{"id":"https://openalex.org/W4399668677","doi":"https://doi.org/10.1145/3661167.3661217","title":"Detecting Security Fixes in Open-Source Repositories using Static Code Analyzers","display_name":"Detecting Security Fixes in Open-Source Repositories using Static Code Analyzers","publication_year":2024,"publication_date":"2024-06-14","ids":{"openalex":"https://openalex.org/W4399668677","doi":"https://doi.org/10.1145/3661167.3661217"},"language":"en","primary_location":{"id":"doi:10.1145/3661167.3661217","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3661167.3661217","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 28th International Conference on Evaluation and Assessment in Software Engineering","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5099128019","display_name":"Therese Fehrer","orcid":"https://orcid.org/0009-0003-8209-074X"},"institutions":[{"id":"https://openalex.org/I193700539","display_name":"Tilburg University","ror":"https://ror.org/04b8v1s79","country_code":"NL","type":"education","lineage":["https://openalex.org/I193700539"]}],"countries":["NL"],"is_corresponding":true,"raw_author_name":"Therese Fehrer","raw_affiliation_strings":["JADS, Tilburg University s-Hertogenbosch, Netherlands"],"affiliations":[{"raw_affiliation_string":"JADS, Tilburg University s-Hertogenbosch, Netherlands","institution_ids":["https://openalex.org/I193700539"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5048940233","display_name":"Roc\u00edo Cabrera Lozoya","orcid":"https://orcid.org/0000-0001-8911-7392"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Rocio Cabrera Lozoya","raw_affiliation_strings":["SAP Security Research, France"],"affiliations":[{"raw_affiliation_string":"SAP Security Research, France","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5040107971","display_name":"Antonino Sabetta","orcid":"https://orcid.org/0000-0003-3506-8374"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Antonino Sabetta","raw_affiliation_strings":["SAP Security Research, France"],"affiliations":[{"raw_affiliation_string":"SAP Security Research, France","institution_ids":[]}]},{"author_position":"middle","author":{"id":null,"display_name":"Dario Di Nucci","orcid":"https://orcid.org/0000-0003-4927-9324"},"institutions":[{"id":"https://openalex.org/I131729948","display_name":"University of Salerno","ror":"https://ror.org/0192m2k53","country_code":"IT","type":"education","lineage":["https://openalex.org/I131729948"]}],"countries":["IT"],"is_corresponding":false,"raw_author_name":"Dario Di Nucci","raw_affiliation_strings":["University of Salerno, Italy"],"affiliations":[{"raw_affiliation_string":"University of Salerno, Italy","institution_ids":["https://openalex.org/I131729948"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5000349425","display_name":"Damian A. Tamburri","orcid":"https://orcid.org/0000-0003-1230-8961"},"institutions":[{"id":"https://openalex.org/I83019370","display_name":"Eindhoven University of Technology","ror":"https://ror.org/02c2kyt77","country_code":"NL","type":"education","lineage":["https://openalex.org/I83019370"]}],"countries":["NL"],"is_corresponding":false,"raw_author_name":"Damian A. Tamburri","raw_affiliation_strings":["JADS, Eindhoven University of Technology ?s-Hertogenbosch, Netherlands"],"affiliations":[{"raw_affiliation_string":"JADS, Eindhoven University of Technology ?s-Hertogenbosch, Netherlands","institution_ids":["https://openalex.org/I83019370"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5099128019"],"corresponding_institution_ids":["https://openalex.org/I193700539"],"apc_list":null,"apc_paid":null,"fwci":1.5309,"has_fulltext":false,"cited_by_count":2,"citation_normalized_percentile":{"value":0.8581735,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":95,"max":96},"biblio":{"volume":null,"issue":null,"first_page":"429","last_page":"432"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.995199978351593,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12423","display_name":"Software Reliability and Analysis Research","score":0.9890000224113464,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8126899600028992},{"id":"https://openalex.org/keywords/open-source","display_name":"Open source","score":0.7096974849700928},{"id":"https://openalex.org/keywords/source-code","display_name":"Source code","score":0.6018772125244141},{"id":"https://openalex.org/keywords/code","display_name":"Code (set theory)","score":0.5289578437805176},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.5184130668640137},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.33556491136550903},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.16595712304115295},{"id":"https://openalex.org/keywords/set","display_name":"Set (abstract data type)","score":0.06662797927856445}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8126899600028992},{"id":"https://openalex.org/C3018397939","wikidata":"https://www.wikidata.org/wiki/Q3644502","display_name":"Open source","level":3,"score":0.7096974849700928},{"id":"https://openalex.org/C43126263","wikidata":"https://www.wikidata.org/wiki/Q128751","display_name":"Source code","level":2,"score":0.6018772125244141},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.5289578437805176},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.5184130668640137},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.33556491136550903},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.16595712304115295},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.06662797927856445}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3661167.3661217","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3661167.3661217","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 28th International Conference on Evaluation and Assessment in Software Engineering","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G8238287030","display_name":null,"funder_award_id":"101120393","funder_id":"https://openalex.org/F4320323817","funder_display_name":"Universitas Brawijaya"}],"funders":[{"id":"https://openalex.org/F4320323817","display_name":"Universitas Brawijaya","ror":"https://ror.org/01wk3d929"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":18,"referenced_works":["https://openalex.org/W28412257","https://openalex.org/W2026750231","https://openalex.org/W2029123435","https://openalex.org/W2073294644","https://openalex.org/W2128939007","https://openalex.org/W2135198476","https://openalex.org/W2158275940","https://openalex.org/W2159712408","https://openalex.org/W2395313173","https://openalex.org/W2787379525","https://openalex.org/W2791812915","https://openalex.org/W2803691889","https://openalex.org/W2850437924","https://openalex.org/W3096437122","https://openalex.org/W3138597995","https://openalex.org/W4238623774","https://openalex.org/W4240794126","https://openalex.org/W4246788636"],"related_works":["https://openalex.org/W2418291489","https://openalex.org/W2068121105","https://openalex.org/W2113128227","https://openalex.org/W632256878","https://openalex.org/W2491403535","https://openalex.org/W3081644756","https://openalex.org/W2479811461","https://openalex.org/W2104915799","https://openalex.org/W4311938462","https://openalex.org/W2355429491"],"abstract_inverted_index":{"The":[0],"sources":[1],"of":[2,20,29],"reliable,":[3],"code-level":[4,25],"information":[5],"about":[6],"vulnerabilities":[7],"that":[8,23],"affect":[9],"open-source":[10],"software":[11],"(OSS)":[12],"are":[13],"scarce,":[14],"which":[15],"hinders":[16],"a":[17],"broad":[18],"adoption":[19],"advanced":[21],"tools":[22],"provide":[24],"detection":[26],"and":[27],"assessment":[28],"vulnerable":[30],"OSS":[31],"dependencies.":[32]},"counts_by_year":[{"year":2025,"cited_by_count":2}],"updated_date":"2026-04-09T08:11:56.329763","created_date":"2025-10-10T00:00:00"}