{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,25]],"date-time":"2025-03-25T23:46:44Z","timestamp":1742946404156,"version":"3.40.3"},"publisher-location":"Singapore","reference-count":28,"publisher":"Springer Nature Singapore","isbn-type":[{"type":"print","value":"9789819902712"},{"type":"electronic","value":"9789819902729"}],"license":[{"start":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T00:00:00Z","timestamp":1672531200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T00:00:00Z","timestamp":1672531200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2023]]},"DOI":"10.1007\/978-981-99-0272-9_8","type":"book-chapter","created":{"date-parts":[[2023,2,15]],"date-time":"2023-02-15T14:16:09Z","timestamp":1676470569000},"page":"116-128","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Vulnerability Detection with Representation Learning"],"prefix":"10.1007","author":[{"given":"Zhiqiang","family":"Wang","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Sulong","family":"Meng","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Ying","family":"Chen","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2023,2,16]]},"reference":[{"key":"8_CR1","doi-asserted-by":"crossref","unstructured":"Liu, Z., Yuan, Y., Wang, S., et al.: SoK: demystifying binary lifters through the lens of downstream applications. In: 2022 IEEE Symposium on Security and Privacy (SP), Los Alamitos, CA, USA. IEEE Computer Society, pp. 453\u2013472 (2022)","DOI":"10.1109\/SP46214.2022.9833799"},{"issue":"3","key":"8_CR2","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3428334","volume":"4","author":"A Hazimeh","year":"2020","unstructured":"Hazimeh, A., Herrera, A., Payer, M.: Magma: a ground-truth fuzzing benchmark. Proc. ACM Meas. Anal. Comput. Syst. 4(3), 1\u201329 (2020)","journal-title":"Proc. ACM Meas. Anal. Comput. Syst."},{"issue":"1","key":"8_CR3","doi-asserted-by":"publisher","first-page":"71","DOI":"10.1007\/s10009-020-00592-x","volume":"23","author":"P Ferrara","year":"2021","unstructured":"Ferrara, P., Mandal, A.K., Cortesi, A., et al.: Static analysis for discovering IoT vulnerabilities. Int. J. Softw. Tools Technol. Trans. 23(1), 71\u201388 (2021)","journal-title":"Int. J. Softw. Tools Technol. Trans."},{"issue":"3","key":"8_CR4","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/s10664-022-10126-5","volume":"27","author":"F Pecorelli","year":"2022","unstructured":"Pecorelli, F., Lujan, S., Lenarduzzi, V., et al.: On the adequacy of static analysis warnings with respect to code smell prediction. Empir. Softw. Eng. 27(3), 1\u201344 (2022)","journal-title":"Empir. Softw. Eng."},{"key":"8_CR5","doi-asserted-by":"crossref","unstructured":"Palit, T., Moon, J.F., Monrose, F., et al.: Dynpta: combining static and dynamic analysis for practical selective data protection. In: 2021 IEEE Symposium on Security and Privacy (SP). IEEE, pp. 1919\u20131937 (2021)","DOI":"10.1109\/SP40001.2021.00082"},{"key":"8_CR6","doi-asserted-by":"publisher","first-page":"25","DOI":"10.1016\/j.jpdc.2021.05.004","volume":"156","author":"CY Wang","year":"2021","unstructured":"Wang, C.Y., You, C.Y., Hsu, F.H., et al.: SMS observer: a dynamic mechanism to analyze the behavior of SMS-based malware. J. Parallel Distrib. Comput. 156, 25\u201337 (2021)","journal-title":"J. Parallel Distrib. Comput."},{"key":"8_CR7","doi-asserted-by":"crossref","unstructured":"Li, Y., Chen, B., Chandramohan, M., Lin, S.-W., Liu, Y., Tiu, A.: Steelix: program-state based binary fuzzing. In: Proceedings of the 2017 11th Joint Meeting on Foundations of Software Engineering. ACM, pp. 627\u2013637 (2017)","DOI":"10.1145\/3106237.3106295"},{"key":"8_CR8","doi-asserted-by":"crossref","unstructured":"Morrison, P., Herzig, K., Murphy, B., Williams, L.: Challenges with applying vulnerability prediction models. In: Proceedings of the 2015 Symposium and Bootcamp on the Science of Security, pp. 4 (2015)","DOI":"10.1145\/2746194.2746198"},{"key":"8_CR9","doi-asserted-by":"crossref","unstructured":"Hovsepyan, A., Scandariato, R., Joosen, W., Walden, J.: Software vulnerability prediction using text analysis techniques. In: Proceedings of 4th International Workshop Security Measurements and Metrics, MetriSec 2012, pp. 7\u201310 (2012)","DOI":"10.1145\/2372225.2372230"},{"key":"8_CR10","unstructured":"Mou, L., Li, G., Jin, Z., Zhang, L., Wang, T.: TBCNN: a tree-based convolutional neural network for programming language processing. CoRR (2014)"},{"key":"8_CR11","doi-asserted-by":"crossref","unstructured":"Li, Z., et al.: VulDeePecker: a deep learning-based system for vulnerability detection. CoRR abs\/1801.01681 (2018)","DOI":"10.14722\/ndss.2018.23158"},{"key":"8_CR12","doi-asserted-by":"crossref","unstructured":"Wartschinski, L., et al.: VUDENC: vulnerability detection with deep learning on a natural codebase for Python. Inf. Softw. Technol. 106809 (2022)","DOI":"10.1016\/j.infsof.2021.106809"},{"key":"8_CR13","doi-asserted-by":"crossref","unstructured":"Zhang, Y., Gao, X., Duck, G.J., et al.: Program vulnerability repair via inductive inference (2022)","DOI":"10.1145\/3533767.3534387"},{"key":"8_CR14","doi-asserted-by":"crossref","unstructured":"Siow, J.K., Liu, S., Xie, X., et al.: Learning program semantics with code representations: an empirical study. arXiv preprint arXiv:2203.11790 (2022)","DOI":"10.1109\/SANER53432.2022.00073"},{"key":"8_CR15","unstructured":"Schrammel, D., Weiser, S., Sadek, R., et al.: Jenny: securing syscalls for PKU-based memory isolation systems. In: USENIX Security Symposium (2022)"},{"key":"8_CR16","unstructured":"He, L., Hu, H., Su, P., et al.: FreeWill: automatically diagnosing use-after-free bugs via reference miscounting detection on binaries. In: 31st USENIX Security Symposium (USENIX Security 2022), pp. 2497\u20132512 (2022)"},{"key":"8_CR17","doi-asserted-by":"crossref","unstructured":"Liu, K., Kim, D., Bissyand'e, T.F., Yoo, S., Le Traon, Y.: Mining fix patterns for findbugs violations. IEEE Trans. Softw. Eng. 47, 165\u2013188 (2018)","DOI":"10.1109\/TSE.2018.2884955"},{"key":"8_CR18","unstructured":"J. Harer, O., et al.: Learning to repair software vulnerabilities with generative adversarial networks. In: Advances in Neural Information Processing Systems, pp. 7933\u20137943 (2018)"},{"key":"8_CR19","doi-asserted-by":"crossref","unstructured":"Gupta, R., Pal, S., Kanade, A., Shevade, S.: Deepfix: fixing common c language errors by deep learning. In: Thirty-First AAAI Conference on Artificial Intelligence (2017)","DOI":"10.1609\/aaai.v31i1.10742"},{"key":"8_CR20","unstructured":"SQL Injection (2020). https:\/\/owasp.org\/www-community\/attacks\/SQL_Injection. Accessed 14 May 2022"},{"key":"8_CR21","unstructured":"Cross-site Scripting (2020). https:\/\/owasp.org\/www-community\/attacks\/xss\/. Accessed 14 May 2022"},{"key":"8_CR22","unstructured":"Command Injection (2020). https:\/\/owasp.org\/www-community\/attacks\/Command_Injection. Accessed 14 May 2022"},{"key":"8_CR23","unstructured":"Cross Site Request Forgery (2020). https:\/\/owasp.org\/www-community\/attacks\/csrf. Accessed 14 May 2022"},{"key":"8_CR24","unstructured":"Code Injection (2020). https:\/\/owasp.org\/www-community\/attacks\/Code_Injection. Accessed 14 May 2022"},{"key":"8_CR25","unstructured":"CWE-601: Open Redirect (2020). https:\/\/cwe.mitre.org\/data\/definitions\/601. Accessed 14 May 2022"},{"key":"8_CR26","doi-asserted-by":"crossref","unstructured":"Shin, Y., Williams, L.: An empirical model to predict security vulnerabilities using code complexity metrics. In: Proceedings of the Second ACM-IEEE International Symposium on Empirical Software Engineering and Measurement, pp. 315\u2013317 (2008)","DOI":"10.1145\/1414004.1414065"},{"key":"8_CR27","doi-asserted-by":"crossref","unstructured":"Chowdhury, I., Zulkernine, M.: Using complexity, coupling, and cohesion metrics as early indicators of vulnerabilities. J. Syst. Arch. 57(3), 294\u2013313 (2011)","DOI":"10.1016\/j.sysarc.2010.06.003"},{"key":"8_CR28","unstructured":"Dam, H.K., Tran, T., Pham, T., Ng, S.W., Grundy, J., Ghose, A.: Automatic feature learning for vulnerability prediction. arXiv preprint. arXiv:1708.02368 (2017)"}],"container-title":["Communications in Computer and Information Science","Ubiquitous Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-981-99-0272-9_8","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,6,13]],"date-time":"2023-06-13T17:03:06Z","timestamp":1686675786000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-981-99-0272-9_8"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023]]},"ISBN":["9789819902712","9789819902729"],"references-count":28,"URL":"https:\/\/doi.org\/10.1007\/978-981-99-0272-9_8","relation":{},"ISSN":["1865-0929","1865-0937"],"issn-type":[{"type":"print","value":"1865-0929"},{"type":"electronic","value":"1865-0937"}],"subject":[],"published":{"date-parts":[[2023]]},"assertion":[{"value":"16 February 2023","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"UbiSec","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Ubiquitous Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Zhangjiajie","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"China","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2022","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"28 December 2022","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"31 December 2022","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"ubisec2022","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/ubisecurity.org\/2022\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Single-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"98","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"34","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"4","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"35% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"4","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}