{"id":"https://openalex.org/W4391444574","doi":"https://doi.org/10.1145/3641543","title":"Beyond Fidelity: Explaining Vulnerability Localization of Learning-Based Detectors","display_name":"Beyond Fidelity: Explaining Vulnerability Localization of Learning-Based Detectors","publication_year":2024,"publication_date":"2024-02-01","ids":{"openalex":"https://openalex.org/W4391444574","doi":"https://doi.org/10.1145/3641543"},"language":"en","primary_location":{"id":"doi:10.1145/3641543","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3641543","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3641543","source":{"id":"https://openalex.org/S142627899","display_name":"ACM Transactions on Software Engineering and Methodology","issn_l":"1049-331X","issn":["1049-331X","1557-7392"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ACM Transactions on Software Engineering and Methodology","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"bronze","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3641543","any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5100640941","display_name":"Baijun Cheng","orcid":null},"institutions":[{"id":"https://openalex.org/I20231570","display_name":"Peking University","ror":"https://ror.org/02v51f717","country_code":"CN","type":"education","lineage":["https://openalex.org/I20231570"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Baijun Cheng","raw_affiliation_strings":["Peking University, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Peking University, Beijing, China","institution_ids":["https://openalex.org/I20231570"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5102958575","display_name":"Shengming Zhao","orcid":"https://orcid.org/0009-0007-5035-2206"},"institutions":[{"id":"https://openalex.org/I154425047","display_name":"University of Alberta","ror":"https://ror.org/0160cpw27","country_code":"CA","type":"education","lineage":["https://openalex.org/I154425047"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Shengming Zhao","raw_affiliation_strings":["University of Alberta, Edmonton, Canada"],"affiliations":[{"raw_affiliation_string":"University of Alberta, Edmonton, Canada","institution_ids":["https://openalex.org/I154425047"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5000432413","display_name":"Kailong Wang","orcid":"https://orcid.org/0000-0002-3977-6573"},"institutions":[{"id":"https://openalex.org/I47720641","display_name":"Huazhong University of Science and Technology","ror":"https://ror.org/00p991c53","country_code":"CN","type":"education","lineage":["https://openalex.org/I47720641"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Kailong Wang","raw_affiliation_strings":["Huazhong University of Science and Technology, Wuhan China","Huazhong University of Science and Technology, Wuhan, China"],"affiliations":[{"raw_affiliation_string":"Huazhong University of Science and Technology, Wuhan China","institution_ids":["https://openalex.org/I47720641"]},{"raw_affiliation_string":"Huazhong University of Science and Technology, Wuhan, China","institution_ids":["https://openalex.org/I47720641"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101544595","display_name":"Meizhen Wang","orcid":"https://orcid.org/0009-0008-1346-7335"},"institutions":[{"id":"https://openalex.org/I47720641","display_name":"Huazhong University of Science and Technology","ror":"https://ror.org/00p991c53","country_code":"CN","type":"education","lineage":["https://openalex.org/I47720641"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Meizhen Wang","raw_affiliation_strings":["Huazhong University of Science and Technology, Wuhan, China"],"affiliations":[{"raw_affiliation_string":"Huazhong University of Science and Technology, Wuhan, China","institution_ids":["https://openalex.org/I47720641"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5015858067","display_name":"Guangdong Bai","orcid":"https://orcid.org/0000-0002-6390-9890"},"institutions":[{"id":"https://openalex.org/I165143802","display_name":"University of Queensland","ror":"https://ror.org/00rqy9422","country_code":"AU","type":"education","lineage":["https://openalex.org/I165143802"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Guangdong Bai","raw_affiliation_strings":["University of Queensland, Saint Lucia, Australia"],"affiliations":[{"raw_affiliation_string":"University of Queensland, Saint Lucia, Australia","institution_ids":["https://openalex.org/I165143802"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5032257261","display_name":"Ruitao Feng","orcid":"https://orcid.org/0000-0001-9080-6865"},"institutions":[{"id":"https://openalex.org/I31746571","display_name":"UNSW Sydney","ror":"https://ror.org/03r8z3t63","country_code":"AU","type":"education","lineage":["https://openalex.org/I31746571"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Ruitao Feng","raw_affiliation_strings":["University of New South Wales, Sydney, Australia"],"affiliations":[{"raw_affiliation_string":"University of New South Wales, Sydney, Australia","institution_ids":["https://openalex.org/I31746571"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5021450973","display_name":"Yao Guo","orcid":"https://orcid.org/0000-0001-5064-5286"},"institutions":[{"id":"https://openalex.org/I20231570","display_name":"Peking University","ror":"https://ror.org/02v51f717","country_code":"CN","type":"education","lineage":["https://openalex.org/I20231570"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yao Guo","raw_affiliation_strings":["Peking University, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Peking University, Beijing, China","institution_ids":["https://openalex.org/I20231570"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101468661","display_name":"Lei Ma","orcid":"https://orcid.org/0000-0002-8621-2420"},"institutions":[{"id":"https://openalex.org/I154425047","display_name":"University of Alberta","ror":"https://ror.org/0160cpw27","country_code":"CA","type":"education","lineage":["https://openalex.org/I154425047"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Lei Ma","raw_affiliation_strings":["University of Alberta, Edmonton, Canada"],"affiliations":[{"raw_affiliation_string":"University of Alberta, Edmonton, Canada","institution_ids":["https://openalex.org/I154425047"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5115695530","display_name":"Haoyu Wang","orcid":"https://orcid.org/0000-0003-1100-8633"},"institutions":[{"id":"https://openalex.org/I47720641","display_name":"Huazhong University of Science and Technology","ror":"https://ror.org/00p991c53","country_code":"CN","type":"education","lineage":["https://openalex.org/I47720641"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Haoyu Wang","raw_affiliation_strings":["Huazhong University of Science and Technology, Wuhan, China"],"affiliations":[{"raw_affiliation_string":"Huazhong University of Science and Technology, Wuhan, China","institution_ids":["https://openalex.org/I47720641"]}]}],"institutions":[],"countries_distinct_count":3,"institutions_distinct_count":9,"corresponding_author_ids":["https://openalex.org/A5100640941"],"corresponding_institution_ids":["https://openalex.org/I20231570"],"apc_list":null,"apc_paid":null,"fwci":2.9096,"has_fulltext":true,"cited_by_count":8,"citation_normalized_percentile":{"value":0.91360229,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":94,"max":99},"biblio":{"volume":"33","issue":"5","first_page":"1","last_page":"33"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9975000023841858,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9975000023841858,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12026","display_name":"Explainable Artificial Intelligence (XAI)","score":0.9922000169754028,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10462","display_name":"Reinforcement Learning in Robotics","score":0.9746999740600586,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7891044020652771},{"id":"https://openalex.org/keywords/fidelity","display_name":"Fidelity","score":0.6592440605163574},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.6523473858833313},{"id":"https://openalex.org/keywords/detector","display_name":"Detector","score":0.41657134890556335},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.20777755975723267},{"id":"https://openalex.org/keywords/telecommunications","display_name":"Telecommunications","score":0.11498594284057617}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7891044020652771},{"id":"https://openalex.org/C2776459999","wikidata":"https://www.wikidata.org/wiki/Q2119376","display_name":"Fidelity","level":2,"score":0.6592440605163574},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.6523473858833313},{"id":"https://openalex.org/C94915269","wikidata":"https://www.wikidata.org/wiki/Q1834857","display_name":"Detector","level":2,"score":0.41657134890556335},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.20777755975723267},{"id":"https://openalex.org/C76155785","wikidata":"https://www.wikidata.org/wiki/Q418","display_name":"Telecommunications","level":1,"score":0.11498594284057617}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3641543","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3641543","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3641543","source":{"id":"https://openalex.org/S142627899","display_name":"ACM Transactions on Software Engineering and Methodology","issn_l":"1049-331X","issn":["1049-331X","1557-7392"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ACM Transactions on Software Engineering and Methodology","raw_type":"journal-article"}],"best_oa_location":{"id":"doi:10.1145/3641543","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3641543","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3641543","source":{"id":"https://openalex.org/S142627899","display_name":"ACM Transactions on Software Engineering and Methodology","issn_l":"1049-331X","issn":["1049-331X","1557-7392"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ACM Transactions on Software Engineering and Methodology","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4391444574.pdf","grobid_xml":"https://content.openalex.org/works/W4391444574.grobid-xml"},"referenced_works_count":49,"referenced_works":["https://openalex.org/W1992114977","https://openalex.org/W2079735306","https://openalex.org/W2250539671","https://openalex.org/W2282821441","https://openalex.org/W2297774820","https://openalex.org/W2765793020","https://openalex.org/W2807124908","https://openalex.org/W2885030880","https://openalex.org/W2910705748","https://openalex.org/W2911964244","https://openalex.org/W2955438753","https://openalex.org/W2962858109","https://openalex.org/W2962960733","https://openalex.org/W2963355447","https://openalex.org/W2964045325","https://openalex.org/W2979481854","https://openalex.org/W2998879504","https://openalex.org/W3000120900","https://openalex.org/W3033892090","https://openalex.org/W3083954092","https://openalex.org/W3091588759","https://openalex.org/W3098605233","https://openalex.org/W3105503635","https://openalex.org/W3108823960","https://openalex.org/W3111602563","https://openalex.org/W3134763859","https://openalex.org/W3161071537","https://openalex.org/W3163206498","https://openalex.org/W3166095789","https://openalex.org/W3168488662","https://openalex.org/W3175995826","https://openalex.org/W3177116043","https://openalex.org/W3184370740","https://openalex.org/W3187467055","https://openalex.org/W3194069451","https://openalex.org/W3194346579","https://openalex.org/W3209597191","https://openalex.org/W4205174002","https://openalex.org/W4206241418","https://openalex.org/W4211027502","https://openalex.org/W4229494842","https://openalex.org/W4281769395","https://openalex.org/W4285490489","https://openalex.org/W4312436517","https://openalex.org/W4312969325","https://openalex.org/W4384155466","https://openalex.org/W4384155620","https://openalex.org/W4384345694","https://openalex.org/W4388502409"],"related_works":["https://openalex.org/W4391375266","https://openalex.org/W2748952813","https://openalex.org/W2381850946","https://openalex.org/W4380449851","https://openalex.org/W3125091513","https://openalex.org/W4318832338","https://openalex.org/W2390279801","https://openalex.org/W2358668433","https://openalex.org/W4396701345","https://openalex.org/W2376932109"],"abstract_inverted_index":{"Vulnerability":[0],"detectors":[1,26,106],"based":[2,107],"on":[3,108],"deep":[4],"learning":[5],"(DL)":[6],"models":[7],"have":[8,41,53],"proven":[9],"their":[10],"effectiveness":[11],"in":[12,57,166,182],"recent":[13],"years.":[14],"However,":[15],"the":[16,21,46,98,150,153,159,178,187],"shroud":[17],"of":[18,24,73,76,100,152,171,180,189],"opacity":[19],"surrounding":[20],"decision-making":[22],"process":[23],"these":[25,89,135],"makes":[27],"it":[28],"difficult":[29],"for":[30,104,133],"security":[31],"analysts":[32],"to":[33,44,177],"comprehend.":[34],"To":[35],"address":[36],"this,":[37],"various":[38],"explanation":[39,90,102,160],"approaches":[40,103],"been":[42,54],"proposed":[43],"explain":[45],"predictions":[47],"by":[48,88,114,158,193],"highlighting":[49],"important":[50,184],"features,":[51,78],"which":[52],"demonstrated":[55],"effective":[56],"domains":[58],"such":[59,79],"as":[60,80,137],"computer":[61],"vision":[62],"and":[63,86,110,120,145,162,186],"natural":[64],"language":[65],"processing.":[66],"Unfortunately,":[67],"there":[68],"is":[69,131],"still":[70],"a":[71],"lack":[72],"in-depth":[74],"evaluation":[75],"vulnerability-critical":[77],"fine-grained":[81],"vulnerability-related":[82,154],"code":[83,155],"lines,":[84],"learned":[85,192],"understood":[87],"approaches.":[91],"In":[92],"this":[93,167],"study,":[94],"we":[95],"first":[96],"evaluate":[97],"performance":[99],"ten":[101],"vulnerability":[105,121],"graph":[109],"sequence":[111],"representations,":[112],"measured":[113],"two":[115],"quantitative":[116],"metrics":[117],"including":[118],"fidelity":[119,129,138],"line":[122],"coverage":[123],"rate.":[124],"Our":[125],"results":[126],"show":[127],"that":[128],"alone":[130],"insufficent":[132],"evaluating":[134],"approaches,":[136,161],"incurs":[139],"significant":[140],"fluctuations":[141],"across":[142],"different":[143],"datasets":[144],"detectors.":[146,195],"We":[147],"subsequently":[148],"check":[149],"precision":[151],"lines":[156],"reported":[157],"find":[163],"poor":[164],"accuracy":[165],"task":[168],"among":[169],"all":[170],"them.":[172],"This":[173],"can":[174],"be":[175],"attributed":[176],"inefficiency":[179],"explainers":[181],"selecting":[183],"features":[185],"presence":[188],"irrelevant":[190],"artifacts":[191],"DL-based":[194]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":5},{"year":2024,"cited_by_count":2}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}