{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,16]],"date-time":"2025-10-16T03:57:44Z","timestamp":1760587064442},"reference-count":72,"publisher":"Springer Science and Business Media LLC","issue":"2","license":[{"start":{"date-parts":[[2021,5,18]],"date-time":"2021-05-18T00:00:00Z","timestamp":1621296000000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2021,5,18]],"date-time":"2021-05-18T00:00:00Z","timestamp":1621296000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Autom Softw Eng"],"published-print":{"date-parts":[[2021,11]]},"DOI":"10.1007\/s10515-021-00281-2","type":"journal-article","created":{"date-parts":[[2021,5,18]],"date-time":"2021-05-18T04:16:29Z","timestamp":1621311389000},"update-policy":"http:\/\/dx.doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":6,"title":["Prioritizing refactorings for security-critical code"],"prefix":"10.1007","volume":"28","author":[{"given":"Chaima","family":"Abid","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Vahid","family":"Alizadeh","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Marouane","family":"Kessentini","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Mouna","family":"Dhaouadi","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Rick","family":"Kazman","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2021,5,18]]},"reference":[{"key":"281_CR1","unstructured":"Abid, C., Kessentini, M., Alizadeh, V., Dhouadi, M., Kazman, R.: How does refactoring impact security when improving quality? A security-aware refactoring approach. IEEE Trans. Softw. Eng"},{"issue":"1","key":"281_CR2","first-page":"60","volume":"2","author":"A Agrawal","year":"2012","unstructured":"Agrawal, A., Khan, R.: Role of coupling in vulnerability propagation. Softw. Eng. 2(1), 60\u201368 (2012)","journal-title":"Softw. Eng."},{"key":"281_CR3","unstructured":"Agrawal, A., Khan, R.: Assessing impact of cohesion on security-an object oriented design perspective. Pensee 76(2), 161\u2013167 (2014)"},{"key":"281_CR4","doi-asserted-by":"crossref","unstructured":"Alizadeh, V., Kessentini, M.: Reducing interactive refactoring effort via clustering-based multi-objective search. In: Proceedings of the 33rd ACM\/IEEE International Conference on Automated Software Engineering, pp. 464\u2013474. ACM (2018)","DOI":"10.1145\/3238147.3238217"},{"issue":"9","key":"281_CR5","doi-asserted-by":"publisher","first-page":"932","DOI":"10.1109\/TSE.2018.2872711","volume":"46","author":"V Alizadeh","year":"2018","unstructured":"Alizadeh, V., Kessentini, M., Mkaouer, W., Ocinneide, M., Ouni, A., Cai, Y.: An interactive and dynamic search-based approach to software refactoring recommendations. IEEE Trans. Softw. Eng. 46(9), 932\u2013961 (2018)","journal-title":"IEEE Trans. Softw. Eng."},{"key":"281_CR6","doi-asserted-by":"crossref","unstructured":"Alshammari, B., Fidge, C., Corney, D.: Security metrics for object-oriented class designs. In: 9th International Conference on Quality Software, 2009. QSIC\u201909, pp. 11\u201320. IEEE (2009)","DOI":"10.1109\/QSIC.2009.11"},{"key":"281_CR7","doi-asserted-by":"crossref","unstructured":"Alshammari, B., Fidge, C., Corney, D.: Security metrics for object-oriented designs. In: Software Engineering Conference (ASWEC), 2010 21st Australian, pp. 55\u201364. IEEE (2010a)","DOI":"10.1109\/ASWEC.2010.34"},{"key":"281_CR8","doi-asserted-by":"crossref","unstructured":"Alshammari, B., Fidge, C., Corney, D.: Assessing the impact of refactoring on security-critical object-oriented designs. In: Asia Pacific Software Engineering Conference, pp. 186\u2013195. IEEE (2010b)","DOI":"10.1109\/APSEC.2010.30"},{"key":"281_CR9","doi-asserted-by":"crossref","unstructured":"Arcuri, A., Briand, L.: A practical guide for using statistical tests to assess randomized algorithms in software engineering. In: 2011 33rd International Conference on Software Engineering (ICSE), pp. 1\u201310. IEEE (2011)","DOI":"10.1145\/1985793.1985795"},{"issue":"1","key":"281_CR10","doi-asserted-by":"publisher","first-page":"4","DOI":"10.1109\/32.979986","volume":"28","author":"J Bansiya","year":"2002","unstructured":"Bansiya, J., Davis, C.G.: A hierarchical model for object-oriented design quality assessment. IEEE Trans. Softw. Eng. 28(1), 4\u201317 (2002)","journal-title":"IEEE Trans. Softw. Eng."},{"key":"281_CR11","doi-asserted-by":"crossref","unstructured":"Bouillon, P., Gro\u00dfkinsky, E., Steimann, F.: Controlling accessibility in agile projects with the access modifier modifier. In: International Conference on Objects, Components, Models and Patterns, pp. 41\u201359. Springer (2008)","DOI":"10.1007\/978-3-540-69824-1_4"},{"key":"281_CR12","volume-title":"AntiPatterns: Refactoring Software, Architectures, and Projects in Crisis","author":"WH Brown","year":"1998","unstructured":"Brown, W.H., Malveau, R.C., McCormick, H.W., Mowbray, T.J.: AntiPatterns: Refactoring Software, Architectures, and Projects in Crisis. Wiley, Hoboken (1998)"},{"issue":"3","key":"281_CR13","doi-asserted-by":"publisher","first-page":"294","DOI":"10.1016\/j.sysarc.2010.06.003","volume":"57","author":"I Chowdhury","year":"2011","unstructured":"Chowdhury, I., Zulkernine, M.: Using complexity, coupling, and cohesion metrics as early indicators of vulnerabilities. J. Syst. Archit. 57(3), 294\u2013313 (2011)","journal-title":"J. Syst. Archit."},{"key":"281_CR14","doi-asserted-by":"crossref","unstructured":"Chowdhury, I., Chan, B., Zulkernine, M.: Security metrics for source code structures. In: Proceedings of the Fourth International Workshop on Software Engineering for Secure Systems, pp. 57\u201364. ACM (2008)","DOI":"10.1145\/1370905.1370913"},{"key":"281_CR15","doi-asserted-by":"crossref","unstructured":"Cinn\u00e9ide, M.\u00d3, Tratt, L., Harman, M., Counsell, S., Moghadam, I.H.: Experimental assessment of software metrics using automated refactoring. In: Proceedings of the ACM-IEEE International Symposium on Empirical Software Engineering and Measurement, pp. 49\u201358. ACM (2012)","DOI":"10.1145\/2372251.2372260"},{"issue":"3","key":"281_CR16","doi-asserted-by":"publisher","first-page":"25","DOI":"10.1145\/971617.971637","volume":"47","author":"MA Cusumano","year":"2004","unstructured":"Cusumano, M.A.: Who is liable for bugs and security flaws in software? Commun. ACM 47(3), 25\u201327 (2004)","journal-title":"Commun. ACM"},{"key":"281_CR17","unstructured":"Cve vulnerability data. https:\/\/www.cvedetails.com\/ (2021)"},{"key":"281_CR18","unstructured":"CWE - 398: Indicator of Poor Code Quality. https:\/\/www.cvedetails.com\/cwe-details\/398\/Indicator-of-Poor-Code-Quality.html (2009)"},{"issue":"2","key":"281_CR19","doi-asserted-by":"publisher","first-page":"182","DOI":"10.1109\/4235.996017","volume":"6","author":"K Deb","year":"2002","unstructured":"Deb, K., Pratap, A., Agarwal, S., Meyarivan, T.: A fast and elitist multiobjective genetic algorithm: NSGA-II. IEEE Trans. Evol. Comput. 6(2), 182\u2013197 (2002)","journal-title":"IEEE Trans. Evol. Comput."},{"key":"281_CR20","doi-asserted-by":"crossref","unstructured":"Fokaefs, M., Tsantalis, N., Stroulia, E., Chatzigeorgiou, A.: Jdeodorant: identification and application of extract class refactorings. In: 2011 33rd International Conference on Software Engineering (ICSE), pp. 1037\u20131039. IEEE (2011)","DOI":"10.1145\/1985793.1985989"},{"key":"281_CR21","volume-title":"Refactoring: Improving the Design of Existing Code","author":"M Fowler","year":"2018","unstructured":"Fowler, M.: Refactoring: Improving the Design of Existing Code. Addison-Wesley Professional, Boston (2018)"},{"key":"281_CR22","doi-asserted-by":"crossref","unstructured":"Ghaith, S., Cinn\u00e9ide, M.\u00d3.: Improving software security using search-based refactoring. In: International Symposium on Search Based Software Engineering, pp. 121\u2013135. Springer (2012)","DOI":"10.1007\/978-3-642-33119-0_10"},{"issue":"6","key":"281_CR23","doi-asserted-by":"publisher","first-page":"32","DOI":"10.1145\/1286821.1286823","volume":"29","author":"C Grothoff","year":"2007","unstructured":"Grothoff, C., Palsberg, J., Vitek, J.: Encapsulating objects with confined types. ACM Trans. Program. Lang. Syst. (TOPLAS) 29(6), 32 (2007)","journal-title":"ACM Trans. Program. Lang. Syst. (TOPLAS)"},{"key":"281_CR24","unstructured":"Haldar, V., Chandra, D., Franz, M.: Dynamic taint propagation for java. In: Proceedings of the 21st Annual Computer Security Applications Conference, ACSAC \u201905, pp. 303\u2013311. IEEE Computer Society (2005)"},{"key":"281_CR25","unstructured":"Han, J., Zheng, Y.: Security characterisation and integrity assurance for software components and component-based systems. In: Proceedings of 1998 Australasian Workshop on Software Architectures, Melbourne, pp. 83\u201389 (1998)"},{"issue":"14","key":"281_CR26","doi-asserted-by":"publisher","first-page":"833","DOI":"10.1016\/S0950-5849(01)00189-6","volume":"43","author":"M Harman","year":"2001","unstructured":"Harman, M., Jones, B.F.: Search-based software engineering. Inf. Softw. Technol. 43(14), 833\u2013839 (2001)","journal-title":"Inf. Softw. Technol."},{"key":"281_CR27","doi-asserted-by":"crossref","unstructured":"Harman, M., Tratt, L.: Pareto optimal search based refactoring at the design level. In: Proceedings of the 9th Annual Conference on Genetic and Evolutionary Computation, pp. 1106\u20131113. ACM (2007)","DOI":"10.1145\/1276958.1277176"},{"issue":"1","key":"281_CR28","doi-asserted-by":"publisher","first-page":"144","DOI":"10.1109\/TSC.2016.2646687","volume":"13","author":"K Huang","year":"2016","unstructured":"Huang, K., Zhang, J., Tan, W., Feng, Z.: Shifting to mobile: network-based empirical study of mobile vulnerability market. IEEE Trans. Serv. Comput. 13(1), 144\u2013157 (2016)","journal-title":"IEEE Trans. Serv. Comput."},{"key":"281_CR29","doi-asserted-by":"crossref","unstructured":"Jensen, A.C., Cheng, B.H.: On the use of genetic programming for automated refactoring and the introduction of design patterns. In: Proceedings of the 12th Annual Conference on Genetic and Evolutionary Computation, pp. 1341\u20131348. ACM (2010)","DOI":"10.1145\/1830483.1830731"},{"key":"281_CR30","doi-asserted-by":"crossref","unstructured":"Kobori, K., Matsushita, M., Inoue, K.: Evolution analysis for accessibility excessiveness in java. In: 2015 IEEE 22nd International Conference on Software Analysis, Evolution, and Reengineering (SANER), pp. 83\u201390. IEEE (2015)","DOI":"10.1109\/SANER.2015.7081818"},{"key":"281_CR31","volume-title":"Software Vulnerability Analysis","author":"IV Krsul","year":"1998","unstructured":"Krsul, I.V.: Software Vulnerability Analysis. Purdue University, West Lafayette (1998)"},{"key":"281_CR32","doi-asserted-by":"crossref","unstructured":"Kessentini, M., Wimmer, M., Sahraoui, H., Boukadoum, M.: Generating transformation rules from examples for behavioral models. In: Proceedings of the Second International Workshop on Behaviour Modelling: Foundation and Applications, p.\u00a02. ACM (2010)","DOI":"10.1145\/1811147.1811149"},{"key":"281_CR33","doi-asserted-by":"crossref","unstructured":"Kessentini, M., Kessentini, W., Sahraoui, H., Boukadoum, M., Ouni, A.: Design defects detection and correction by example. In: 2011 IEEE 19th International Conference on Program Comprehension, pp. 81\u201390. IEEE (2011)","DOI":"10.1109\/ICPC.2011.22"},{"key":"281_CR34","doi-asserted-by":"publisher","unstructured":"Kessentini, W., Wimmer, M., Sahraoui, H.: Integrating the designer in-the-loop for metamodel\/model co-evolution via interactive computational search. In: Proceedings of the 21th ACM\/IEEE International Conference on Model Driven Engineering Languages and Systems, MODELS \u201918, pp. 101\u2013111. ACM, New York, NY, USA (2018). https:\/\/doi.org\/10.1145\/3239372.3239375","DOI":"10.1145\/3239372.3239375"},{"issue":"5","key":"281_CR35","doi-asserted-by":"publisher","first-page":"521","DOI":"10.1002\/spe.1031","volume":"41","author":"S Lee","year":"2011","unstructured":"Lee, S., Bae, G., Chae, H.S., Bae, D.-H., Kwon, Y.R.: Automated scheduling for clone-based refactoring using a competent GA. Softw. Pract. Exp. 41(5), 521\u2013550 (2011)","journal-title":"Softw. Pract. Exp."},{"key":"281_CR36","doi-asserted-by":"crossref","unstructured":"Lin, Y., Peng, X., Cai, Y., Dig, D., Zheng, D., Zhao, W.: Interactive and guided architectural refactoring with search-based recommendation. In: Proceedings of the 2016 24th ACM SIGSOFT International Symposium on Foundations of Software Engineering, pp. 535\u2013546. ACM, (2016)","DOI":"10.1145\/2950290.2950317"},{"key":"281_CR37","unstructured":"Livshits, V.B., Lam, M.S.: Finding security vulnerabilities in java applications with static analysis. In: Proceedings of the 14th Conference on USENIX Security Symposium\u2014Volume 14, SSYM\u201905, p. 18. USENIX Association (2005)"},{"issue":"2","key":"281_CR38","doi-asserted-by":"publisher","first-page":"473","DOI":"10.1007\/s11219-015-9284-4","volume":"25","author":"U Mansoor","year":"2017","unstructured":"Mansoor, U., Kessentini, M., Wimmer, M., Deb, K.: Multi-view refactoring of class and activity diagrams using a multi-objective evolutionary algorithm. Softw. Qual. J. 25(2), 473\u2013501 (2017)","journal-title":"Softw. Qual. J."},{"key":"281_CR39","doi-asserted-by":"crossref","unstructured":"Maruyama, K., Omori, T.: A security-aware refactoring tool for java programs. In: Proceedings of the 4th Workshop on Refactoring Tools, pp. 22\u201328. ACM (2011)","DOI":"10.1145\/1984732.1984737"},{"key":"281_CR40","doi-asserted-by":"crossref","unstructured":"Mkaouer, M.W., Kessentini, M., Bechikh, S., Cinn\u00e9ide, M.\u00d3.: A robust multi-objective approach for software refactoring under uncertainty. In: International Symposium on Search Based Software Engineering, pp. 168\u2013183. Springer (2014a)","DOI":"10.1007\/978-3-319-09940-8_12"},{"key":"281_CR41","doi-asserted-by":"crossref","unstructured":"Mkaouer, M.W., Kessentini, M., Bechikh, S., Deb, K., Cinn\u00e9ide, M.\u00d3: Recommendation system for software refactoring using innovization and interactive dynamic optimization. In: Proceedings of the 29th ACM\/IEEE International Conference on Automated Software Engineering, pp. 331\u2013336. ACM (2014b)","DOI":"10.1145\/2642937.2642965"},{"issue":"3","key":"281_CR42","doi-asserted-by":"publisher","first-page":"17","DOI":"10.1145\/2729974","volume":"24","author":"W Mkaouer","year":"2015","unstructured":"Mkaouer, W., Kessentini, M., Shaout, A., Koligheu, P., Bechikh, S., Deb, K., Ouni, A.: Many-objective software remodularization using NSGA-III. ACM Trans. Softw. Eng. Methodol. (TOSEM) 24(3), 17 (2015)","journal-title":"ACM Trans. Softw. Eng. Methodol. (TOSEM)"},{"issue":"6","key":"281_CR43","doi-asserted-by":"publisher","first-page":"2503","DOI":"10.1007\/s10664-015-9414-4","volume":"21","author":"MW Mkaouer","year":"2016","unstructured":"Mkaouer, M.W., Kessentini, M., Bechikh, S., Cinn\u00e9ide, M.\u00d3., Deb, K.: On the use of many quality attributes for software refactoring: a many-objective search-based software engineering approach. Empir. Softw. Eng. 21(6), 2503\u20132545 (2016)","journal-title":"Empir. Softw. Eng."},{"issue":"2","key":"281_CR44","doi-asserted-by":"publisher","first-page":"894","DOI":"10.1007\/s10664-016-9426-8","volume":"22","author":"MW Mkaouer","year":"2017","unstructured":"Mkaouer, M.W., Kessentini, M., Cinn\u00e9ide, M.\u00d3., Hayashi, S., Deb, K.: A robust multi-objective approach to balance severity and importance of refactoring opportunities. Empir. Softw. Eng. 22(2), 894\u2013927 (2017)","journal-title":"Empir. Softw. Eng."},{"key":"281_CR45","unstructured":"M\u00fcller, A.: Bytecode analysis for checking java access modifiers. In: Work in Progress and Poster Session, 8th Int. Conf. on Principles and Practice of Programming in Java (PPPJ 2010), Vienna, Austria, pp. 1\u20134 (2010)"},{"key":"281_CR46","doi-asserted-by":"publisher","first-page":"112","DOI":"10.1016\/j.infsof.2017.11.010","volume":"96","author":"H Mumtaz","year":"2018","unstructured":"Mumtaz, H., Alshayeb, M., Mahmood, S., Niazi, M.: An empirical study to improve software security through the application of code refactoring. Inf. Softw. Technol. 96, 112\u2013125 (2018)","journal-title":"Inf. Softw. Technol."},{"key":"281_CR47","doi-asserted-by":"crossref","unstructured":"Nikiforakis, N., Invernizzi, L., Kapravelos, A., Acker, S.\u00a0Van, Joosen, W., Kruegel, C., Piessens, F., Vigna, G.: You are what you include: Large-scale evaluation of remote javascript inclusions. In: Proceedings of the 2012 ACM Conference on Computer and Communications Security, CCS \u201912, pp. 736\u2013747. ACM (2012)","DOI":"10.1145\/2382196.2382274"},{"key":"281_CR48","unstructured":"Nuuo cms. https:\/\/www.cvedetails.com\/cve\/CVE-2018-17890\/ (2018)"},{"issue":"4","key":"281_CR49","doi-asserted-by":"publisher","first-page":"502","DOI":"10.1016\/j.jss.2007.06.003","volume":"81","author":"M O\u2019Keeffe","year":"2008","unstructured":"O\u2019Keeffe, M., Cinn\u00e9ide, M.O.: Search-based refactoring for software maintenance. J. Syst. Softw. 81(4), 502\u2013516 (2008)","journal-title":"J. Syst. Softw."},{"key":"281_CR50","unstructured":"Opdyke, W.F.: Refactoring object-oriented frameworks. Ph.D. thesi, University of Illinois at Urbana-Champaign Champaign, IL, USA (1992)"},{"key":"281_CR51","doi-asserted-by":"crossref","unstructured":"Ouni, A., Kessentini, M., Sahraoui, H.: Search-based refactoring using recorded code changes. In: 2013 17th European Conference on Software Maintenance and Reengineering, pp. 221\u2013230. IEEE (2013a)","DOI":"10.1109\/CSMR.2013.31"},{"key":"281_CR52","doi-asserted-by":"crossref","unstructured":"Ouni, A., Kessentini, M., Sahraoui, H., Hamdi, M.S.: The use of development history in software refactoring using a multi-objective evolutionary algorithm. In: Proceedings of the 15th annual conference on Genetic and evolutionary computation, pp. 1461\u20131468. ACM (2013b)","DOI":"10.1145\/2463372.2463554"},{"key":"281_CR53","doi-asserted-by":"publisher","first-page":"18","DOI":"10.1016\/j.jss.2015.03.040","volume":"105","author":"A Ouni","year":"2015","unstructured":"Ouni, A., Kessentini, M., Sahraoui, H., Inoue, K., Hamdi, M.S.: Improving multi-objective code-smells correction using development history. J. Syst. Softw. 105, 18\u201339 (2015)","journal-title":"J. Syst. Softw."},{"issue":"3","key":"281_CR54","doi-asserted-by":"publisher","first-page":"23","DOI":"10.1145\/2932631","volume":"25","author":"A Ouni","year":"2016","unstructured":"Ouni, A., Kessentini, M., Sahraoui, H., Inoue, K., Deb, K.: Multi-criteria code refactoring using search-based software engineering: an industrial case study. ACM Trans. Softw. Eng. Methodol. (TOSEM) 25(3), 23 (2016)","journal-title":"ACM Trans. Softw. Eng. Methodol. (TOSEM)"},{"issue":"5","key":"281_CR55","doi-asserted-by":"publisher","first-page":"e1843","DOI":"10.1002\/smr.1843","volume":"29","author":"A Ouni","year":"2017","unstructured":"Ouni, A., Kessentini, M., Cinn\u00e9ide, M.\u00d3., Sahraoui, H., Deb, K., Inoue, K.: More: a multi-objective refactoring recommendation approach to introducing design patterns and fixing code smells. J. Softw. Evol. Process 29(5), e1843 (2017)","journal-title":"J. Softw. Evol. Process"},{"key":"281_CR56","doi-asserted-by":"crossref","unstructured":"Palomba, F., Lucia, A.\u00a0De, Bavota, G., Oliveto, R.: Anti-pattern detection: methods, challenges, and open issues. In: Advances in Computers, vol.\u00a095, pp. 201\u2013238. Elsevier (2014)","DOI":"10.1016\/B978-0-12-800160-8.00004-8"},{"issue":"10","key":"281_CR57","doi-asserted-by":"publisher","first-page":"993","DOI":"10.1109\/TSE.2014.2340398","volume":"40","author":"R Scandariato","year":"2014","unstructured":"Scandariato, R., Walden, J., Hovsepyan, A., Joosen, W.: Predicting vulnerable software components via text mining. IEEE Trans. Softw. Eng. 40(10), 993\u20131006 (2014)","journal-title":"IEEE Trans. Softw. Eng."},{"key":"281_CR58","doi-asserted-by":"crossref","unstructured":"Seng, O., Stammel, J., Burkhart, D.: Search-based determination of refactorings for improving the class structure of object-oriented systems. In: Proceedings of the 8th Annual Conference on Genetic and Evolutionary Computation, pp. 1909\u20131916. ACM (2006)","DOI":"10.1145\/1143997.1144315"},{"issue":"4","key":"281_CR59","first-page":"127","volume":"5","author":"R Shatnawi","year":"2011","unstructured":"Shatnawi, R., Li, W.: An empirical assessment of refactoring impact on software quality using a hierarchical quality model. Int. J. Softw. Eng. Appl. 5(4), 127\u2013149 (2011)","journal-title":"Int. J. Softw. Eng. Appl."},{"key":"281_CR60","doi-asserted-by":"publisher","first-page":"388","DOI":"10.1016\/j.jocs.2017.08.003","volume":"25","author":"AK Srivastava","year":"2018","unstructured":"Srivastava, A.K., Kumar, S.: An effective computational technique for taxonomic position of security vulnerability in software development. J. Comput. Sci. 25, 388\u2013396 (2018)","journal-title":"J. Comput. Sci."},{"key":"281_CR61","doi-asserted-by":"crossref","unstructured":"Steimann, F., Thies, A.: From public to private to absent: refactoring java programs under constrained accessibility. In: European Conference on Object-Oriented Programming, pp. 419\u2013443. Springer (2009)","DOI":"10.1007\/978-3-642-03013-0_19"},{"key":"281_CR62","doi-asserted-by":"crossref","unstructured":"Tang, Y., Zhao, F., Yang, Y., Lu, H., Zhou, Y., Xu, B.: Predicting vulnerable components via text mining or software metrics? An effort-aware perspective. In: 2015 IEEE International Conference on Software Quality, Reliability and Security, pp. 27\u201336. IEEE (2015)","DOI":"10.1109\/QRS.2015.15"},{"key":"281_CR63","doi-asserted-by":"crossref","unstructured":"Tsantalis, N., Chatzigeorgiou, A.: Ranking refactoring suggestions based on historical volatility. In: 2011 15th European Conference on Software Maintenance and Reengineering, pp. 25\u201334. IEEE (2011)","DOI":"10.1109\/CSMR.2011.7"},{"issue":"3","key":"281_CR64","doi-asserted-by":"publisher","first-page":"501","DOI":"10.1007\/s10515-014-0175-x","volume":"23","author":"SA Vidal","year":"2016","unstructured":"Vidal, S.A., Marcos, C., D\u00edaz-Pace, J.A.: An approach to prioritize code smells for refactoring. Autom. Softw. Eng. 23(3), 501\u2013532 (2016a)","journal-title":"Autom. Softw. Eng."},{"issue":"2","key":"281_CR65","doi-asserted-by":"publisher","first-page":"483","DOI":"10.1007\/s10664-015-9365-9","volume":"21","author":"SA Vidal","year":"2016","unstructured":"Vidal, S.A., Bergel, A., Marcos, C., D\u00edaz-Pace, J.A.: Understanding and addressing exhibitionism in java empirical research about method accessibility. Empir. Softw. Eng. 21(2), 483\u2013516 (2016b)","journal-title":"Empir. Softw. Eng."},{"key":"281_CR66","first-page":"1","volume":"46","author":"S Vidal","year":"2016","unstructured":"Vidal, S., Bergel, A., D\u00edaz-Pace, J.A., Marcos, C.: Over-exposed classes in java: an empirical study. Comput. Lang. Syst. Struct. 46, 1\u201319 (2016c)","journal-title":"Comput. Lang. Syst. Struct."},{"key":"281_CR67","doi-asserted-by":"crossref","unstructured":"Walden, J., Stuckman, J., Scandariato, R.: Predicting vulnerable components: software metrics vs text mining. In: IEEE 25th International Symposium on Software Reliability Engineering, pp. 23\u201333. IEEE (2014)","DOI":"10.1109\/ISSRE.2014.32"},{"key":"281_CR68","first-page":"34","volume":"14","author":"W Wang","year":"2018","unstructured":"Wang, W., Mahakala, K.R., Gupta, A., Hussein, N., Wang, Y.: A linear classifier based approach for identifying security requirements in open source software development. J. Ind. Inf. Integr. 14, 34\u201340 (2018)","journal-title":"J. Ind. Inf. Integr."},{"issue":"4","key":"281_CR69","doi-asserted-by":"publisher","first-page":"173","DOI":"10.1016\/j.istr.2013.02.002","volume":"17","author":"JL Wright","year":"2013","unstructured":"Wright, J.L., McQueen, M., Wellman, L.: Analyses of two end-user software vulnerability exposure metrics (extended version). Inf. Secur. Tech. Rep. 17(4), 173\u2013184 (2013)","journal-title":"Inf. Secur. Tech. Rep."},{"key":"281_CR70","doi-asserted-by":"crossref","unstructured":"Yu, L., Pan, Y., Wu, Y.: Research on data normalization methods in multi-attribute evaluation. In: 2009 International Conference on Computational Intelligence and Software Engineering, pp. 1\u20135. IEEE (2009)","DOI":"10.1109\/CISE.2009.5362721"},{"key":"281_CR71","doi-asserted-by":"crossref","unstructured":"Zazworka, N., Seaman, C., Shull, F.: Prioritizing design debt investment opportunities. In: Proceedings of the 2nd Workshop on Managing Technical Debt, pp. 39\u201342. ACM (2011)","DOI":"10.1145\/1985362.1985372"},{"key":"281_CR72","doi-asserted-by":"crossref","unstructured":"Zoller, C., Schmolitzky, A.: Measuring inappropriate generosity with access modifiers in java systems. In: 2012 Joint Conference of the 22nd International Workshop on Software Measurement and the 2012 Seventh International Conference on Software Process and Product Measurement, pp. 43\u201352. IEEE (2012)","DOI":"10.1109\/IWSM-MENSURA.2012.15"}],"container-title":["Automated Software Engineering"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10515-021-00281-2.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s10515-021-00281-2\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10515-021-00281-2.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,10,23]],"date-time":"2021-10-23T05:20:42Z","timestamp":1634966442000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s10515-021-00281-2"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021,5,18]]},"references-count":72,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2021,11]]}},"alternative-id":["281"],"URL":"https:\/\/doi.org\/10.1007\/s10515-021-00281-2","relation":{},"ISSN":["0928-8910","1573-7535"],"issn-type":[{"value":"0928-8910","type":"print"},{"value":"1573-7535","type":"electronic"}],"subject":[],"published":{"date-parts":[[2021,5,18]]},"assertion":[{"value":"5 February 2020","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"5 March 2021","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"18 May 2021","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}}],"article-number":"4"}}