex.org/W2971876914","https://openalex.org/W2982413960","https://openalex.org/W2993781365","https://openalex.org/W3000514891","https://openalex.org/W3038101014","https://openalex.org/W3111143909","https://openalex.org/W3160492491","https://openalex.org/W3167088382","https://openalex.org/W3181806592","https://openalex.org/W3199693282","https://openalex.org/W3201166385","https://openalex.org/W3210304017","https://openalex.org/W4213274496","https://openalex.org/W4226043105","https://openalex.org/W4229756444","https://openalex.org/W4231868071","https://openalex.org/W4240399292","https://openalex.org/W4241947695","https://openalex.org/W4248025016","https://openalex.org/W4255973387","https://openalex.org/W4285490477","https://openalex.org/W4287751558","https://openalex.org/W4288064569","https://openalex.org/W4308643127","https://openalex.org/W4311926248","https://openalex.org/W6600686112","https://openalex.org/W6600708310","https://openalex.org/W6601647058","https://openalex.org/W6825602213"],"related_works":["https://openalex.org/W2562550268","https://openalex.org/W1589188624","https://openalex.org/W4231937131","https://openalex.org/W323219885","https://openalex.org/W2063928587","https://openalex.org/W1487966966","https://openalex.org/W1589342014","https://openalex.org/W1480341462","https://openalex.org/W598950423","https://openalex.org/W2621101275"],"abstract_inverted_index":{"Understanding":[0],"the":[1,14,46,50,67,95,111,144,155,165,222,242,270],"cause,":[2],"consequences,":[3],"and":[4,18,36,70,104,113,119,139,151,159,178],"severity":[5],"of":[6,13,48,52,94,115,143,167,184,199,221,281],"a":[7,26,53,63,116,133,137,190,276],"security":[8,54,160],"bug":[9,16,68,266],"are":[10,81,84,232],"critical":[11],"facets":[12],"overall":[15,271],"triaging":[17,71],"remediation":[19],"process.":[20],"Unfortunately,":[21],"diagnosing":[22],"failures":[23,223],"is":[24,279],"often":[25],"laborious":[27],"process":[28,47,72,272],"that":[29,90,101,183,214,231,237,255],"requires":[30],"developers":[31,158,187,287],"to":[32,43,65,108,174,182,194,262],"expend":[33],"significant":[34],"time":[35],"effort.":[37],"While":[38],"solutions":[39],"have":[40],"been":[41],"proposed":[42],"help":[44],"expedite":[45],"pinpointing":[49],"cause":[51,112],"bug,":[55],"few":[56],"proposals":[57],"provide":[58],"an":[59,99],"explanation":[60],"along":[61,146],"with":[62,147,196,264],"diagnosis":[64],"make":[66],"discovery":[69],"less":[73],"taxing.":[74],"Moreover,":[75],"even":[76],"in":[77,201,225],"cases":[78],"where":[79],"descriptions":[80,93],"provided,":[82],"they":[83],"not":[85],"guided":[86],"by":[87,188,241,259],"classification":[88],"models":[89],"support":[91],"precise":[92],"flaw.":[96],"We":[97,249],"present":[98,120],"approach":[100,216],"uses":[102],"static":[103],"dynamic":[105],"analysis":[106],"techniques":[107],"automatically":[109],"infer":[110],"consequences":[114],"software":[117,186,202],"crash":[118],"diagnostic":[121],"information":[122],"following":[123],"NIST's":[124],"recently":[125],"released":[126],"Bugs":[127],"Framework":[128],"taxonomy.":[129],"Specifically,":[130],"starting":[131],"from":[132],"crash,":[134],"we":[135,170,210,212],"generate":[136,179,251],"detailed":[138],"accessible":[140],"English":[141],"description":[142],"failure":[145],"its":[148],"weakness":[149,229],"types":[150,230],"severity,":[152],"thereby":[153],"easing":[154],"burden":[156],"on":[157],"analysts":[161],"alike.":[162],"To":[163],"evaluate":[164],"effectiveness":[166],"our":[168,172,215],"approach,":[169],"compare":[171],"ability":[173],"find":[175],"fault":[176],"locations":[177],"explanations":[180],"compared":[181],"professional":[185,286],"using":[189,206],"benchmark":[191],"specifically":[192],"designed":[193],"assist":[195,263],"realistic":[197],"evaluation":[198],"tools":[200],"engineering.":[203],"In":[204],"addition,":[205],"33":[207],"real-world":[208],"vulnerabilities":[209],"collected,":[211],"show":[213],"correctly":[217],"diagnoses":[218],"over":[219,275],"94%":[220],"and,":[224],"some":[226],"cases,":[227],"generates":[228],"more":[233],"specific":[234],"than":[235,284],"those":[236],"were":[238],"originally":[239],"assigned":[240],"submitter":[243],"or":[244],"National":[245],"Vulnerability":[246],"Database":[247],"analysts.":[248],"also":[250],"initial":[252],"vulnerability":[253],"scores":[254],"can":[256,288],"be":[257],"used":[258],"project":[260],"managers":[261],"prioritizing":[265],"fixes.":[267],"On":[268],"average,":[269],"takes":[273],"just":[274],"minute,":[277],"which":[278],"orders":[280],"magnitude":[282],"faster":[283],"what":[285],"do.":[289]},"counts_by_year":[],"updated_date":"2025-12-26T23:08:49.675405","created_date":"2025-10-10T00:00:00"}