{"id":"https://openalex.org/W4413175825","doi":"https://doi.org/10.1145/3708821.3736208","title":"SAFE: A Novel Approach For Software Vulnerability Detection from Enhancing The Capability of Large Language Models","display_name":"SAFE: A Novel Approach For Software Vulnerability Detection from Enhancing The Capability of Large Language Models","publication_year":2025,"publication_date":"2025-08-13","ids":{"openalex":"https://openalex.org/W4413175825","doi":"https://doi.org/10.1145/3708821.3736208"},"language":"en","primary_location":{"id":"doi:10.1145/3708821.3736208","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3708821.3736208","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 20th ACM Asia Conference on Computer and Communications Security","raw_type":"proceedings-article"},"type":"conference-paper","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://researchmgt.monash.edu/ws/files/755894976/730550602-oa.pdf","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5100769134","display_name":"Van Nguyen","orcid":"https://orcid.org/0000-0002-5838-3409"},"institutions":[{"id":"https://openalex.org/I42894916","display_name":"Data61","ror":"https://ror.org/03q397159","country_code":"AU","type":"other","lineage":["https://openalex.org/I1292875679","https://openalex.org/I2801453606","https://openalex.org/I42894916","https://openalex.org/I4387156119"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Van Nguyen","raw_affiliation_strings":["Software Systems and Cybersecurity, Monash University, Clayton, Victoria, Australia and Cybersecurity and Quantum Systems, CSIRO's Data61, Clayton, Victoria, Australia"],"raw_orcid":"https://orcid.org/0000-0002-5838-3409","affiliations":[{"raw_affiliation_string":"Software Systems and Cybersecurity, Monash University, Clayton, Victoria, Australia and Cybersecurity and Quantum Systems, CSIRO's Data61, Clayton, Victoria, Australia","institution_ids":["https://openalex.org/I42894916"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5082256444","display_name":"\u202aSurya Nepal\u202c","orcid":"https://orcid.org/0000-0002-3289-6599"},"institutions":[{"id":"https://openalex.org/I42894916","display_name":"Data61","ror":"https://ror.org/03q397159","country_code":"AU","type":"other","lineage":["https://openalex.org/I1292875679","https://openalex.org/I2801453606","https://openalex.org/I42894916","https://openalex.org/I4387156119"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Surya Nepal","raw_affiliation_strings":["Cybersecurity and Quantum Systems, CSIRO's Data61, Marsfield, New South Wales, Australia"],"raw_orcid":"https://orcid.org/0000-0002-3289-6599","affiliations":[{"raw_affiliation_string":"Cybersecurity and Quantum Systems, CSIRO's Data61, Marsfield, New South Wales, Australia","institution_ids":["https://openalex.org/I42894916"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5064553444","display_name":"Xingliang Yuan","orcid":"https://orcid.org/0000-0002-3701-4946"},"institutions":[{"id":"https://openalex.org/I165779595","display_name":"The University of Melbourne","ror":"https://ror.org/01ej9dk98","country_code":"AU","type":"education","lineage":["https://openalex.org/I165779595"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Xingliang Yuan","raw_affiliation_strings":["Computing and Information Systems, The University of Melbourne, Parkville, Victoria, Australia"],"raw_orcid":"https://orcid.org/0000-0002-3701-4946","affiliations":[{"raw_affiliation_string":"Computing and Information Systems, The University of Melbourne, Parkville, Victoria, Australia","institution_ids":["https://openalex.org/I165779595"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5020443147","display_name":"Tingmin Wu","orcid":"https://orcid.org/0000-0003-0626-3576"},"institutions":[{"id":"https://openalex.org/I4210142128","display_name":"CSIRO Health and Biosecurity","ror":"https://ror.org/03jh4jw93","country_code":"AU","type":"facility","lineage":["https://openalex.org/I1292875679","https://openalex.org/I2801453606","https://openalex.org/I4210142128","https://openalex.org/I4387156119"]},{"id":"https://openalex.org/I42894916","display_name":"Data61","ror":"https://ror.org/03q397159","country_code":"AU","type":"other","lineage":["https://openalex.org/I1292875679","https://openalex.org/I2801453606","https://openalex.org/I42894916","https://openalex.org/I4387156119"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Tingmin Wu","raw_affiliation_strings":["Cybersecurity and Quantum Systems, CSIRO's Data61, Clayton, Victoria, Australia"],"raw_orcid":"https://orcid.org/0000-0003-0626-3576","affiliations":[{"raw_affiliation_string":"Cybersecurity and Quantum Systems, CSIRO's Data61, Clayton, Victoria, Australia","institution_ids":["https://openalex.org/I42894916","https://openalex.org/I4210142128"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5086593836","display_name":"Carsten Rudolph","orcid":"https://orcid.org/0000-0001-9050-5675"},"institutions":[{"id":"https://openalex.org/I56590836","display_name":"Monash University","ror":"https://ror.org/02bfwt286","country_code":"AU","type":"education","lineage":["https://openalex.org/I56590836"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Carsten Rudolph","raw_affiliation_strings":["Software Systems and Cybersecurity, Monash University, Clayton, Victoria, Australia"],"raw_orcid":"https://orcid.org/0000-0001-9050-5675","affiliations":[{"raw_affiliation_string":"Software Systems and Cybersecurity, Monash University, Clayton, Victoria, Australia","institution_ids":["https://openalex.org/I56590836"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":null,"has_fulltext":true,"cited_by_count":1,"citation_normalized_percentile":null,"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"392","last_page":"406"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9991000294685364,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9991000294685364,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12423","display_name":"Software Reliability and Analysis Research","score":0.9977999925613403,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9947999715805054,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7313058376312256},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.5681144595146179},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.4662284851074219},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.3594067394733429},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.21261462569236755},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.1670774221420288}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7313058376312256},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.5681144595146179},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.4662284851074219},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.3594067394733429},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.21261462569236755},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.1670774221420288}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1145/3708821.3736208","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3708821.3736208","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 20th ACM Asia Conference on Computer and Communications Security","raw_type":"proceedings-article"},{"id":"pmh:oai:monash.edu:openaire/77d02e6b-590e-4a10-9521-1649865a43b6","is_oa":true,"landing_page_url":"https://research.monash.edu/en/publications/77d02e6b-590e-4a10-9521-1649865a43b6","pdf_url":"https://researchmgt.monash.edu/ws/files/755894976/730550602-oa.pdf","source":{"id":"https://openalex.org/S4306402625","display_name":"Monash University Research Portal (Monash University)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I56590836","host_organization_name":"Monash University","host_organization_lineage":["https://openalex.org/I56590836"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Nguyen, V, Nepal, S, Yuan, X, Wu, T & Rudolph, C 2025, SAFE : A Novel Approach For Software Vulnerability Detection from Enhancing The Capability of Large Language Models. in D Tien Tuan Anh & T Van Van (eds), Proceedings of the 20th ACM ASIA Conference on Computer and Communications Security. Proceedings of the ACM Conference on Computer and Communications Security, Association for Computing Machinery (ACM), New York NY USA, pp. 392-406, ACM ASIA Conference on Computer and Communications Security 2025, Hanoi, Vietnam, 25/08/25. https://doi.org/10.1145/3708821.3736208","raw_type":"info:eu-repo/semantics/conferenceObject"}],"best_oa_location":{"id":"pmh:oai:monash.edu:openaire/77d02e6b-590e-4a10-9521-1649865a43b6","is_oa":true,"landing_page_url":"https://research.monash.edu/en/publications/77d02e6b-590e-4a10-9521-1649865a43b6","pdf_url":"https://researchmgt.monash.edu/ws/files/755894976/730550602-oa.pdf","source":{"id":"https://openalex.org/S4306402625","display_name":"Monash University Research Portal (Monash University)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I56590836","host_organization_name":"Monash University","host_organization_lineage":["https://openalex.org/I56590836"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Nguyen, V, Nepal, S, Yuan, X, Wu, T & Rudolph, C 2025, SAFE : A Novel Approach For Software Vulnerability Detection from Enhancing The Capability of Large Language Models. in D Tien Tuan Anh & T Van Van (eds), Proceedings of the 20th ACM ASIA Conference on Computer and Communications Security. Proceedings of the ACM Conference on Computer and Communications Security, Association for Computing Machinery (ACM), New York NY USA, pp. 392-406, ACM ASIA Conference on Computer and Communications Security 2025, Hanoi, Vietnam, 25/08/25. https://doi.org/10.1145/3708821.3736208","raw_type":"info:eu-repo/semantics/conferenceObject"},"sustainable_development_goals":[{"score":0.41999998688697815,"id":"https://metadata.un.org/sdg/10","display_name":"Reduced inequalities"}],"awards":[],"funders":[],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4413175825.pdf","grobid_xml":"https://content.openalex.org/works/W4413175825.grobid-xml"},"referenced_works_count":32,"referenced_works":["https://openalex.org/W1607167266","https://openalex.org/W1832693441","https://openalex.org/W2043837581","https://openalex.org/W2046830558","https://openalex.org/W2166336492","https://openalex.org/W2297419069","https://openalex.org/W2559935471","https://openalex.org/W2962784628","https://openalex.org/W2962960733","https://openalex.org/W2965861627","https://openalex.org/W2979183801","https://openalex.org/W2982577744","https://openalex.org/W2986396948","https://openalex.org/W3033777149","https://openalex.org/W3035733952","https://openalex.org/W3083954092","https://openalex.org/W3098605233","https://openalex.org/W3127782461","https://openalex.org/W3163206498","https://openalex.org/W3198685994","https://openalex.org/W3199263538","https://openalex.org/W3206617323","https://openalex.org/W4221166942","https://openalex.org/W4312436517","https://openalex.org/W4388638461","https://openalex.org/W4388826738","https://openalex.org/W4391282616","https://openalex.org/W4392353733","https://openalex.org/W4393406994","https://openalex.org/W4396594820","https://openalex.org/W4396773564","https://openalex.org/W4402263795"],"related_works":["https://openalex.org/W4391375266","https://openalex.org/W2899084033","https://openalex.org/W2748952813","https://openalex.org/W2390279801","https://openalex.org/W4391913857","https://openalex.org/W2358668433","https://openalex.org/W4396701345","https://openalex.org/W2376932109","https://openalex.org/W2001405890","https://openalex.org/W4396696052"],"abstract_inverted_index":{"Software":[0],"vulnerabilities":[1],"(SVs)":[2],"have":[3,37],"emerged":[4],"as":[5],"a":[6,66,92],"prevalent":[7],"and":[8,26,48,79,82,116,130,142,153,172],"crucial":[9,112],"concern":[10],"for":[11,29,89,170,177],"safety-critical":[12],"systems.":[13],"This":[14],"has":[15],"spurred":[16],"significant":[17],"advancements":[18],"in":[19,41,55,61],"utilizing":[20,111],"AI-based":[21,35],"methods,":[22],"including":[23],"machine":[24],"learning":[25],"deep":[27],"learning,":[28],"software":[30],"vulnerability":[31],"detection":[32],"(SVD).":[33],"While":[34],"methods":[36,183],"shown":[38],"promising":[39],"performance":[40],"SVD,":[42],"their":[43],"effectiveness":[44,122],"on":[45,134,158],"real-world,":[46],"complex,":[47],"diverse":[49],"source":[50,86,106],"code":[51,87,107],"datasets":[52,138,187],"remains":[53],"limited":[54],"practice.":[56],"To":[57],"tackle":[58],"this":[59,62],"challenge,":[60],"paper,":[63],"we":[64],"propose":[65],"novel":[67],"framework":[68],"that":[69],"enhances":[70],"the":[71,100,121,125,145,181,186],"capability":[72],"of":[73,102,123,147],"large":[74],"language":[75],"models":[76],"to":[77,119,168,175,180],"learn":[78],"utilize":[80],"semantic":[81,115],"syntactic":[83,117],"relationships":[84],"from":[85,105,166,173],"data":[88,108],"SVD.":[90],"As":[91],"result,":[93],"our":[94,148,160],"proposed":[95],"SAFE":[96,161],"approach":[97,149,162],"can":[98],"enable":[99],"acquisition":[101],"fundamental":[103],"knowledge":[104],"while":[109],"adeptly":[110],"relationships,":[113],"i.e.,":[114],"associations,":[118],"improve":[120],"solving":[124],"SVD":[126],"problem.":[127],"The":[128],"rigorous":[129],"extensive":[131],"experimental":[132],"results":[133],"three":[135],"real-world":[136],"challenging":[137],"(i.e.,":[139],"Devign,":[140],"ReVeal,":[141],"D2A)":[143],"demonstrate":[144],"superiority":[146],"over":[150],"eight":[151],"effective":[152],"state-of-the-art":[154],"baselines.":[155],"In":[156],"summary,":[157],"average,":[159],"achieves":[163],"higher":[164],"performances":[165],"4.79%":[167],"11.57%":[169],"F1-measure":[171],"16.93%":[174],"26.24%":[176],"Recall":[178],"compared":[179],"baseline":[182],"across":[184],"all":[185],"used.":[188]},"counts_by_year":[{"year":2026,"cited_by_count":1}],"updated_date":"2026-07-14T23:27:15.235271","created_date":"2025-08-17T00:00:00"}
