{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,31]],"date-time":"2026-01-31T06:36:30Z","timestamp":1769841390037,"version":"3.49.0"},"publisher-location":"Cham","reference-count":25,"publisher":"Springer Nature Switzerland","isbn-type":[{"value":"9783031764585","type":"print"},{"value":"9783031764592","type":"electronic"}],"license":[{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2025]]},"DOI":"10.1007\/978-3-031-76459-2_4","type":"book-chapter","created":{"date-parts":[[2025,3,10]],"date-time":"2025-03-10T16:33:54Z","timestamp":1741624434000},"page":"34-43","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":6,"title":["SCoPE: Evaluating LLMs for Software Vulnerability Detection"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0009-0004-1038-8384","authenticated-orcid":false,"given":"Jos\u00e9","family":"Gon\u00e7alves","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1693-7872","authenticated-orcid":false,"given":"Tiago","family":"Dias","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-8075-531X","authenticated-orcid":false,"given":"Eva","family":"Maia","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-2519-9859","authenticated-orcid":false,"given":"Isabel","family":"Pra\u00e7a","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2025,3,11]]},"reference":[{"key":"4_CR1","doi-asserted-by":"publisher","unstructured":"Ni\u017eeti\u0107, S., \u0160oli\u0107, P., L\u00f3pez-de-Ipi\u00f1a Gonz\u00e1lez-de-Artaza, D., Patrono, L.: Internet of things (IoT): opportunities, issues and challenges towards a smart and sustainable future. J. Clean Prod. 274, 122877 (2020). https:\/\/doi.org\/10.1016\/j.jclepro.2020.122877","DOI":"10.1016\/j.jclepro.2020.122877"},{"key":"4_CR2","doi-asserted-by":"publisher","first-page":"107139","DOI":"10.1016\/j.measurement.2019.107139","volume":"152","author":"W Niu","year":"2020","unstructured":"Niu, W., Zhang, X., Du, X., Zhao, L., Cao, R., Guizani, M.: A deep learning based static taint analysis approach for IoT software vulnerability location. Measurement 152, 107139 (2020). https:\/\/doi.org\/10.1016\/j.measurement.2019.107139","journal-title":"Measurement"},{"key":"4_CR3","unstructured":"The Economic Impacts of Inadequate Infrastructure for Software Testing. New York (2002). https:\/\/www.nist.gov\/system\/files\/documents\/director\/planning\/report02-3.pdf. Accessed 10 Apr 2024"},{"key":"4_CR4","doi-asserted-by":"publisher","unstructured":"Alnaeli, S.M., Sarnowski, M., Aman, M.S., Abdelgawad, A., Yelamarthi, K.: Vulnerable C\/C++ code usage in IoT software systems. In: 2016 IEEE 3rd World Forum on Internet of Things (WF-IoT), pp. 348\u2013352. IEEE (2016). https:\/\/doi.org\/10.1109\/WF-IoT.2016.7845497","DOI":"10.1109\/WF-IoT.2016.7845497"},{"key":"4_CR5","unstructured":"Alexopoulos, N., Brack, M., Wagner, J.P., Grube, T., M\u00fchlh\u00e4user, M.: How long do vulnerabilities live in the code? A large-scale empirical measurement study on FOSS vulnerability lifetimes. In: 31st USENIX Security Symposium (USENIX Security 22), pp. 359\u2013376. USENIX Association, Boston, MA (2022). https:\/\/www.usenix.org\/conference\/usenixsecurity22\/presentation\/alexopoulos"},{"key":"4_CR6","doi-asserted-by":"publisher","unstructured":"Lipp, S., Banescu, S., Pretschner, A.: An empirical study on the effectiveness of static C code analyzers for vulnerability detection. In: Proceedings of the 31st ACM SIGSOFT International Symposium on Software Testing and Analysis, pp. 544\u2013555. ACM, New York, NY, USA (2022). https:\/\/doi.org\/10.1145\/3533767.3534380","DOI":"10.1145\/3533767.3534380"},{"key":"4_CR7","doi-asserted-by":"publisher","unstructured":"Hin, D., Kan, A., Chen, H., Babar, M.A.: LineVD: statement-level vulnerability detection using graph neural networks. In: MSR \u201822 Proceedings of the 19th International Conference on Mining Software Repositories, pp. 596\u2013607. Association for Computing Machinery, New York, NY, USA (2022). https:\/\/doi.org\/10.1145\/3524842.3527949","DOI":"10.1145\/3524842.3527949"},{"key":"4_CR8","unstructured":"Zhou, Y., Liu, S., Siow, J., Du, X., Liu, Y.: Devign: effective vulnerability identification by learning comprehensive program semantics via graph neural networks. In: Proceedings of the 33rd International Conference on Neural Information Processing Systems. Curran Associates Inc., Red Hook, NY, USA (2019)"},{"key":"4_CR9","doi-asserted-by":"publisher","unstructured":"Bhandari, G., Naseer, A., Moonen, L.: CVEfixes: automated collection of vulnerabilities and their fixes from open-source software. In: PROMISE 2021 Proceedings of the 17th International Conference on Predictive Models and Data Analytics in Software Engineering, pp. 30\u201339. Association for Computing Machinery, New York, NY, USA (2021). https:\/\/doi.org\/10.1145\/3475960.3475985","DOI":"10.1145\/3475960.3475985"},{"key":"4_CR10","doi-asserted-by":"publisher","unstructured":"Das Purba, M., Ghosh, A., Radford, B.J., Chu, B.: Software vulnerability detection using large language models. In: 2023 IEEE 34th International Symposium on Software Reliability Engineering Workshops (ISSREW), pp. 112\u2013119 (2023). https:\/\/doi.org\/10.1109\/ISSREW60843.2023.00058","DOI":"10.1109\/ISSREW60843.2023.00058"},{"issue":"1","key":"4_CR11","doi-asserted-by":"publisher","first-page":"4","DOI":"10.1007\/s10664-023-10346-3","volume":"29","author":"M Fu","year":"2023","unstructured":"Fu, M., et al.: AIBugHunter: a practical tool for predicting, classifying and repairing software vulnerabilities. Empir. Softw. Eng.. Softw. Eng. 29(1), 4 (2023). https:\/\/doi.org\/10.1007\/s10664-023-10346-3","journal-title":"Empir. Softw. Eng.. Softw. Eng."},{"key":"4_CR12","doi-asserted-by":"publisher","DOI":"10.1007\/s41870-024-01775-4","author":"PV Sindhwad","year":"2024","unstructured":"Sindhwad, P.V., Ranka, P., Muni, S., Kazi, F.: VulnArmor: mitigating software vulnerabilities with code resolution and detection techniques. Int. J. Inf. Technol. (2024). https:\/\/doi.org\/10.1007\/s41870-024-01775-4","journal-title":"Int. J. Inf. Technol."},{"key":"4_CR13","unstructured":"Juliet C\/C++ 1.3 - NIST Software Assurance Reference Dataset. https:\/\/samate.nist.gov\/SARD\/test-suites\/112. Accessed 10 Apr 2024"},{"issue":"1","key":"4_CR14","doi-asserted-by":"publisher","first-page":"147","DOI":"10.1109\/TSE.2022.3147265","volume":"49","author":"Z Chen","year":"2023","unstructured":"Chen, Z., Kommrusch, S., Monperrus, M.: Neural transfer learning for repairing security vulnerabilities in C code. IEEE Trans. Software Eng. 49(1), 147\u2013165 (2023). https:\/\/doi.org\/10.1109\/TSE.2022.3147265","journal-title":"IEEE Trans. Software Eng."},{"key":"4_CR15","doi-asserted-by":"publisher","unstructured":"Feng, Z., et al.: CodeBERT: a pre-trained model for programming and natural languages. In: Cohn, T., He, Y., Liu, Y. (eds.) EMNLP 2020: Findings of the Association for Computational Linguistics, pp. 1536\u20131547. Association for Computational Linguistics (2020). https:\/\/doi.org\/10.18653\/v1\/2020.findings-emnlp.139","DOI":"10.18653\/v1\/2020.findings-emnlp.139"},{"key":"4_CR16","doi-asserted-by":"publisher","unstructured":"Arshad, S., Abid, S., Shamail, S.: CodeBERT for code clone detection: a replication study. In: 2022 IEEE 16th International Workshop on Software Clones (IWSC), pp. 39\u201345 (2022). https:\/\/doi.org\/10.1109\/IWSC55060.2022.00015","DOI":"10.1109\/IWSC55060.2022.00015"},{"key":"4_CR17","unstructured":"Lu, S., et al.: CodeXGLUE: a machine learning benchmark dataset for code understanding and generation. In: Thirty-fifth Conference on Neural Information Processing Systems Datasets and Benchmarks Track (Round 1) (2021). https:\/\/openreview.net\/forum?id=6lE4dQXaUcb"},{"key":"4_CR18","doi-asserted-by":"publisher","unstructured":"Chakraborty, S., Ahmed, T., Ding, Y., Devanbu, P.T., Ray, B.: NatGen: generative pre-training by \u2018naturalizing\u2019 source code. In: ESEC\/FSE 2022,Proceedings of the 30th ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering, pp. 18\u201330. Association for Computing Machinery, New York, NY, USA (2022). https:\/\/doi.org\/10.1145\/3540250.3549162","DOI":"10.1145\/3540250.3549162"},{"key":"4_CR19","unstructured":"Hu, E.J., et al.: LoRA: low-rank adaptation of large language models. In: International Conference on Learning Representations (2022). https:\/\/openreview.net\/forum?id=nZeVKeeFYf9"},{"key":"4_CR20","doi-asserted-by":"publisher","unstructured":"Li, Z., et al.: VulDeePecker: a deep learning-based system for vulnerability detection (2018). https:\/\/doi.org\/10.14722\/ndss.2018.23158","DOI":"10.14722\/ndss.2018.23158"},{"issue":"5","key":"4_CR21","doi-asserted-by":"publisher","first-page":"2224","DOI":"10.1109\/TDSC.2019.2942930","volume":"18","author":"D Zou","year":"2021","unstructured":"Zou, D., Wang, S., Xu, S., Li, Z., Jin, H.: \u03bc\u03bcVulDeePecker: a deep learning-based system for multiclass vulnerability detection. IEEE Trans. Dependable Secure Comput.Comput. 18(5), 2224\u20132236 (2021). https:\/\/doi.org\/10.1109\/TDSC.2019.2942930","journal-title":"IEEE Trans. Dependable Secure Comput.Comput."},{"key":"4_CR22","doi-asserted-by":"publisher","unstructured":"Imgrund, E., Ganz, T., H\u00e4rterich, M., Pirch, L., Risse, N., Rieck, K.: Broken promises: measuring confounding effects in learning-based vulnerability discovery. In: AISec \u201923, Proceedings of the 16th ACM Workshop on Artificial Intelligence and Security, pp. 149\u2013160. Association for Computing Machinery, New York, NY, USA (2023). https:\/\/doi.org\/10.1145\/3605764.3623915","DOI":"10.1145\/3605764.3623915"},{"key":"4_CR23","unstructured":"Parr, T.: ANTLR (2024). https:\/\/www.antlr.org\/. Accessed 09 Apr 2024"},{"key":"4_CR24","unstructured":"grammars-v4\/cpp at master \u00b7 antlr\/grammars-v4 (2024). https:\/\/github.com\/antlr\/grammars-v4\/tree\/master\/cpp. Accessed 09 Apr 2024"},{"issue":"09","key":"4_CR25","doi-asserted-by":"publisher","first-page":"3280","DOI":"10.1109\/TSE.2021.3087402","volume":"48","author":"S Chakraborty","year":"2022","unstructured":"Chakraborty, S., Krishna, R., Ding, Y., Ray, B.: Deep learning based vulnerability detection: are we there yet? IEEE Trans. Software Eng. 48(09), 3280\u20133296 (2022). https:\/\/doi.org\/10.1109\/TSE.2021.3087402","journal-title":"IEEE Trans. Software Eng."}],"container-title":["Lecture Notes in Networks and Systems","Distributed Computing and Artificial Intelligence, Special Sessions I, 21st International Conference"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-76459-2_4","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,3,10]],"date-time":"2025-03-10T16:33:57Z","timestamp":1741624437000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-76459-2_4"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025]]},"ISBN":["9783031764585","9783031764592"],"references-count":25,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-76459-2_4","relation":{},"ISSN":["2367-3370","2367-3389"],"issn-type":[{"value":"2367-3370","type":"print"},{"value":"2367-3389","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025]]},"assertion":[{"value":"11 March 2025","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"DCAI","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Symposium on Distributed Computing and Artificial Intelligence","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Salamanca","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Spain","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2024","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"25 June 2024","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"27 June 2024","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"21","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"dcai2024","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/www.dcai-conference.net\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}