{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,17]],"date-time":"2026-03-17T15:33:21Z","timestamp":1773761601843,"version":"3.50.1"},"reference-count":40,"publisher":"Springer Science and Business Media LLC","issue":"2","license":[{"start":{"date-parts":[[2026,3,17]],"date-time":"2026-03-17T00:00:00Z","timestamp":1773705600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2026,3,17]],"date-time":"2026-03-17T00:00:00Z","timestamp":1773705600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Software Qual J"],"published-print":{"date-parts":[[2026,6]]},"DOI":"10.1007\/s11219-026-09742-x","type":"journal-article","created":{"date-parts":[[2026,3,17]],"date-time":"2026-03-17T13:14:43Z","timestamp":1773753283000},"update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["An efficient blending model for classifying security-related software vulnerabilities into software development life cycle phases"],"prefix":"10.1007","volume":"34","author":[{"given":"Pushkar","family":"Kishore","sequence":"first","affiliation":[]},{"given":"Swadhin Kumar","family":"Barisal","sequence":"additional","affiliation":[]},{"given":"Durga Prasad","family":"Mohapatra","sequence":"additional","affiliation":[]},{"given":"Rajib","family":"Mall","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2026,3,17]]},"reference":[{"issue":"3","key":"9742_CR1","doi-asserted-by":"publisher","first-page":"253","DOI":"10.1016\/j.cose.2003.09.002","volume":"23","author":"D Besnard","year":"2004","unstructured":"Besnard, D., & Arief, B. (2004). Computer security impaired by legitimate users. Computers & Security, 23(3), 253\u2013264.","journal-title":"Computers & Security"},{"key":"9742_CR2","doi-asserted-by":"publisher","first-page":"28471","DOI":"10.1109\/ACCESS.2021.3058067","volume":"9","author":"FA Bhuiyan","year":"2021","unstructured":"Bhuiyan, F. A., Sharif, M. B., & Rahman, A. (2021). Security bug report usage for software vulnerability research: A systematic mapping study. IEEE Access, 9, 28471\u201328495.","journal-title":"IEEE Access"},{"key":"9742_CR3","doi-asserted-by":"crossref","unstructured":"Chen, Y., Santosa, A.E., Yi, A.M., Sharma, A., Sharma, A., Lo, D.: A machine learning approach for vulnerability curation. In: Proceedings of the 17th International Conference on Mining Software Repositories, pp. 32\u201342 (2020a)","DOI":"10.1145\/3379597.3387461"},{"key":"9742_CR4","doi-asserted-by":"crossref","unstructured":"Chen, J., Kudjo, P. K., Mensah, S., Brown, S. A., & Akorfu, G. (2020b). An automatic software vulnerability classification framework using term frequency-inverse gravity moment and feature selection. Journal of Systems and Software,167, 110616.","DOI":"10.1016\/j.jss.2020.110616"},{"issue":"1","key":"9742_CR5","doi-asserted-by":"publisher","first-page":"6","DOI":"10.1186\/s12864-019-6413-7","volume":"21","author":"D Chicco","year":"2020","unstructured":"Chicco, D., & Jurman, G. (2020). The advantages of the matthews correlation coefficient (mcc) over f1 score and accuracy in binary classification evaluation. BMC genomics, 21(1), 6.","journal-title":"BMC genomics"},{"issue":"5","key":"9742_CR6","doi-asserted-by":"publisher","first-page":"872","DOI":"10.1109\/JAS.2025.125498","volume":"12","author":"Z Deng","year":"2025","unstructured":"Deng, Z., Ma, W., Han, Q.-L., Zhou, W., Zhu, X., Wen, S., & Xiang, Y. (2025). Exploring deepseek: A survey on advances, applications, challenges and future directions. IEEE\/CAA Journal of Automatica Sinica, 12(5), 872\u2013893.","journal-title":"IEEE\/CAA Journal of Automatica Sinica"},{"key":"9742_CR7","doi-asserted-by":"crossref","unstructured":"Doll, W.J., Torkzadeh, G.: The measurement of end-user computing satisfaction. MIS quarterly, 259\u2013274 (1988)","DOI":"10.2307\/248851"},{"key":"9742_CR8","doi-asserted-by":"publisher","DOI":"10.1201\/9780203485088","volume-title":"Designing for Situation Awareness: An Approach to User-centered Design","author":"MR Endsley","year":"2003","unstructured":"Endsley, M. R., Bolt\u00e9, B., & Jones, D. G. (2003). Designing for Situation Awareness: An Approach to User-centered Design. Boca Raton: CRC Press."},{"key":"9742_CR9","unstructured":"Ezenwoye, O., Liu, Y., Patten, W.: Classifying common security vulnerabilities by software type. In: SEKE, pp. 61\u201364 (2020)"},{"key":"9742_CR10","doi-asserted-by":"crossref","unstructured":"Goseva-Popstojanova, K., Tyo, J.: Identification of security related bug reports via text mining using supervised and unsupervised classification. In: 2018 IEEE International Conference on Software Quality, Reliability and Security (QRS), pp. 344\u2013355 (2018). IEEE","DOI":"10.1109\/QRS.2018.00047"},{"key":"9742_CR11","doi-asserted-by":"crossref","unstructured":"Han, Z., Li, X., Xing, Z., Liu, H., Feng, Z.: Learning to predict severity of software vulnerability using only vulnerability description. In: 2017 IEEE International Conference on Software Maintenance and Evolution (ICSME), pp. 125\u2013136 (2017). IEEE","DOI":"10.1109\/ICSME.2017.52"},{"key":"9742_CR12","doi-asserted-by":"publisher","first-page":"28291","DOI":"10.1109\/ACCESS.2019.2900462","volume":"7","author":"G Huang","year":"2019","unstructured":"Huang, G., Li, Y., Wang, Q., Ren, J., Cheng, Y., & Zhao, X. (2019). Automatic classification method for software vulnerability based on deep neural network. IEEE Access, 7, 28291\u201328298.","journal-title":"IEEE Access"},{"key":"9742_CR13","unstructured":"IBM: Data breach report. https:\/\/www.ibm.com\/downloads\/cas\/3R8N1DZJ (2022)"},{"key":"9742_CR14","doi-asserted-by":"publisher","DOI":"10.1016\/j.infsof.2020.106314","volume":"124","author":"Y Jiang","year":"2020","unstructured":"Jiang, Y., Lu, P., Su, X., & Wang, T. (2020). Ltrwes: A new framework for security bug report detection. Information and Software Technology, 124, Article 106314.","journal-title":"Information and Software Technology"},{"key":"9742_CR15","unstructured":"Jimenez, M., Rwemalika, R., Papadakis, M., Sarro, F., Le\u00a0Traon, Y., Harman, M.: An empirical study on vulnerability prediction of open-source software releases. In: Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC\/FSE) (2019)"},{"key":"9742_CR16","doi-asserted-by":"publisher","first-page":"1413","DOI":"10.1007\/s11219-019-09490-1","volume":"28","author":"PK Kudjo","year":"2020","unstructured":"Kudjo, P. K., Chen, J., Mensah, S., Amankwah, R., & Kudjo, C. (2020). The effect of bellwether analysis on software vulnerability severity prediction models. Software Quality Journal, 28, 1413\u20131446.","journal-title":"Software Quality Journal"},{"issue":"5","key":"9742_CR17","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3529757","volume":"55","author":"TH Le","year":"2022","unstructured":"Le, T. H., Chen, H., & Babar, M. A. (2022). A survey on data-driven software vulnerability assessment and prioritization. ACM Computing Surveys, 55(5), 1\u201339.","journal-title":"ACM Computing Surveys"},{"key":"9742_CR18","unstructured":"Maaten, L.v.d., Hinton, G.: Visualizing data using t-sne. Journal of machine learning research 9(Nov), 2579\u20132605 (2008)"},{"key":"9742_CR19","doi-asserted-by":"publisher","DOI":"10.1016\/j.jss.2020.110693","volume":"169","author":"F Pecorelli","year":"2020","unstructured":"Pecorelli, F., Di Nucci, D., De Roover, C., & De Lucia, A. (2020). A large empirical assessment of the role of data balancing in machine-learning-based code smell detection. Journal of Systems and Software, 169, Article 110693.","journal-title":"Journal of Systems and Software"},{"key":"9742_CR20","doi-asserted-by":"crossref","unstructured":"Pereira, M., Kumar, A., Cristiansen, S.: Identifying security bug reports based solely on report titles and noisy data. In: 2019 IEEE International Conference on Smart Computing (SMARTCOMP), pp. 39\u201344 (2019). IEEE","DOI":"10.1109\/SMARTCOMP.2019.00026"},{"issue":"6","key":"9742_CR21","doi-asserted-by":"publisher","first-page":"615","DOI":"10.1109\/TSE.2017.2787653","volume":"45","author":"F Peters","year":"2017","unstructured":"Peters, F., Tun, T. T., Yu, Y., & Nuseibeh, B. (2017). Text filtering and ranking for security bug report prediction. IEEE Transactions on Software Engineering, 45(6), 615\u2013631.","journal-title":"IEEE Transactions on Software Engineering"},{"issue":"8","key":"9742_CR22","doi-asserted-by":"publisher","first-page":"816","DOI":"10.1016\/j.cose.2009.05.008","volume":"28","author":"H-S Rhee","year":"2009","unstructured":"Rhee, H.-S., Kim, C., & Ryu, Y. U. (2009). Self-efficacy in information security: Its influence on end users\u2019 information security practice behavior. Computers & security, 28(8), 816\u2013826.","journal-title":"Computers & security"},{"key":"9742_CR23","doi-asserted-by":"publisher","first-page":"84","DOI":"10.1016\/j.jss.2019.06.001","volume":"156","author":"ER Russo","year":"2019","unstructured":"Russo, E. R., Di Sorbo, A., Visaggio, C. A., & Canfora, G. (2019). Summarizing vulnerabilities\u2019 descriptions to support experts during vulnerability assessment activities. Journal of Systems and Software, 156, 84\u201399.","journal-title":"Journal of Systems and Software"},{"key":"9742_CR24","doi-asserted-by":"publisher","first-page":"25","DOI":"10.1007\/s10664-011-9190-8","volume":"18","author":"Y Shin","year":"2013","unstructured":"Shin, Y., & Williams, L. (2013). Can traditional fault prediction models be used for vulnerability prediction? Empirical Software Engineering, 18, 25\u201359.","journal-title":"Empirical Software Engineering"},{"key":"9742_CR25","unstructured":"Shu, R., Xia, T., Williams, L., Menzies, T.: Better security bug report classification via hyperparameter optimization. arXiv preprint arXiv:1905.06872 (2019)"},{"key":"9742_CR26","doi-asserted-by":"publisher","DOI":"10.1016\/j.jss.2023.111790","volume":"204","author":"X Sun","year":"2023","unstructured":"Sun, X., Ye, Z., Bo, L., Wu, X., Wei, Y., Zhang, T., & Li, B. (2023). Automatic software vulnerability assessment by extracting vulnerability elements. Journal of Systems and Software, 204, Article 111790.","journal-title":"Journal of Systems and Software"},{"key":"9742_CR27","doi-asserted-by":"crossref","unstructured":"Tenney, I., Das, D., Pavlick, E.: Bert rediscovers the classical nlp pipeline. arXiv preprint arXiv:1905.05950 (2019)","DOI":"10.18653\/v1\/P19-1452"},{"key":"9742_CR28","doi-asserted-by":"publisher","DOI":"10.1016\/j.infsof.2019.106204","volume":"119","author":"C Theisen","year":"2020","unstructured":"Theisen, C., & Williams, L. (2020). Better together: Comparing vulnerability prediction models. Information and Software Technology, 119, Article 106204.","journal-title":"Information and Software Technology"},{"issue":"1","key":"9742_CR29","doi-asserted-by":"publisher","first-page":"699","DOI":"10.1038\/s41467-023-43406-9","volume":"15","author":"SR Tyler","year":"2024","unstructured":"Tyler, S. R., Lozano-Ojalvo, D., Guccione, E., & Schadt, E. E. (2024). Anti-correlated feature selection prevents false discovery of subpopulations in scrnaseq. Nature Communications, 15(1), 699.","journal-title":"Nature Communications"},{"key":"9742_CR30","unstructured":"Verma, D., Kumar, S.: Prediction of defect density for open source software using repository metrics. Journal of Web Engineering, 293\u2013310 (2017)"},{"key":"9742_CR31","doi-asserted-by":"publisher","first-page":"4","DOI":"10.1155\/2014\/803530","volume":"2014","author":"D Verma","year":"2014","unstructured":"Verma, D., & Kumar, S. (2014). An improved approach for reduction of defect density using optimal module sizes. Advances in Software Engineering, 2014, 4\u20134.","journal-title":"Advances in Software Engineering"},{"key":"9742_CR32","doi-asserted-by":"crossref","unstructured":"Walden, J., Stuckman, J., Scandariato, R.: Predicting vulnerable components: Software metrics vs text mining. In: 2014 IEEE 25th International Symposium on Software Reliability Engineering, pp. 23\u201333 (2014). IEEE","DOI":"10.1109\/ISSRE.2014.32"},{"key":"9742_CR33","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2022.103070","volume":"126","author":"Q Wang","year":"2023","unstructured":"Wang, Q., Gao, Y., Ren, J., & Zhang, B. (2023). An automatic classification algorithm for software vulnerability based on weighted word vector and fusion neural network. Computers & Security, 126, Article 103070.","journal-title":"Computers & Security"},{"key":"9742_CR34","doi-asserted-by":"crossref","unstructured":"Webb, J., Ahmad, A., Maynard, S., Shanks, G.: A situation awareness model for information security risk management. Comput. Secur. 44, 1\u201315 (2014) 10.1016\/j.cose.2014.04.005","DOI":"10.1016\/j.cose.2014.04.005"},{"key":"9742_CR35","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1016\/j.cose.2014.04.005","volume":"44","author":"J Webb","year":"2014","unstructured":"Webb, J., Ahmad, A., Maynard, S. B., & Shanks, G. (2014). A situation awareness model for information security risk management. Computers & security, 44, 1\u201315.","journal-title":"Computers & security"},{"key":"9742_CR36","doi-asserted-by":"crossref","unstructured":"Wijayasekara, D., Manic, M., McQueen, M.: Vulnerability identification and classification via text mining bug databases. In: IECON 2014-40th Annual Conference of the IEEE Industrial Electronics Society, pp. 3612\u20133618 (2014). IEEE","DOI":"10.1109\/IECON.2014.7049035"},{"key":"9742_CR37","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2020.101751","volume":"92","author":"MA Williams","year":"2020","unstructured":"Williams, M. A., Barranco, R. C., Naim, S. M., Dey, S., Hossain, M. S., & Akbar, M. (2020). A vulnerability analysis and prediction framework. Computers & Security, 92, Article 101751.","journal-title":"Computers & Security"},{"key":"9742_CR38","doi-asserted-by":"crossref","unstructured":"Zhou, Y., Sharma, A.: Automated identification of security issues from commit messages and bug reports. In: Proceedings of the 2017 11th Joint Meeting on Foundations of Software Engineering, pp. 914\u2013919 (2017)","DOI":"10.1145\/3106237.3117771"},{"issue":"11s","key":"9742_CR39","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3512345","volume":"54","author":"X Zhu","year":"2022","unstructured":"Zhu, X., Wen, S., Camtepe, S., & Xiang, Y. (2022). Fuzzing: a survey for roadmap. ACM Computing Surveys (CSUR), 54(11s), 1\u201336.","journal-title":"ACM Computing Surveys (CSUR)"},{"issue":"2","key":"9742_CR40","doi-asserted-by":"publisher","first-page":"317","DOI":"10.1109\/JAS.2024.124971","volume":"12","author":"X Zhu","year":"2025","unstructured":"Zhu, X., Zhou, W., Han, Q.-L., Ma, W., Wen, S., & Xiang, Y. (2025). When software security meets large language models: A survey. IEEE\/CAA Journal of Automatica Sinica, 12(2), 317\u2013334.","journal-title":"IEEE\/CAA Journal of Automatica Sinica"}],"container-title":["Software Quality Journal"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s11219-026-09742-x.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s11219-026-09742-x","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s11219-026-09742-x.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,3,17]],"date-time":"2026-03-17T13:14:50Z","timestamp":1773753290000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s11219-026-09742-x"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2026,3,17]]},"references-count":40,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2026,6]]}},"alternative-id":["9742"],"URL":"https:\/\/doi.org\/10.1007\/s11219-026-09742-x","relation":{},"ISSN":["0963-9314","1573-1367"],"issn-type":[{"value":"0963-9314","type":"print"},{"value":"1573-1367","type":"electronic"}],"subject":[],"published":{"date-parts":[[2026,3,17]]},"assertion":[{"value":"19 July 2024","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"24 January 2026","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"17 March 2026","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"The authors have no conflicts of interest to declare that are relevant to the content of this article.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Competing interests"}}],"article-number":"10"}}