{"id":"https://openalex.org/W4412070828","doi":"https://doi.org/10.1145/3744756","title":"Detecting Hard-Coded Credentials in Software Repositories via LLMs","display_name":"Detecting Hard-Coded Credentials in Software Repositories via LLMs","publication_year":2025,"publication_date":"2025-07-07","ids":{"openalex":"https://openalex.org/W4412070828","doi":"https://doi.org/10.1145/3744756"},"language":"en","primary_location":{"id":"doi:10.1145/3744756","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3744756","pdf_url":null,"source":{"id":"https://openalex.org/S4210235901","display_name":"Digital Threats Research and Practice","issn_l":"2576-5337","issn":["2576-5337","2692-1626"],"is_oa":true,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Digital Threats: Research and Practice","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"diamond","oa_url":"https://doi.org/10.1145/3744756","any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5013547418","display_name":"Chidera Biringa","orcid":"https://orcid.org/0000-0001-5904-2764"},"institutions":[{"id":"https://openalex.org/I100633361","display_name":"University of Massachusetts Dartmouth","ror":"https://ror.org/00fzmm222","country_code":"US","type":"education","lineage":["https://openalex.org/I100633361"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Chidera Biringa","raw_affiliation_strings":["University of Massachusetts Dartmouth, Dartmouth, Massachusetts, USA"],"raw_orcid":"https://orcid.org/0000-0001-5904-2764","affiliations":[{"raw_affiliation_string":"University of Massachusetts Dartmouth, Dartmouth, Massachusetts, USA","institution_ids":["https://openalex.org/I100633361"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5039228531","display_name":"G\u00f6khan Kul","orcid":"https://orcid.org/0000-0001-6467-1979"},"institutions":[{"id":"https://openalex.org/I100633361","display_name":"University of Massachusetts Dartmouth","ror":"https://ror.org/00fzmm222","country_code":"US","type":"education","lineage":["https://openalex.org/I100633361"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"G\u00f6khan Kul","raw_affiliation_strings":["University of Massachusetts Dartmouth, Dartmouth, Massachusetts, USA"],"raw_orcid":"https://orcid.org/0000-0001-6467-1979","affiliations":[{"raw_affiliation_string":"University of Massachusetts Dartmouth, Dartmouth, Massachusetts, USA","institution_ids":["https://openalex.org/I100633361"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5013547418"],"corresponding_institution_ids":["https://openalex.org/I100633361"],"apc_list":null,"apc_paid":null,"fwci":3.662,"has_fulltext":false,"cited_by_count":1,"citation_normalized_percentile":{"value":0.9387231,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":96,"max":98},"biblio":{"volume":"6","issue":"3","first_page":"1","last_page":"16"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11986","display_name":"Scientific Computing and Data Management","score":0.9954000115394592,"subfield":{"id":"https://openalex.org/subfields/1802","display_name":"Information Systems and Management"},"field":{"id":"https://openalex.org/fields/18","display_name":"Decision Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},"topics":[{"id":"https://openalex.org/T11986","display_name":"Scientific Computing and Data Management","score":0.9954000115394592,"subfield":{"id":"https://openalex.org/subfields/1802","display_name":"Information Systems and Management"},"field":{"id":"https://openalex.org/fields/18","display_name":"Decision Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9789000153541565,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9126999974250793,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.5823674201965332},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.5585877895355225},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.36990925669670105},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.33078867197036743},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.3276212513446808},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.2360890805721283}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.5823674201965332},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.5585877895355225},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.36990925669670105},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.33078867197036743},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.3276212513446808},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.2360890805721283}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3744756","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3744756","pdf_url":null,"source":{"id":"https://openalex.org/S4210235901","display_name":"Digital Threats Research and Practice","issn_l":"2576-5337","issn":["2576-5337","2692-1626"],"is_oa":true,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Digital Threats: Research and Practice","raw_type":"journal-article"}],"best_oa_location":{"id":"doi:10.1145/3744756","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3744756","pdf_url":null,"source":{"id":"https://openalex.org/S4210235901","display_name":"Digital Threats Research and Practice","issn_l":"2576-5337","issn":["2576-5337","2692-1626"],"is_oa":true,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Digital Threats: Research and Practice","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":15,"referenced_works":["https://openalex.org/W1601035152","https://openalex.org/W1963856035","https://openalex.org/W1982820384","https://openalex.org/W2082164499","https://openalex.org/W2147152072","https://openalex.org/W2187089797","https://openalex.org/W2250539671","https://openalex.org/W2253422197","https://openalex.org/W2254160488","https://openalex.org/W2799915114","https://openalex.org/W2947593054","https://openalex.org/W3129392652","https://openalex.org/W3131633772","https://openalex.org/W3175878584","https://openalex.org/W4253731935"],"related_works":["https://openalex.org/W4391375266","https://openalex.org/W2899084033","https://openalex.org/W2748952813","https://openalex.org/W2390279801","https://openalex.org/W4391913857","https://openalex.org/W2358668433","https://openalex.org/W4396701345","https://openalex.org/W2376932109","https://openalex.org/W2001405890","https://openalex.org/W4396696052"],"abstract_inverted_index":{"Software":[0],"developers":[1],"frequently":[2],"hard-code":[3],"credentials":[4,37,63,78],"such":[5,50,99],"as":[6,51,100],"passwords,":[7],"generic":[8,13],"secrets,":[9],"private":[10],"keys,":[11],"and":[12,81,145],"tokens":[14],"in":[15,85,120,131],"software":[16],"repositories,":[17],"even":[18],"though":[19],"it":[20],"is":[21],"strictly":[22],"advised":[23],"against":[24],"due":[25],"to":[26,30,46,60,67,75,114,141,150,155],"the":[27,31,34,107,162,166,174],"severe":[28],"threat":[29],"security":[32],"of":[33,165],"software.":[35],"These":[36],"create":[38],"attack":[39],"surfaces":[40],"exploitable":[41],"by":[42,105,168],"a":[43,124,151],"potential":[44],"adversary":[45],"conduct":[47],"malicious":[48],"exploits,":[49],"backdoor":[52],"attacks.":[53],"Recent":[54],"detection":[55],"efforts":[56],"utilize":[57],"embedding":[58,148],"models":[59,73],"vectorize":[61],"textual":[62],"before":[64],"passing":[65],"them":[66],"classifiers":[68],"for":[69,112],"predictions.":[70,88],"However,":[71],"these":[72,143],"struggle":[74],"discriminate":[76],"between":[77,118],"with":[79],"contextual":[80,116],"complex":[82],"sequences":[83],"resulting":[84],"high":[86],"false-positive":[87],"Context-dependent":[89],"Pre-Trained":[90],"Language":[91,96],"Models":[92,97],"(PLMs)":[93],"or":[94],"Large":[95],"(LLMs)":[98],"GPT":[101,126],"tackled":[102],"this":[103],"drawback":[104],"leveraging":[106],"transformer":[108],"neural":[109],"architecture":[110],"capacity":[111],"self-attention":[113],"capture":[115],"dependencies":[117],"words":[119],"input":[121],"sequences.":[122],"As":[123],"result,":[125],"has":[127],"achieved":[128],"wide":[129],"success":[130],"several":[132],"natural":[133],"language":[134],"understanding":[135],"endeavors.":[136],"Hence,":[137],"we":[138],"assess":[139],"LLMs":[140],"represent":[142],"observations":[144],"feed":[146],"extracted":[147],"vectors":[149],"deep":[152],"learning":[153],"classifier":[154],"detect":[156],"hard-coded":[157],"credentials.":[158],"Our":[159],"model":[160],"outperforms":[161],"current":[163],"state":[164],"art":[167],"13%":[169],"\\(\\in\\)":[170],"F1":[171],"measure":[172],"on":[173],"benchmark":[175],"dataset.":[176]},"counts_by_year":[{"year":2026,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}