{"id":"https://openalex.org/W4403536893","doi":"https://doi.org/10.1145/3691620.3695488","title":"Unveiling the Characteristics and Impact of Security Patch Evolution","display_name":"Unveiling the Characteristics and Impact of Security Patch Evolution","publication_year":2024,"publication_date":"2024-10-18","ids":{"openalex":"https://openalex.org/W4403536893","doi":"https://doi.org/10.1145/3691620.3695488"},"language":"en","primary_location":{"id":"doi:10.1145/3691620.3695488","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3691620.3695488","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 39th IEEE/ACM International Conference on Automated Software Engineering","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5026505146","display_name":"Zifan Xie","orcid":"https://orcid.org/0000-0002-3264-1684"},"institutions":[{"id":"https://openalex.org/I47720641","display_name":"Huazhong University of Science and Technology","ror":"https://ror.org/00p991c53","country_code":"CN","type":"education","lineage":["https://openalex.org/I47720641"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Zifan Xie","raw_affiliation_strings":["Huazhong University of Science and Technology, Wuhan, China"],"raw_orcid":"https://orcid.org/0000-0002-3264-1684","affiliations":[{"raw_affiliation_string":"Huazhong University of Science and Technology, Wuhan, China","institution_ids":["https://openalex.org/I47720641"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5003031253","display_name":"Ming Wen","orcid":"https://orcid.org/0000-0001-5588-9618"},"institutions":[{"id":"https://openalex.org/I47720641","display_name":"Huazhong University of Science and Technology","ror":"https://ror.org/00p991c53","country_code":"CN","type":"education","lineage":["https://openalex.org/I47720641"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Ming Wen","raw_affiliation_strings":["Huazhong University of Science and Technology, Wuhan, China"],"raw_orcid":"https://orcid.org/0000-0001-5588-9618","affiliations":[{"raw_affiliation_string":"Huazhong University of Science and Technology, Wuhan, China","institution_ids":["https://openalex.org/I47720641"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5102648791","display_name":"Zichao Wei","orcid":"https://orcid.org/0009-0007-5718-3935"},"institutions":[{"id":"https://openalex.org/I47720641","display_name":"Huazhong University of Science and Technology","ror":"https://ror.org/00p991c53","country_code":"CN","type":"education","lineage":["https://openalex.org/I47720641"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Zichao Wei","raw_affiliation_strings":["Huazhong University of Science and Technology, Wuhan, China"],"raw_orcid":"https://orcid.org/0009-0007-5718-3935","affiliations":[{"raw_affiliation_string":"Huazhong University of Science and Technology, Wuhan, China","institution_ids":["https://openalex.org/I47720641"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5022262922","display_name":"Hai Jin","orcid":"https://orcid.org/0000-0002-3934-7605"},"institutions":[{"id":"https://openalex.org/I47720641","display_name":"Huazhong University of Science and Technology","ror":"https://ror.org/00p991c53","country_code":"CN","type":"education","lineage":["https://openalex.org/I47720641"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Hai Jin","raw_affiliation_strings":["Huazhong University of Science and Technology, Wuhan, China"],"raw_orcid":"https://orcid.org/0000-0002-3934-7605","affiliations":[{"raw_affiliation_string":"Huazhong University of Science and Technology, Wuhan, China","institution_ids":["https://openalex.org/I47720641"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":1,"corresponding_author_ids":[],"corresponding_institution_ids":["https://openalex.org/I47720641"],"apc_list":null,"apc_paid":null,"fwci":1.3511,"has_fulltext":false,"cited_by_count":2,"citation_normalized_percentile":{"value":0.86400867,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":95,"max":96},"biblio":{"volume":null,"issue":null,"first_page":"1094","last_page":"1106"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9975000023841858,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9975000023841858,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9926999807357788,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.984499990940094,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.5245818495750427}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.5245818495750427}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3691620.3695488","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3691620.3695488","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 39th IEEE/ACM International Conference on Automated Software Engineering","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G79077134","display_name":null,"funder_award_id":"62372193","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"}],"funders":[{"id":"https://openalex.org/F4320321001","display_name":"National Natural Science Foundation of China","ror":"https://ror.org/01h0zpd94"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":44,"referenced_works":["https://openalex.org/W1992114977","https://openalex.org/W2000179394","https://openalex.org/W2004584049","https://openalex.org/W2039168567","https://openalex.org/W2115918232","https://openalex.org/W2129164226","https://openalex.org/W2167117640","https://openalex.org/W2621112123","https://openalex.org/W2749008552","https://openalex.org/W2766411424","https://openalex.org/W2766540688","https://openalex.org/W2795030435","https://openalex.org/W2885030880","https://openalex.org/W2895570420","https://openalex.org/W2897679705","https://openalex.org/W2901689459","https://openalex.org/W2926178846","https://openalex.org/W2967204716","https://openalex.org/W3014659028","https://openalex.org/W3043519510","https://openalex.org/W3048065912","https://openalex.org/W3089659633","https://openalex.org/W3100698844","https://openalex.org/W3105926539","https://openalex.org/W3108766814","https://openalex.org/W3112271420","https://openalex.org/W3129991213","https://openalex.org/W3141872514","https://openalex.org/W3160908899","https://openalex.org/W3161799213","https://openalex.org/W3191226037","https://openalex.org/W4206520479","https://openalex.org/W4220959771","https://openalex.org/W4224319280","https://openalex.org/W4226004737","https://openalex.org/W4280528532","https://openalex.org/W4285586654","https://openalex.org/W4299301436","https://openalex.org/W4367047118","https://openalex.org/W4384129320","https://openalex.org/W4384155568","https://openalex.org/W4385080397","https://openalex.org/W4388858247","https://openalex.org/W4402457614"],"related_works":["https://openalex.org/W4391375266","https://openalex.org/W2899084033","https://openalex.org/W2748952813","https://openalex.org/W2390279801","https://openalex.org/W4391913857","https://openalex.org/W2358668433","https://openalex.org/W4396701345","https://openalex.org/W2376932109","https://openalex.org/W2001405890","https://openalex.org/W4396696052"],"abstract_inverted_index":{"The":[0],"number":[1],"of":[2,38,48,78,137,181],"disclosed":[3],"vulnerabilities":[4,25],"in":[5,26,54,141],"open-source":[6,39,106,142,164],"projects":[7,165],"has":[8],"been":[9,84],"increasing":[10],"steadily":[11],"over":[12],"the":[13,33,49,55,98,113,117,129,135,179,189],"years,":[14],"and":[15,36,62,92,188],"thus":[16],"it":[17,58],"is":[18,59,103,120],"important":[19,114,174,205],"to":[20,23,32,64,132,178],"deploy":[21],"patches":[22,160],"repair":[24],"a":[27,151],"timely":[28],"manner.":[29],"However,":[30],"due":[31],"widespread":[34],"reuse":[35],"customization":[37],"software,":[40],"there":[41],"are":[42],"often":[43,60,111],"multiple":[44],"versions":[45],"or":[46],"branches":[47],"same":[50],"project":[51],"that":[52,66,100,116,200],"co-exist":[53],"ecosystem.":[56],"Therefore,":[57],"challenging":[61],"tricky":[63],"guarantee":[65],"an":[67],"exposed":[68],"vulnerability":[69,80,90,195],"can":[70,203],"be":[71],"repaired":[72],"thoroughly.":[73],"Driven":[74],"by":[75],"this,":[76],"plenty":[77],"1-day":[79,194],"analysis":[81,109,196],"tools":[82,110],"have":[83],"proposed":[85],"recently,":[86],"such":[87],"as":[88],"function-level":[89],"detection":[91],"patch":[93,139,182,185,211],"presence":[94],"test":[95],"tools.":[96,197],"Despite":[97],"fact":[99,115],"code":[101,119],"evolution":[102,140,183,186,190],"common":[104],"for":[105],"projects,":[107],"existing":[108],"neglect":[112],"patched":[118],"also":[121],"constantly":[122],"evolving.":[123],"In":[124,144],"this":[125,201],"study,":[126],"we":[127,146],"take":[128],"first":[130],"look":[131],"systematically":[133],"investigate":[134],"phenomenon":[136],"security":[138],"projects.":[143],"particular,":[145],"performed":[147],"extensive":[148],"experiments":[149],"on":[150,192,207,210],"large-scale":[152],"dataset":[153],"containing":[154],"1,046":[155],"distinct":[156],"CVEs":[157],"with":[158,176],"2,633":[159],"collected":[161],"from":[162],"popular":[163],"(e.g.,":[166],"linux,":[167],"openssl).":[168],"This":[169],"study":[170,202],"reveals":[171],"interesting":[172],"yet":[173],"findings":[175],"respect":[177],"aspects":[180],"frequency,":[184],"patterns,":[187],"impact":[191],"downstream":[193],"We":[198],"believe":[199],"shed":[204],"light":[206],"future":[208],"researches":[209],"analysis.":[212]},"counts_by_year":[{"year":2025,"cited_by_count":2}],"updated_date":"2026-06-26T08:34:08.712188","created_date":"2025-10-10T00:00:00"}