{"id":"https://openalex.org/W4394717192","doi":"https://doi.org/10.3390/info15040216","title":"There Are Infinite Ways to Formulate Code: How to Mitigate the Resulting Problems for Better Software Vulnerability Detection","display_name":"There Are Infinite Ways to Formulate Code: How to Mitigate the Resulting Problems for Better Software Vulnerability Detection","publication_year":2024,"publication_date":"2024-04-11","ids":{"openalex":"https://openalex.org/W4394717192","doi":"https://doi.org/10.3390/info15040216"},"language":"en","primary_location":{"id":"doi:10.3390/info15040216","is_oa":true,"landing_page_url":"https://doi.org/10.3390/info15040216","pdf_url":"https://www.mdpi.com/2078-2489/15/4/216/pdf?version=1712824539","source":{"id":"https://openalex.org/S4210219776","display_name":"Information","issn_l":"2078-2489","issn":["2078-2489"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Information","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://www.mdpi.com/2078-2489/15/4/216/pdf?version=1712824539","any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5073274924","display_name":"Jinghua Groppe","orcid":"https://orcid.org/0009-0009-0295-7029"},"institutions":[{"id":"https://openalex.org/I9341345","display_name":"University of L\u00fcbeck","ror":"https://ror.org/00t3r8h32","country_code":"DE","type":"education","lineage":["https://openalex.org/I9341345"]}],"countries":["DE"],"is_corresponding":true,"raw_author_name":"Jinghua Groppe","raw_affiliation_strings":["Institute of Information Systems (IFIS), University of L\u00fcbeck, Ratzeburger Allee 160, 23562 L\u00fcbeck, Germany"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Institute of Information Systems (IFIS), University of L\u00fcbeck, Ratzeburger Allee 160, 23562 L\u00fcbeck, Germany","institution_ids":["https://openalex.org/I9341345"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5029547855","display_name":"Sven Groppe","orcid":"https://orcid.org/0000-0001-5196-1117"},"institutions":[{"id":"https://openalex.org/I9341345","display_name":"University of L\u00fcbeck","ror":"https://ror.org/00t3r8h32","country_code":"DE","type":"education","lineage":["https://openalex.org/I9341345"]}],"countries":["DE"],"is_corresponding":true,"raw_author_name":"Sven Groppe","raw_affiliation_strings":["Institute of Information Systems (IFIS), University of L\u00fcbeck, Ratzeburger Allee 160, 23562 L\u00fcbeck, Germany"],"raw_orcid":"https://orcid.org/0000-0001-5196-1117","affiliations":[{"raw_affiliation_string":"Institute of Information Systems (IFIS), University of L\u00fcbeck, Ratzeburger Allee 160, 23562 L\u00fcbeck, Germany","institution_ids":["https://openalex.org/I9341345"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5042200244","display_name":"Daniel Senf","orcid":null},"institutions":[{"id":"https://openalex.org/I1305418528","display_name":"Lufthansa (Germany)","ror":"https://ror.org/05hp2t033","country_code":"DE","type":"company","lineage":["https://openalex.org/I1305418528"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Daniel Senf","raw_affiliation_strings":["Lufthansa Industry Solutions AS GmbH, Sch\u00fctzenwall 1, 22844 Norderstedt, Germany"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Lufthansa Industry Solutions AS GmbH, Sch\u00fctzenwall 1, 22844 Norderstedt, Germany","institution_ids":["https://openalex.org/I1305418528"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5101970015","display_name":"Ralf M\u00f6ller","orcid":"https://orcid.org/0000-0002-1174-3323"},"institutions":[{"id":"https://openalex.org/I9341345","display_name":"University of L\u00fcbeck","ror":"https://ror.org/00t3r8h32","country_code":"DE","type":"education","lineage":["https://openalex.org/I9341345"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Ralf M\u00f6ller","raw_affiliation_strings":["Institute of Information Systems (IFIS), University of L\u00fcbeck, Ratzeburger Allee 160, 23562 L\u00fcbeck, Germany"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Institute of Information Systems (IFIS), University of L\u00fcbeck, Ratzeburger Allee 160, 23562 L\u00fcbeck, Germany","institution_ids":["https://openalex.org/I9341345"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5029547855","https://openalex.org/A5073274924"],"corresponding_institution_ids":["https://openalex.org/I9341345"],"apc_list":{"value":1400,"currency":"CHF","value_usd":1515},"apc_paid":{"value":1400,"currency":"CHF","value_usd":1515},"fwci":2.1309,"has_fulltext":true,"cited_by_count":3,"citation_normalized_percentile":{"value":0.8909753,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":96},"biblio":{"volume":"15","issue":"4","first_page":"216","last_page":"216"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12423","display_name":"Software Reliability and Analysis Research","score":0.9980000257492065,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9979000091552734,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7870985269546509},{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.6815462708473206},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.6567808389663696},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.6200829744338989},{"id":"https://openalex.org/keywords/deep-learning","display_name":"Deep learning","score":0.5766674280166626},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.5155503749847412},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.5042606592178345},{"id":"https://openalex.org/keywords/generalization","display_name":"Generalization","score":0.4964976906776428},{"id":"https://openalex.org/keywords/context","display_name":"Context (archaeology)","score":0.4719383418560028},{"id":"https://openalex.org/keywords/variable","display_name":"Variable (mathematics)","score":0.4256262183189392},{"id":"https://openalex.org/keywords/natural-language","display_name":"Natural language","score":0.4192942678928375},{"id":"https://openalex.org/keywords/vocabulary","display_name":"Vocabulary","score":0.4161820113658905},{"id":"https://openalex.org/keywords/natural-language-processing","display_name":"Natural language processing","score":0.3887147903442383},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.15531781315803528},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.15019646286964417}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7870985269546509},{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.6815462708473206},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.6567808389663696},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.6200829744338989},{"id":"https://openalex.org/C108583219","wikidata":"https://www.wikidata.org/wiki/Q197536","display_name":"Deep learning","level":2,"score":0.5766674280166626},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.5155503749847412},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.5042606592178345},{"id":"https://openalex.org/C177148314","wikidata":"https://www.wikidata.org/wiki/Q170084","display_name":"Generalization","level":2,"score":0.4964976906776428},{"id":"https://openalex.org/C2779343474","wikidata":"https://www.wikidata.org/wiki/Q3109175","display_name":"Context (archaeology)","level":2,"score":0.4719383418560028},{"id":"https://openalex.org/C182365436","wikidata":"https://www.wikidata.org/wiki/Q50701","display_name":"Variable (mathematics)","level":2,"score":0.4256262183189392},{"id":"https://openalex.org/C195324797","wikidata":"https://www.wikidata.org/wiki/Q33742","display_name":"Natural language","level":2,"score":0.4192942678928375},{"id":"https://openalex.org/C2777601683","wikidata":"https://www.wikidata.org/wiki/Q6499736","display_name":"Vocabulary","level":2,"score":0.4161820113658905},{"id":"https://openalex.org/C204321447","wikidata":"https://www.wikidata.org/wiki/Q30642","display_name":"Natural language processing","level":1,"score":0.3887147903442383},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.15531781315803528},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.15019646286964417},{"id":"https://openalex.org/C41895202","wikidata":"https://www.wikidata.org/wiki/Q8162","display_name":"Linguistics","level":1,"score":0.0},{"id":"https://openalex.org/C134306372","wikidata":"https://www.wikidata.org/wiki/Q7754","display_name":"Mathematical analysis","level":1,"score":0.0},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.0},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0},{"id":"https://openalex.org/C151730666","wikidata":"https://www.wikidata.org/wiki/Q7205","display_name":"Paleontology","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.3390/info15040216","is_oa":true,"landing_page_url":"https://doi.org/10.3390/info15040216","pdf_url":"https://www.mdpi.com/2078-2489/15/4/216/pdf?version=1712824539","source":{"id":"https://openalex.org/S4210219776","display_name":"Information","issn_l":"2078-2489","issn":["2078-2489"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Information","raw_type":"journal-article"},{"id":"pmh:oai:doaj.org/article:cc258c7b89544f6dab2da4015daab505","is_oa":false,"landing_page_url":"https://doaj.org/article/cc258c7b89544f6dab2da4015daab505","pdf_url":null,"source":{"id":"https://openalex.org/S4306401280","display_name":"DOAJ (DOAJ: Directory of Open Access Journals)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Information, Vol 15, Iss 4, p 216 (2024)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.3390/info15040216","is_oa":true,"landing_page_url":"https://doi.org/10.3390/info15040216","pdf_url":"https://www.mdpi.com/2078-2489/15/4/216/pdf?version=1712824539","source":{"id":"https://openalex.org/S4210219776","display_name":"Information","issn_l":"2078-2489","issn":["2078-2489"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Information","raw_type":"journal-article"},"sustainable_development_goals":[{"score":0.46000000834465027,"id":"https://metadata.un.org/sdg/4","display_name":"Quality Education"}],"awards":[{"id":"https://openalex.org/G1557662813","display_name":null,"funder_award_id":"16KIS1337","funder_id":"https://openalex.org/F4320321114","funder_display_name":"Bundesministerium f\u00fcr Bildung und Forschung"}],"funders":[{"id":"https://openalex.org/F4320321114","display_name":"Bundesministerium f\u00fcr Bildung und Forschung","ror":"https://ror.org/04pz7b180"}],"has_content":{"pdf":true,"grobid_xml":false},"content_urls":{"pdf":"https://content.openalex.org/works/W4394717192.pdf"},"referenced_works_count":37,"referenced_works":["https://openalex.org/W1537952312","https://openalex.org/W1563577331","https://openalex.org/W1596552075","https://openalex.org/W1992114977","https://openalex.org/W2010315761","https://openalex.org/W2014495095","https://openalex.org/W2059218484","https://openalex.org/W2102970979","https://openalex.org/W2103359087","https://openalex.org/W2117130368","https://openalex.org/W2125343911","https://openalex.org/W2126859103","https://openalex.org/W2130758759","https://openalex.org/W2163922914","https://openalex.org/W2187089797","https://openalex.org/W2360967250","https://openalex.org/W2535617737","https://openalex.org/W2574017551","https://openalex.org/W2593936952","https://openalex.org/W2618530766","https://openalex.org/W2781491433","https://openalex.org/W2796200341","https://openalex.org/W2806718802","https://openalex.org/W2885030880","https://openalex.org/W2962960733","https://openalex.org/W2972135640","https://openalex.org/W3098605233","https://openalex.org/W3101228802","https://openalex.org/W3138429261","https://openalex.org/W3166095789","https://openalex.org/W4233410239","https://openalex.org/W4298315945","https://openalex.org/W4385573841","https://openalex.org/W4385958834","https://openalex.org/W6675321185","https://openalex.org/W6675416627","https://openalex.org/W6767260250"],"related_works":["https://openalex.org/W17155033","https://openalex.org/W3207760230","https://openalex.org/W1496222301","https://openalex.org/W4312814274","https://openalex.org/W1590307681","https://openalex.org/W2906845177","https://openalex.org/W4200107511","https://openalex.org/W2891427086","https://openalex.org/W1968625315","https://openalex.org/W2017877785"],"abstract_inverted_index":{"Given":[0],"a":[1,23,41,45,55,89,134,147,219],"set":[2],"of":[3,51,57,61,67,88,102,110,180,228,237],"software":[4,24,80],"programs,":[5],"each":[6],"being":[7],"labeled":[8],"either":[9],"as":[10,243],"vulnerable":[11],"or":[12],"benign,":[13],"deep":[14,76,141,188,195],"learning":[15,77,119,142,189,196],"technology":[16],"can":[17,231],"be":[18,232],"used":[19],"to":[20,39,79,98,121,154,171,234,240],"automatically":[21],"build":[22],"vulnerability":[25,68,81,111,210],"detector.":[26],"A":[27],"challenge":[28],"in":[29,44,70,108,184,202],"this":[30,166,173,203],"context":[31],"is":[32,53,72,130],"that":[33,194],"there":[34],"are":[35],"countless":[36],"equivalent":[37],"ways":[38],"implement":[40],"particular":[42],"functionality":[43],"program.":[46],"For":[47],"instance,":[48],"the":[49,58,65,85,100,127,155,161,177,214],"naming":[50,106,156],"variables":[52],"often":[54,131],"matter":[56],"personal":[59],"style":[60],"programmers,":[62],"and":[63,91,118],"thus,":[64],"detection":[66,82],"patterns":[69],"programs":[71],"made":[73],"difficult.":[74],"Current":[75],"approaches":[78,138,208],"rely":[83],"on":[84,114,140,199],"raw":[86,128,206],"text":[87,207],"program":[90],"exploit":[92],"general":[93],"natural":[94,115],"language":[95,116],"processing":[96],"capabilities":[97],"address":[99],"problem":[101,174],"dealing":[103],"with":[104,149],"different":[105],"schemes":[107],"instances":[109],"patterns.":[112],"Relying":[113],"processing,":[117],"how":[120],"reveal":[122],"variable":[123,181],"reference":[124],"structures":[125],"from":[126],"text,":[129],"too":[132],"high":[133],"burden,":[135],"however.":[136],"Thus,":[137],"based":[139,198],"still":[143],"exhibit":[144],"problems":[145],"generating":[146],"detector":[148],"decent":[150],"generalization":[151],"properties":[152],"due":[153],"or,":[157],"more":[158],"generally":[159],"formulated,":[160],"vocabulary":[162],"explosion":[163],"problem.":[164],"In":[165,212],"work,":[167],"we":[168],"propose":[169],"techniques":[170,200,216],"mitigate":[172],"by":[175],"making":[176],"referential":[178],"structure":[179],"references":[182],"explicit":[183],"input":[185],"representations":[186],"for":[187,209],"approaches.":[190],"Evaluation":[191],"results":[192],"show":[193],"models":[197],"presented":[201],"article":[204],"outperform":[205],"detection.":[211],"addition,":[213],"new":[215],"also":[217],"induce":[218],"very":[220],"small":[221],"main":[222],"memory":[223,229],"footprint.":[224],"The":[225],"efficiency":[226],"gain":[227],"usage":[230],"up":[233],"four":[235],"orders":[236],"magnitude":[238],"compared":[239],"existing":[241],"methods":[242],"our":[244],"experiments":[245],"indicate.":[246]},"counts_by_year":[{"year":2025,"cited_by_count":2},{"year":2024,"cited_by_count":1}],"updated_date":"2026-05-21T06:26:12.895304","created_date":"2025-10-10T00:00:00"}