{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,28]],"date-time":"2025-03-28T00:09:48Z","timestamp":1743120588022,"version":"3.40.3"},"publisher-location":"Cham","reference-count":39,"publisher":"Springer Nature Switzerland","isbn-type":[{"type":"print","value":"9783031398469"},{"type":"electronic","value":"9783031398476"}],"license":[{"start":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T00:00:00Z","timestamp":1672531200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T00:00:00Z","timestamp":1672531200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2023]]},"DOI":"10.1007\/978-3-031-39847-6_4","type":"book-chapter","created":{"date-parts":[[2023,8,17]],"date-time":"2023-08-17T17:02:46Z","timestamp":1692291766000},"page":"52-67","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["A Study on\u00a0Vulnerability Code Labeling Method in\u00a0Open-Source C Programs"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0009-0001-1232-4489","authenticated-orcid":false,"given":"Yaning","family":"Zheng","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Dongxia","family":"Wang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Huayang","family":"Cao","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Cheng","family":"Qian","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Xiaohui","family":"Kuang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Honglin","family":"Zhuang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2023,8,18]]},"reference":[{"key":"4_CR1","unstructured":"Zhou, Y., Liu, S., Siow, J., Du, X., Liu, Y.: Devign: effective vulnerability identification by learning comprehensive program semantics via graph neural networks (2019)"},{"key":"4_CR2","doi-asserted-by":"crossref","unstructured":"Wang, X., Wang, S., Feng, P., Sun, K., Jajodia, S.: PatchDB: a large-scale security patch dataset. In: 2021 51st Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN), pp. 149\u2013160 (2021)","DOI":"10.1109\/DSN48987.2021.00030"},{"key":"4_CR3","doi-asserted-by":"publisher","first-page":"106566","DOI":"10.1016\/j.infsof.2021.106566","volume":"135","author":"L Ghadhab","year":"2021","unstructured":"Ghadhab, L., Jenhani, I., Mkaouer, M.W., Messaoud, M.B.: Augmenting commit classification by using fine-grained source code changes and a pre-trained deep neural language model. Inf. Softw. Technol. 135, 106566 (2021)","journal-title":"Inf. Softw. Technol."},{"key":"4_CR4","unstructured":"NVD. https:\/\/nvd.nist.gov\/"},{"key":"4_CR5","unstructured":"CVE. https:\/\/cve.mitre.org\/"},{"key":"4_CR6","doi-asserted-by":"crossref","unstructured":"Gu, Z., Wu, J., Liu, J., Zhou, M., Gu, M.: An empirical study on API-misuse bugs in open-source C programs. In: 2019 IEEE 43rd Annual Computer Software and Applications Conference (COMPSAC), vol. 1, pp. 11\u201320 (2019)","DOI":"10.1109\/COMPSAC.2019.00012"},{"key":"4_CR7","unstructured":"SARD. https:\/\/samate.nist.gov\/SARD"},{"key":"4_CR8","doi-asserted-by":"publisher","first-page":"654","DOI":"10.1049\/iet-sen.2020.0084","volume":"14","author":"A Semasaba","year":"2020","unstructured":"Semasaba, A., Zheng, W., Wu, X., Agyemang, S.: Literature survey of deep learning-based vulnerability analysis on source code. IET Softw. 14, 654\u2013664 (2020)","journal-title":"IET Softw."},{"issue":"10","key":"4_CR9","doi-asserted-by":"publisher","first-page":"1825","DOI":"10.1109\/JPROC.2020.2993293","volume":"108","author":"G Lin","year":"2020","unstructured":"Lin, G., Wen, S., Han, Q.-L., Zhang, J., Xiang, Y.: Software vulnerability detection using deep neural networks: a survey. Proc. IEEE 108(10), 1825\u20131848 (2020)","journal-title":"Proc. IEEE"},{"key":"4_CR10","doi-asserted-by":"crossref","unstructured":"Jimenez, M., Rwemalika, R., Papadakis, M., Sarro, F., Traon, Y.L., Harman, M.: The importance of accounting for real-world labelling when predicting software vulnerabilities. In: Proceedings of the 2019 27th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering, ESEC\/FSE 2019, New York, NY, USA, pp. 695\u2013705. Association for Computing Machinery (2019)","DOI":"10.1145\/3338906.3338941"},{"key":"4_CR11","unstructured":"Croft, R., Xie, Y., Babar, M.A.: Data preparation for software vulnerability prediction: a systematic literature review. IEEE Trans. Softw. Eng. 1 (2022)"},{"key":"4_CR12","doi-asserted-by":"crossref","unstructured":"Croft, R., Ali Babar, M., Chen, H.: Noisy label learning for security defects (2022)","DOI":"10.1145\/3524842.3528446"},{"key":"4_CR13","unstructured":"Grahn, D., Zhang, J.: An analysis of C\/C++ datasets for machine learning-assisted software vulnerability detection. In: Conference on Applied Machine Learning for Information Security, Arlington, VA (2021)"},{"key":"4_CR14","doi-asserted-by":"crossref","unstructured":"Lin, Y., et al.: Vulnerability dataset construction methods applied to vulnerability detection: a survey. In Undefined (2022)","DOI":"10.1109\/DSN-W54100.2022.00032"},{"key":"4_CR15","doi-asserted-by":"publisher","first-page":"e975","DOI":"10.7717\/peerj-cs.975","volume":"8","author":"L Liu","year":"2022","unstructured":"Liu, L., Li, Z., Wen, Y., Chen, P.: Investigating the impact of vulnerability datasets on deep learning-based vulnerability detectors. PeerJ Comput. Sci. 8, e975 (2022)","journal-title":"PeerJ Comput. Sci."},{"key":"4_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"219","DOI":"10.1007\/978-3-030-41579-2_13","volume-title":"Information and Communications Security","author":"G Lin","year":"2020","unstructured":"Lin, G., Xiao, W., Zhang, J., Xiang, Y.: Deep learning-based vulnerable function detection: a benchmark. In: Zhou, J., Luo, X., Shen, Q., Xu, Z. (eds.) ICICS 2019. LNCS, vol. 11999, pp. 219\u2013232. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-41579-2_13"},{"key":"4_CR17","doi-asserted-by":"crossref","unstructured":"Li, Z., Zou, D., Xu, S., Chen, Z., Zhu, Y., Jin, H.: VulDeeLocator: a deep learning-based fine-grained vulnerability detector. IEEE Trans. Dependable Secure Comput. 1 (2021)","DOI":"10.1109\/TDSC.2021.3076142"},{"key":"4_CR18","doi-asserted-by":"crossref","unstructured":"Russell, R.L., et al.: Automated vulnerability detection in source code using deep representation learning. In: Automated Vulnerability Detection in Source Code Using Deep Representation Learning, pp. 757\u2013762 (2018)","DOI":"10.1109\/ICMLA.2018.00120"},{"key":"4_CR19","unstructured":"Chakraborty, S., Krishna, R., Ding, Y., Ray, B.: Deep learning based vulnerability detection: are we there yet? (2020)"},{"key":"4_CR20","doi-asserted-by":"crossref","unstructured":"Fan, J., Li, Y., Wang, S., Nguyen, T.N.: A C\/C++ code vulnerability dataset with code changes and CVE summaries. In: Proceedings of the 17th International Conference on Mining Software Repositories, pp. 508\u2013512. Association for Computing Machinery, New York (2020)","DOI":"10.1145\/3379597.3387501"},{"key":"4_CR21","doi-asserted-by":"crossref","unstructured":"Zheng, Y., et al.: D2A: a dataset built for AI-based vulnerability detection methods using differential analysis. In: 2021 IEEE\/ACM 43rd International Conference on Software Engineering: Software Engineering in Practice (ICSE-SEIP), pp. 111\u2013120 (2021)","DOI":"10.1109\/ICSE-SEIP52600.2021.00020"},{"issue":"4","key":"4_CR22","doi-asserted-by":"publisher","first-page":"1270","DOI":"10.3390\/app10041270","volume":"10","author":"R Raducu","year":"2020","unstructured":"Raducu, R., Esteban, G., Lera, F.J.R., Fern\u00e1ndez, C.: Collecting vulnerable source code from open-source repositories for dataset generation. Appl. Sci. 10(4), 1270 (2020)","journal-title":"Appl. Sci."},{"key":"4_CR23","doi-asserted-by":"crossref","unstructured":"Liu, B., et al.: A large-scale empirical study on vulnerability distribution within projects and the lessons learned. In: 2020 IEEE\/ACM 42nd International Conference on Software Engineering (ICSE), pp. 1547\u20131559 (2020)","DOI":"10.1145\/3377811.3380923"},{"key":"4_CR24","doi-asserted-by":"crossref","unstructured":"Nikitopoulos, G., Dritsa, K., Louridas, P., Mitropoulos, D.: CrossVul: a cross-language vulnerability dataset with commit data. In: Proceedings of the 29th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering, ESEC\/FSE 2021, New York, NY, USA, pp. 1565\u20131569. Association for Computing Machinery (2021)","DOI":"10.1145\/3468264.3473122"},{"key":"4_CR25","unstructured":"Harer, J.A., et al.: Automated software vulnerability detection with machine learning (2018)"},{"key":"4_CR26","unstructured":"Min, Y.: 2022 Beijing cyber security conference (BCS). https:\/\/bcs.qianxin.com\/speaker\/detail?id=63"},{"key":"4_CR27","doi-asserted-by":"crossref","unstructured":"Berger, E.D., Hollenbeck, C., Maj, P., Vitek, O., Vitek, J.: On the impact of programming languages on code quality: a reproduction study. ACM Trans. Program. Lang. Syst. 41(4), 21:1\u201321:24 (2019)","DOI":"10.1145\/3340571"},{"key":"4_CR28","doi-asserted-by":"crossref","unstructured":"Zafar, S., Malik, M.Z., Walia, G.S.: Towards standardizing and improving classification of bug-fix commits. In: 2019 ACM\/IEEE International Symposium on Empirical Software Engineering and Measurement (ESEM), pp. 1\u20136 (2019)","DOI":"10.1109\/ESEM.2019.8870174"},{"key":"4_CR29","doi-asserted-by":"crossref","unstructured":"Tan, X., et al.: Locating the security patches for disclosed OSS vulnerabilities with vulnerability-commit correlation ranking. In: Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security, CCS 2021, New York, NY, USA, pp. 3282\u20133299. Association for Computing Machinery (2021)","DOI":"10.1145\/3460120.3484593"},{"key":"4_CR30","doi-asserted-by":"crossref","unstructured":"Wang, X., et al.: PatchRNN: a deep learning-based system for security patch identification. In: MILCOM 2021\u20132021 IEEE Military Communications Conference (MILCOM) (2021)","DOI":"10.1109\/MILCOM52596.2021.9652940"},{"key":"4_CR31","doi-asserted-by":"crossref","unstructured":"Hong, H., Woo, S., Lee, H.: Dicos: discovering insecure code snippets from stack overflow posts by leveraging user discussions. In: Annual Computer Security Applications Conference, ACSAC, New York, NY, USA, pp. 194\u2013206. Association for Computing Machinery (2021)","DOI":"10.1145\/3485832.3488026"},{"key":"4_CR32","doi-asserted-by":"crossref","unstructured":"Li, Z., et al.: VulDeePecker: a deep learning-based system for vulnerability detection. In: Proceedings 2018 Network and Distributed System Security Symposium (2018)","DOI":"10.14722\/ndss.2018.23158"},{"key":"4_CR33","unstructured":"SEVulDet: A Semantics-Enhanced Learnable Vulnerability Detector (2022)"},{"key":"4_CR34","doi-asserted-by":"crossref","unstructured":"Falleri, J.-R., Morandat, F., Blanc, X., Martinez, M., Monperrus, M.: Fine-grained and accurate source code differencing. In: Proceedings of the 29th ACM\/IEEE International Conference on Automated Software Engineering, ASE 2014, New York, NY, USA, pp. 313\u2013324. Association for Computing Machinery (2014)","DOI":"10.1145\/2642937.2642982"},{"key":"4_CR35","doi-asserted-by":"crossref","unstructured":"Dotzler, G., Philippsen, M.: Move-optimized source code tree differencing. In: Proceedings of the 31st IEEE\/ACM International Conference on Automated Software Engineering, ASE 2016, New York, NY, USA, pp. 660\u2013671. Association for Computing Machinery (2016)","DOI":"10.1145\/2970276.2970315"},{"key":"4_CR36","doi-asserted-by":"crossref","unstructured":"Frick, V., Grassauer, T., Beck, F., Pinzger, M.: Generating accurate and compact edit scripts using tree differencing. In: 2018 IEEE International Conference on Software Maintenance and Evolution (ICSME), pp. 264\u2013274 (2018)","DOI":"10.1109\/ICSME.2018.00036"},{"key":"4_CR37","doi-asserted-by":"crossref","unstructured":"Tsantalis, N., Mansouri, M., Eshkevari, L.M., Mazinanian, D., Dig, D.: Accurate and efficient refactoring detection in commit history. In Proceedings of the 40th International Conference on Software Engineering, ICSE 2018, New York, NY, USA, pp. 483\u2013494. Association for Computing Machinery (2018)","DOI":"10.1145\/3180155.3180206"},{"key":"4_CR38","unstructured":"FixMiner: Mining relevant fix patterns for automated program repair. Empirical Software Engineering"},{"issue":"11","key":"4_CR39","doi-asserted-by":"publisher","first-page":"725","DOI":"10.1109\/TSE.2007.70731","volume":"33","author":"B Fluri","year":"2007","unstructured":"Fluri, B., Wuersch, M., Inzger, M.P., Gall, H.: Change distilling: tree differencing for fine-grained source code change extraction. IEEE Trans. Softw. Eng. 33(11), 725\u2013743 (2007)","journal-title":"IEEE Trans. Softw. Eng."}],"container-title":["Lecture Notes in Computer Science","Database and Expert Systems Applications"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-39847-6_4","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,3,13]],"date-time":"2024-03-13T12:26:37Z","timestamp":1710332797000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-39847-6_4"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023]]},"ISBN":["9783031398469","9783031398476"],"references-count":39,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-39847-6_4","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2023]]},"assertion":[{"value":"18 August 2023","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"DEXA","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Database and Expert Systems Applications","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Penang","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Malaysia","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2023","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"28 August 2023","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"30 August 2023","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"34","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"dexa2023","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/www.dexa.org\/dexa2023","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Single-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"EquinOCS","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"155","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"49","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"35","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"32% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"4","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"For the workshops 7 full and 3 short papers have been accepted from 20 submissions","order":10,"name":"additional_info_on_review_process","label":"Additional Info on Review Process","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}