{"id":"https://openalex.org/W4411450085","doi":"https://doi.org/10.1145/3729378","title":"VulPA: Detecting Semantically Recurring Vulnerabilities with Multi-object Typestate Analysis","display_name":"VulPA: Detecting Semantically Recurring Vulnerabilities with Multi-object Typestate Analysis","publication_year":2025,"publication_date":"2025-06-19","ids":{"openalex":"https://openalex.org/W4411450085","doi":"https://doi.org/10.1145/3729378"},"language":"en","primary_location":{"id":"doi:10.1145/3729378","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3729378","pdf_url":null,"source":{"id":"https://openalex.org/S4404663975","display_name":"Proceedings of the ACM on software engineering.","issn_l":"2994-970X","issn":["2994-970X"],"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the ACM on Software Engineering","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"hybrid","oa_url":"https://doi.org/10.1145/3729378","any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5026208461","display_name":"Liqing Cao","orcid":null},"institutions":[{"id":"https://openalex.org/I4210090176","display_name":"Institute of Computing Technology","ror":"https://ror.org/0090r4d87","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210090176"]},{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Liqing Cao","raw_affiliation_strings":["SKLP, Institute of Computing Technology, CAS, Beijing, China","University of Chinese Academy of Sciences, Beijing, China"],"raw_orcid":"https://orcid.org/0009-0008-8023-7150","affiliations":[{"raw_affiliation_string":"SKLP, Institute of Computing Technology, CAS, Beijing, China","institution_ids":["https://openalex.org/I4210090176"]},{"raw_affiliation_string":"University of Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210165038"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5055127933","display_name":"Haofeng Li","orcid":"https://orcid.org/0009-0008-0931-8767"},"institutions":[{"id":"https://openalex.org/I4210090176","display_name":"Institute of Computing Technology","ror":"https://ror.org/0090r4d87","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210090176"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Haofeng Li","raw_affiliation_strings":["SKLP, Institute of Computing Technology, CAS, Beijing, China"],"raw_orcid":"https://orcid.org/0009-0008-0931-8767","affiliations":[{"raw_affiliation_string":"SKLP, Institute of Computing Technology, CAS, Beijing, China","institution_ids":["https://openalex.org/I4210090176"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5095032730","display_name":"Chenghang Shi","orcid":"https://orcid.org/0009-0003-3055-8929"},"institutions":[{"id":"https://openalex.org/I4210090176","display_name":"Institute of Computing Technology","ror":"https://ror.org/0090r4d87","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210090176"]},{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Chenghang Shi","raw_affiliation_strings":["SKLP, Institute of Computing Technology, CAS, Beijing, China","University of Chinese Academy of Sciences, Beijing, China"],"raw_orcid":"https://orcid.org/0009-0003-3055-8929","affiliations":[{"raw_affiliation_string":"SKLP, Institute of Computing Technology, CAS, Beijing, China","institution_ids":["https://openalex.org/I4210090176"]},{"raw_affiliation_string":"University of Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210165038"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5068388413","display_name":"Jie Lu","orcid":"https://orcid.org/0000-0002-4162-0404"},"institutions":[{"id":"https://openalex.org/I4210090176","display_name":"Institute of Computing Technology","ror":"https://ror.org/0090r4d87","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210090176"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Jie Lu","raw_affiliation_strings":["SKLP, Institute of Computing Technology, CAS, Beijing, China"],"raw_orcid":"https://orcid.org/0000-0002-4162-0404","affiliations":[{"raw_affiliation_string":"SKLP, Institute of Computing Technology, CAS, Beijing, China","institution_ids":["https://openalex.org/I4210090176"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5053594943","display_name":"Haining Meng","orcid":"https://orcid.org/0009-0008-7149-7671"},"institutions":[{"id":"https://openalex.org/I4210090176","display_name":"Institute of Computing Technology","ror":"https://ror.org/0090r4d87","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210090176"]},{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Haining Meng","raw_affiliation_strings":["SKLP, Institute of Computing Technology, CAS, Beijing, China","University of Chinese Academy of Sciences, Beijing, China"],"raw_orcid":"https://orcid.org/0009-0008-7149-7671","affiliations":[{"raw_affiliation_string":"SKLP, Institute of Computing Technology, CAS, Beijing, China","institution_ids":["https://openalex.org/I4210090176"]},{"raw_affiliation_string":"University of Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210165038"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100317802","display_name":"Lian Li","orcid":"https://orcid.org/0000-0002-4476-0541"},"institutions":[{"id":"https://openalex.org/I4210090176","display_name":"Institute of Computing Technology","ror":"https://ror.org/0090r4d87","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210090176"]},{"id":"https://openalex.org/I4210165038","display_name":"University of Chinese Academy of Sciences","ror":"https://ror.org/05qbk4x57","country_code":"CN","type":"education","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210165038"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Lian Li","raw_affiliation_strings":["SKLP, Institute of Computing Technology, CAS, Beijing, China","University of Chinese Academy of Sciences, Beijing, China","Zhongguancun Laboratory, Beijing, China"],"raw_orcid":"https://orcid.org/0000-0002-4476-0541","affiliations":[{"raw_affiliation_string":"SKLP, Institute of Computing Technology, CAS, Beijing, China","institution_ids":["https://openalex.org/I4210090176"]},{"raw_affiliation_string":"University of Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I4210165038"]},{"raw_affiliation_string":"Zhongguancun Laboratory, Beijing, China","institution_ids":[]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5024664385","display_name":"Jingling Xue","orcid":"https://orcid.org/0000-0003-0380-3506"},"institutions":[{"id":"https://openalex.org/I31746571","display_name":"UNSW Sydney","ror":"https://ror.org/03r8z3t63","country_code":"AU","type":"education","lineage":["https://openalex.org/I31746571"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Jingling Xue","raw_affiliation_strings":["University of New South Wales, Sydney, Australia"],"raw_orcid":"https://orcid.org/0000-0003-0380-3506","affiliations":[{"raw_affiliation_string":"University of New South Wales, Sydney, Australia","institution_ids":["https://openalex.org/I31746571"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":7,"corresponding_author_ids":["https://openalex.org/A5026208461"],"corresponding_institution_ids":["https://openalex.org/I4210090176","https://openalex.org/I4210165038"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.14670993,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":"2","issue":"FSE","first_page":"2430","last_page":"2453"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9993000030517578,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12423","display_name":"Software Reliability and Analysis Research","score":0.9980000257492065,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8029587268829346},{"id":"https://openalex.org/keywords/java","display_name":"Java","score":0.6630473136901855},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.5935149192810059},{"id":"https://openalex.org/keywords/object","display_name":"Object (grammar)","score":0.5658016204833984},{"id":"https://openalex.org/keywords/variable","display_name":"Variable (mathematics)","score":0.5476424694061279},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.4789603054523468},{"id":"https://openalex.org/keywords/root","display_name":"Root (linguistics)","score":0.44957104325294495},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.3902316391468048},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.32242846488952637},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.2085394561290741},{"id":"https://openalex.org/keywords/linguistics","display_name":"Linguistics","score":0.08484160900115967}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8029587268829346},{"id":"https://openalex.org/C548217200","wikidata":"https://www.wikidata.org/wiki/Q251","display_name":"Java","level":2,"score":0.6630473136901855},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.5935149192810059},{"id":"https://openalex.org/C2781238097","wikidata":"https://www.wikidata.org/wiki/Q175026","display_name":"Object (grammar)","level":2,"score":0.5658016204833984},{"id":"https://openalex.org/C182365436","wikidata":"https://www.wikidata.org/wiki/Q50701","display_name":"Variable (mathematics)","level":2,"score":0.5476424694061279},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.4789603054523468},{"id":"https://openalex.org/C171078966","wikidata":"https://www.wikidata.org/wiki/Q111029","display_name":"Root (linguistics)","level":2,"score":0.44957104325294495},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.3902316391468048},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.32242846488952637},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.2085394561290741},{"id":"https://openalex.org/C41895202","wikidata":"https://www.wikidata.org/wiki/Q8162","display_name":"Linguistics","level":1,"score":0.08484160900115967},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.0},{"id":"https://openalex.org/C134306372","wikidata":"https://www.wikidata.org/wiki/Q7754","display_name":"Mathematical analysis","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3729378","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3729378","pdf_url":null,"source":{"id":"https://openalex.org/S4404663975","display_name":"Proceedings of the ACM on software engineering.","issn_l":"2994-970X","issn":["2994-970X"],"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the ACM on Software Engineering","raw_type":"journal-article"}],"best_oa_location":{"id":"doi:10.1145/3729378","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3729378","pdf_url":null,"source":{"id":"https://openalex.org/S4404663975","display_name":"Proceedings of the ACM on software engineering.","issn_l":"2994-970X","issn":["2994-970X"],"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the ACM on Software Engineering","raw_type":"journal-article"},"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions","score":0.6700000166893005}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":57,"referenced_works":["https://openalex.org/W68069235","https://openalex.org/W1582868218","https://openalex.org/W1700264732","https://openalex.org/W1846157972","https://openalex.org/W1967031800","https://openalex.org/W1971327145","https://openalex.org/W1971888212","https://openalex.org/W2006394045","https://openalex.org/W2019145653","https://openalex.org/W2022738481","https://openalex.org/W2036157748","https://openalex.org/W2080573945","https://openalex.org/W2086042629","https://openalex.org/W2106972913","https://openalex.org/W2111141292","https://openalex.org/W2117189826","https://openalex.org/W2127919458","https://openalex.org/W2138110817","https://openalex.org/W2160838104","https://openalex.org/W2162778607","https://openalex.org/W2634106992","https://openalex.org/W2767943400","https://openalex.org/W2773223713","https://openalex.org/W2789627069","https://openalex.org/W2794889478","https://openalex.org/W2804407995","https://openalex.org/W2888223970","https://openalex.org/W2888721414","https://openalex.org/W2985320478","https://openalex.org/W3089659633","https://openalex.org/W3138349232","https://openalex.org/W3141181691","https://openalex.org/W4214730640","https://openalex.org/W4225326198","https://openalex.org/W4230132297","https://openalex.org/W4234858006","https://openalex.org/W4238124605","https://openalex.org/W4244726870","https://openalex.org/W4245027182","https://openalex.org/W4253813365","https://openalex.org/W4289921754","https://openalex.org/W4298844786","https://openalex.org/W4301168982","https://openalex.org/W4301802532","https://openalex.org/W4308391493","https://openalex.org/W4308643066","https://openalex.org/W4308644396","https://openalex.org/W4384129320","https://openalex.org/W4384155604","https://openalex.org/W4384347367","https://openalex.org/W4388483262","https://openalex.org/W4391558518","https://openalex.org/W4392265980","https://openalex.org/W4396757498","https://openalex.org/W4403223035","https://openalex.org/W4405170929","https://openalex.org/W6902082599"],"related_works":["https://openalex.org/W2749690376","https://openalex.org/W2786317006","https://openalex.org/W4367724653","https://openalex.org/W2788563018","https://openalex.org/W4395962217","https://openalex.org/W2997587123","https://openalex.org/W4281673905","https://openalex.org/W2384620691","https://openalex.org/W3206385231","https://openalex.org/W1566482460"],"abstract_inverted_index":{"Detecting":[0,68],"semantically":[1],"recurring":[2],"vulnerabilities":[3,30,104,129],"with":[4,52],"similar":[5],"root":[6,50],"causes":[7,51],"remains":[8],"a":[9,23,53],"challenge":[10,44],"due":[11],"to":[12],"the":[13,84],"complex":[14,32,128],"interactions":[15],"between":[16],"multiple":[17,39],"variables.":[18],"This":[19],"paper":[20],"introduces":[21],"VulPA,":[22],"novel":[24],"approach":[25],"for":[26],"precisely":[27],"identifying":[28],"such":[29],"through":[31],"inter-procedural":[33,73],"data":[34],"and":[35,63,66,79,118],"control":[36],"flows":[37],"across":[38],"objects.":[40],"VulPA":[41,88,125],"tackles":[42],"this":[43],"in":[45],"two":[46],"steps:":[47],"1)":[48],"Defining":[49],"Vulnerability":[54],"Pattern":[55],"Description":[56],"Language":[57],"(VPDL)":[58],"that":[59,76],"specifies":[60],"variable":[61,80],"relations":[62],"bug-triggering":[64],"operations,":[65],"2)":[67],"these":[69],"patterns":[70],"using":[71,95],"an":[72],"multi-object":[74],"analysis":[75],"tracks":[77],"dataflows":[78],"interactions.":[81],"Built":[82],"on":[83,91],"Heros":[85],"IFDS":[86],"framework,":[87],"was":[89],"evaluated":[90],"26":[92],"Java":[93],"applications":[94],"rules":[96],"from":[97],"34":[98],"CVEs.":[99],"It":[100],"identified":[101],"90":[102],"new":[103],"(23.7%":[105],"false":[106],"positive":[107],"rate),":[108],"outperforming":[109],"existing":[110],"tools":[111],"(ReDeBug,":[112],"VUDDY,":[113],"SourcererCC,":[114],"PHunter,":[115],"PPT4J,":[116],"FlowDroid,":[117],"IDE\ud835\udc4e\ud835\udc59),":[119],"which":[120],"collectively":[121],"found":[122],"only":[123],"13.":[124],"effectively":[126],"uncovers":[127],"missed":[130],"by":[131],"state-of-the-art":[132],"tools.":[133]},"counts_by_year":[],"updated_date":"2026-05-21T06:26:12.895304","created_date":"2025-10-10T00:00:00"}