{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,17]],"date-time":"2025-11-17T20:48:42Z","timestamp":1763412522905,"version":"3.45.0"},"reference-count":293,"publisher":"Institute of Electrical and Electronics Engineers (IEEE)","license":[{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/legalcode"}],"funder":[{"DOI":"10.13039\/501100002322","name":"Coordena\u00e7\u00e3o de Aperfei\u00e7oamento de Pessoal de N\u00edvel Superior","doi-asserted-by":"publisher","id":[{"id":"10.13039\/501100002322","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IEEE Access"],"published-print":{"date-parts":[[2025]]},"DOI":"10.1109\/access.2025.3631363","type":"journal-article","created":{"date-parts":[[2025,11,10]],"date-time":"2025-11-10T18:49:34Z","timestamp":1762800574000},"page":"192263-192293","source":"Crossref","is-referenced-by-count":0,"title":["A Systematic Review on Detection, Repair, and Explanation of Vulnerabilities in Source Code Using Large Language Models"],"prefix":"10.1109","volume":"13","author":[{"ORCID":"https:\/\/orcid.org\/0009-0007-1607-4863","authenticated-orcid":false,"given":"Lucas Bastos","family":"Germano","sequence":"first","affiliation":[{"name":"Military Institute of Engineering, Rio de Janeiro, Brazil"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-1688-0586","authenticated-orcid":false,"given":"Ronaldo Ribeiro","family":"Goldschmidt","sequence":"additional","affiliation":[{"name":"Military Institute of Engineering, Rio de Janeiro, Brazil"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-4081-2647","authenticated-orcid":false,"given":"Ricardo Choren","family":"Noya","sequence":"additional","affiliation":[{"name":"Military Institute of Engineering, Rio de Janeiro, Brazil"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-6656-1247","authenticated-orcid":false,"given":"Julio Cesar","family":"Duarte","sequence":"additional","affiliation":[{"name":"Military Institute of Engineering, Rio de Janeiro, Brazil"}]}],"member":"263","reference":[{"volume-title":"2022 Accelerate State of Devops Report","year":"2022","key":"ref1"},{"key":"ref2","doi-asserted-by":"publisher","DOI":"10.1145\/3674805.3690750"},{"key":"ref3","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2018.23158"},{"volume-title":"Sonarqube: Continuous Inspection Tool","year":"2024","key":"ref4"},{"key":"ref5","first-page":"n71","article-title":"The PRISMA 2020 statement: An updated guideline for reporting systematic reviews","volume-title":"BMJ","volume":"372","author":"Page","year":"2021"},{"volume-title":"Glossary: Software Vulnerability","year":"2024","key":"ref6"},{"volume-title":"CVE-2022-0739 Detail. National Institute of Standards and Technology","year":"2022","key":"ref7"},{"volume-title":"Bookingpress < 1.0.11: Unauthenticated SQL Injection (cve-2022-0739)","year":"2022","key":"ref8"},{"volume-title":"SQL Injection Prevention Cheat Sheet","year":"2024","key":"ref9"},{"key":"ref10","article-title":"Attention is all you need","author":"Vaswani","year":"2017","journal-title":"arXiv:1706.03762"},{"key":"ref11","doi-asserted-by":"publisher","DOI":"10.48550\/arXiv.1810.04805"},{"key":"ref12","article-title":"GPT-4 technical report","volume-title":"arXiv:2303.08774","author":"Achiam","year":"2023"},{"key":"ref13","article-title":"Gemini: A family of highly capable multimodal models","author":"Anil","year":"2024","journal-title":"arXiv:2312.11805"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.18653\/v1\/2020.findings-emnlp.139"},{"key":"ref15","first-page":"471","article-title":"A robustly optimized BERT pre-training approach with post-training","volume-title":"Proc. 20th Chinese Nat. Conf. Computational Linguistics","author":"Zhuang"},{"key":"ref16","article-title":"Code llama: Open foundation models for code","author":"Rozi\u00e9re","year":"2023","journal-title":"arXiv:2308.12950"},{"volume-title":"Introducing Github Copilot, Your AI Pair Programmer","year":"2021","key":"ref17"},{"volume-title":"Introducing Amazon Codewhisperer, The ML-Powered Coding Companion","year":"2022","key":"ref18"},{"volume-title":"Announcing Tabnine\u2019s Next-Generation Code-Native AI Models","year":"2022","key":"ref19"},{"key":"ref20","doi-asserted-by":"publisher","DOI":"10.1145\/3641399.3641405"},{"key":"ref21","doi-asserted-by":"publisher","DOI":"10.1109\/WIECON-ECE60392.2023.10456393"},{"key":"ref22","doi-asserted-by":"publisher","DOI":"10.1145\/3696630.3728499"},{"key":"ref23","doi-asserted-by":"publisher","DOI":"10.1109\/TAI.2025.3544590"},{"key":"ref24","doi-asserted-by":"publisher","DOI":"10.1109\/SANER60148.2024.00063"},{"key":"ref25","doi-asserted-by":"publisher","DOI":"10.1109\/DSN-W65791.2025.00077"},{"key":"ref26","doi-asserted-by":"publisher","DOI":"10.3390\/electronics14132703"},{"key":"ref27","doi-asserted-by":"publisher","DOI":"10.1109\/SMARTCOMP65954.2025.00088"},{"key":"ref28","doi-asserted-by":"publisher","DOI":"10.3390\/electronics13132657"},{"key":"ref29","doi-asserted-by":"publisher","DOI":"10.14232\/actacyb.299667"},{"key":"ref30","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-85347-1_20"},{"key":"ref31","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2024.3396410"},{"issue":"3","key":"ref32","first-page":"51","article-title":"Using ChatGPT as a static application security testing tool","volume":"15","author":"Bakhshandeh","year":"2023","journal-title":"ISeCure"},{"key":"ref33","doi-asserted-by":"publisher","DOI":"10.1177\/10692509251368663"},{"key":"ref34","doi-asserted-by":"publisher","DOI":"10.1145\/3605098.3636003"},{"key":"ref35","doi-asserted-by":"publisher","DOI":"10.1145\/3714393.3726486"},{"key":"ref36","doi-asserted-by":"publisher","DOI":"10.1016\/j.infsof.2025.107764"},{"key":"ref37","doi-asserted-by":"publisher","DOI":"10.1002\/cpe.8292"},{"key":"ref38","doi-asserted-by":"publisher","DOI":"10.3897\/jucs.134739"},{"key":"ref39","doi-asserted-by":"publisher","DOI":"10.1109\/ISSRE62328.2024.00021"},{"key":"ref40","first-page":"1","article-title":"Detecting functionality-specific vulnerabilities via retrieving individual functionality-equivalent APIs in open-source repositories","volume-title":"Proc. 39th Eur. Conf. Object-Oriented Program.","volume":"333","author":"Chen"},{"key":"ref41","doi-asserted-by":"publisher","DOI":"10.1145\/3607199.3607242"},{"key":"ref42","doi-asserted-by":"publisher","DOI":"10.1016\/j.infsof.2024.107517"},{"key":"ref43","doi-asserted-by":"publisher","DOI":"10.1145\/3702973"},{"key":"ref44","doi-asserted-by":"publisher","DOI":"10.32604\/cmc.2025.061185"},{"key":"ref45","doi-asserted-by":"publisher","DOI":"10.3390\/fi17010033"},{"key":"ref46","doi-asserted-by":"publisher","DOI":"10.1109\/CSR61664.2024.10679444"},{"key":"ref47","doi-asserted-by":"publisher","DOI":"10.1109\/CITS61189.2024.10607982"},{"key":"ref48","doi-asserted-by":"publisher","DOI":"10.1109\/SANER64311.2025.00010"},{"key":"ref49","doi-asserted-by":"publisher","DOI":"10.1109\/ISSREW60843.2023.00058"},{"key":"ref50","doi-asserted-by":"publisher","DOI":"10.1109\/jbhi.2025.3544560"},{"key":"ref51","doi-asserted-by":"publisher","DOI":"10.1109\/ICSME58944.2024.00033"},{"key":"ref52","doi-asserted-by":"publisher","DOI":"10.1016\/j.jss.2025.112581"},{"key":"ref53","doi-asserted-by":"publisher","DOI":"10.1109\/DSN-W58399.2023.00025"},{"key":"ref54","doi-asserted-by":"publisher","DOI":"10.1016\/j.eswa.2025.126479"},{"key":"ref55","doi-asserted-by":"publisher","DOI":"10.1002\/stvr.1875"},{"key":"ref56","doi-asserted-by":"publisher","DOI":"10.1109\/TNSM.2023.3278311"},{"key":"ref57","doi-asserted-by":"publisher","DOI":"10.1007\/s00521-024-10892-x"},{"key":"ref58","doi-asserted-by":"publisher","DOI":"10.1007\/s10207-024-00965-2"},{"key":"ref59","doi-asserted-by":"publisher","DOI":"10.1109\/DCOSS-IoT61029.2024.00072"},{"key":"ref60","doi-asserted-by":"publisher","DOI":"10.1109\/CSNet64211.2024.10851734"},{"key":"ref61","doi-asserted-by":"publisher","DOI":"10.1109\/CARS61786.2024.10778769"},{"key":"ref62","doi-asserted-by":"publisher","DOI":"10.1007\/s40747-025-01782-3"},{"key":"ref63","doi-asserted-by":"publisher","DOI":"10.1117\/12.3035052"},{"key":"ref64","doi-asserted-by":"publisher","DOI":"10.23919\/JCC.ja.2023-0189"},{"key":"ref65","doi-asserted-by":"publisher","DOI":"10.1109\/ICFTIC64248.2024.10913127"},{"key":"ref66","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2025.3548168"},{"key":"ref67","doi-asserted-by":"publisher","DOI":"10.1145\/3524842.3528452"},{"key":"ref68","doi-asserted-by":"publisher","DOI":"10.5220\/0013156800003890"},{"key":"ref69","doi-asserted-by":"publisher","DOI":"10.1109\/SmartIndustryCon65166.2025.10986048"},{"key":"ref70","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-031-94855-8_3"},{"key":"ref71","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-031-76459-2_4"},{"key":"ref72","doi-asserted-by":"publisher","DOI":"10.1145\/3611643.3616304"},{"key":"ref73","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-031-70879-4_14"},{"key":"ref74","doi-asserted-by":"publisher","DOI":"10.1109\/ICCCNT61001.2024.10724230"},{"key":"ref75","doi-asserted-by":"publisher","DOI":"10.3390\/app14219697"},{"key":"ref76","doi-asserted-by":"publisher","DOI":"10.1109\/AEMCSE55572.2022.00058"},{"key":"ref77","doi-asserted-by":"publisher","DOI":"10.1016\/j.mlwa.2024.100598"},{"key":"ref78","doi-asserted-by":"publisher","DOI":"10.3390\/sym17071161"},{"key":"ref79","doi-asserted-by":"publisher","DOI":"10.1145\/3576915.3623175"},{"key":"ref80","doi-asserted-by":"publisher","DOI":"10.1145\/3524842.3527949"},{"key":"ref81","doi-asserted-by":"publisher","DOI":"10.1038\/s41598-025-05182-y"},{"key":"ref82","doi-asserted-by":"publisher","DOI":"10.1109\/CCWC62904.2025.10903869"},{"key":"ref83","doi-asserted-by":"publisher","DOI":"10.1109\/CSCWD64889.2025.11033291"},{"key":"ref84","doi-asserted-by":"publisher","DOI":"10.1109\/TPS-ISA58951.2023.00044"},{"key":"ref85","doi-asserted-by":"publisher","DOI":"10.1038\/s41598-024-56871-z"},{"key":"ref86","doi-asserted-by":"publisher","DOI":"10.1109\/DSN64029.2025.00047"},{"key":"ref87","doi-asserted-by":"publisher","DOI":"10.1016\/j.jisa.2025.104125"},{"key":"ref88","doi-asserted-by":"publisher","DOI":"10.1007\/978-981-97-5101-3_23"},{"key":"ref89","doi-asserted-by":"publisher","DOI":"10.1109\/EuroSP57164.2023.00018"},{"key":"ref90","doi-asserted-by":"publisher","DOI":"10.1109\/ICI60088.2023.10421047"},{"key":"ref91","doi-asserted-by":"publisher","DOI":"10.1007\/s10618-023-00981-1"},{"key":"ref92","doi-asserted-by":"publisher","DOI":"10.1145\/3671016.3671388"},{"key":"ref93","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-031-19211-1_11"},{"key":"ref94","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2024.3493245"},{"key":"ref95","doi-asserted-by":"publisher","DOI":"10.1109\/ICCC59590.2023.10507306"},{"key":"ref96","doi-asserted-by":"publisher","DOI":"10.1007\/s11432-024-4402-2"},{"key":"ref97","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-031-92882-6_12"},{"key":"ref98","doi-asserted-by":"publisher","DOI":"10.1109\/ICoCSETI63724.2025.11019687"},{"key":"ref99","doi-asserted-by":"publisher","DOI":"10.1109\/ICST62969.2025.10988968"},{"key":"ref100","doi-asserted-by":"publisher","DOI":"10.1109\/TPS-ISA62245.2024.00022"},{"key":"ref101","doi-asserted-by":"publisher","DOI":"10.1109\/PlatCon63925.2024.10830749"},{"key":"ref102","doi-asserted-by":"publisher","DOI":"10.1109\/ISSREW55968.2022.00042"},{"key":"ref103","doi-asserted-by":"publisher","DOI":"10.1109\/RICAI64321.2024.10911761"},{"key":"ref104","doi-asserted-by":"publisher","DOI":"10.1109\/SCAM59687.2023.00024"},{"key":"ref105","doi-asserted-by":"publisher","DOI":"10.1109\/COMP-SIF65618.2025.10969955"},{"key":"ref106","doi-asserted-by":"publisher","DOI":"10.1109\/GLOBECOM54140.2023.10437295"},{"key":"ref107","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2024.3482389"},{"key":"ref108","first-page":"187","article-title":"A source code vulnerability detection method based on adaptive graph neural networks","volume-title":"Proc. 39th IEEE\/ACM Int. Conf. Automated Softw. Eng. Workshops (ASEW)","author":"Chen"},{"key":"ref109","doi-asserted-by":"publisher","DOI":"10.1109\/ICSME58944.2024.00060"},{"key":"ref110","doi-asserted-by":"publisher","DOI":"10.1109\/ESEM56168.2023.10304857"},{"key":"ref111","doi-asserted-by":"publisher","DOI":"10.1109\/CSCWD61410.2024.10580616"},{"key":"ref112","doi-asserted-by":"publisher","DOI":"10.1109\/DLCV65218.2025.11088821"},{"key":"ref113","doi-asserted-by":"publisher","DOI":"10.1109\/iThings-GreenCom-CPSCom-SmartData-Cybermatics62450.2024.00037"},{"key":"ref114","doi-asserted-by":"publisher","DOI":"10.1109\/ICASSP49660.2025.10887736"},{"key":"ref115","doi-asserted-by":"publisher","DOI":"10.1109\/TrustCom56396.2022.00046"},{"key":"ref116","doi-asserted-by":"publisher","DOI":"10.1016\/j.jisa.2024.103925"},{"key":"ref117","doi-asserted-by":"publisher","DOI":"10.1016\/j.infsof.2024.107458"},{"key":"ref118","doi-asserted-by":"publisher","DOI":"10.1145\/3597503.3639142"},{"key":"ref119","doi-asserted-by":"publisher","DOI":"10.1109\/DSC59305.2023.00041"},{"key":"ref120","doi-asserted-by":"publisher","DOI":"10.1109\/APSEC60848.2023.00052"},{"key":"ref121","doi-asserted-by":"publisher","DOI":"10.1016\/j.jss.2024.112031"},{"key":"ref122","doi-asserted-by":"publisher","DOI":"10.1109\/Blockchain62396.2024.00021"},{"key":"ref123","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE55347.2025.00027"},{"key":"ref124","doi-asserted-by":"publisher","DOI":"10.1109\/ISDFS65363.2025.11012039"},{"key":"ref125","doi-asserted-by":"publisher","DOI":"10.1109\/MILCOM61039.2024.10774025"},{"key":"ref126","doi-asserted-by":"publisher","DOI":"10.1109\/QRS57517.2022.00015"},{"key":"ref127","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2024.104151"},{"key":"ref128","doi-asserted-by":"publisher","DOI":"10.5220\/0012707900003687"},{"key":"ref129","doi-asserted-by":"publisher","DOI":"10.1109\/Blockchain62396.2024.00013"},{"key":"ref130","doi-asserted-by":"publisher","DOI":"10.1109\/llm4code66737.2025.00008"},{"key":"ref131","doi-asserted-by":"publisher","DOI":"10.1016\/j.jss.2025.112455"},{"key":"ref132","doi-asserted-by":"publisher","DOI":"10.1145\/3510454.3516865"},{"key":"ref133","doi-asserted-by":"publisher","DOI":"10.1109\/CSR57506.2023.10224924"},{"key":"ref134","doi-asserted-by":"publisher","DOI":"10.5220\/0013346600003928"},{"key":"ref135","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE55347.2025.00230"},{"key":"ref136","doi-asserted-by":"publisher","DOI":"10.1109\/LLM4Code66737.2025.00009"},{"key":"ref137","doi-asserted-by":"publisher","DOI":"10.1109\/scam59687.2023.00026"},{"key":"ref138","doi-asserted-by":"publisher","DOI":"10.1007\/s10207-024-00901-4"},{"key":"ref139","doi-asserted-by":"publisher","DOI":"10.1109\/IC3ECSBHI63591.2025.10991300"},{"key":"ref140","doi-asserted-by":"publisher","DOI":"10.1007\/s10664-023-10405-9"},{"key":"ref141","doi-asserted-by":"publisher","DOI":"10.3390\/app15126651"},{"key":"ref142","doi-asserted-by":"publisher","DOI":"10.1007\/s11227-025-07198-7"},{"key":"ref143","doi-asserted-by":"publisher","DOI":"10.1109\/SDS66131.2025.00019"},{"key":"ref144","doi-asserted-by":"publisher","DOI":"10.1109\/CAI64502.2025.00161"},{"key":"ref145","doi-asserted-by":"publisher","DOI":"10.1109\/NETCRYPT65877.2025.11102750"},{"key":"ref146","doi-asserted-by":"publisher","DOI":"10.1007\/s10515-024-00438-9"},{"key":"ref147","doi-asserted-by":"publisher","DOI":"10.1109\/BigData62323.2024.10825609"},{"key":"ref148","doi-asserted-by":"publisher","DOI":"10.1109\/USBEREIT61901.2024.10583974"},{"key":"ref149","doi-asserted-by":"publisher","DOI":"10.1109\/ICAMAC62387.2024.10828788"},{"key":"ref150","doi-asserted-by":"publisher","DOI":"10.1109\/DSC59305.2023.00038"},{"key":"ref151","doi-asserted-by":"publisher","DOI":"10.57019\/jmv.1489060"},{"key":"ref152","first-page":"1","article-title":"SELLM: An integrated tool leveraging symbolic execution and LLMS for smart contract vulnerability detection","volume-title":"Proc. 21st Int. Comput. Conf. Wavelet Act. Media Technol. Inf. Process. (ICCWAMTIP)","author":"Yang"},{"key":"ref153","doi-asserted-by":"publisher","DOI":"10.1109\/ICDSCA63855.2024.10859408"},{"key":"ref154","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2025.3546700"},{"key":"ref155","first-page":"142","article-title":"Greening large language models of code","volume-title":"Proc. IEEE\/ACM 46th Int. Conf. Softw. Eng.","author":"Shi"},{"key":"ref156","doi-asserted-by":"publisher","DOI":"10.1109\/ACSACW65225.2024.00031"},{"key":"ref157","doi-asserted-by":"publisher","DOI":"10.1007\/s41870-024-01775-4"},{"key":"ref158","doi-asserted-by":"publisher","DOI":"10.1016\/j.jss.2025.112406"},{"key":"ref159","doi-asserted-by":"publisher","DOI":"10.1145\/3715758"},{"key":"ref160","doi-asserted-by":"publisher","DOI":"10.1145\/3597503.3623345"},{"key":"ref161","doi-asserted-by":"publisher","DOI":"10.1016\/j.iot.2024.101362"},{"key":"ref162","doi-asserted-by":"publisher","DOI":"10.1145\/3597503.3639117"},{"key":"ref163","doi-asserted-by":"publisher","DOI":"10.1109\/ICCC59590.2023.10507456"},{"key":"ref164","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2025.3541146"},{"key":"ref165","doi-asserted-by":"publisher","DOI":"10.1016\/j.jss.2023.111623"},{"key":"ref166","doi-asserted-by":"publisher","DOI":"10.1038\/s41598-023-47219-0"},{"key":"ref167","doi-asserted-by":"publisher","DOI":"10.15588\/1607-3274-2024-3-15"},{"key":"ref168","doi-asserted-by":"publisher","DOI":"10.1145\/3564625.3567985"},{"key":"ref169","doi-asserted-by":"publisher","DOI":"10.1145\/3617555.3617874"},{"key":"ref170","doi-asserted-by":"publisher","DOI":"10.1109\/AST66626.2025.00020"},{"key":"ref171","doi-asserted-by":"publisher","DOI":"10.1109\/CDMA61895.2025.00034"},{"key":"ref172","doi-asserted-by":"publisher","DOI":"10.1007\/s10515-024-00413-4"},{"key":"ref173","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2024.103994"},{"key":"ref174","doi-asserted-by":"publisher","DOI":"10.1007\/s10515-025-00507-7"},{"key":"ref175","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2025.3597319"},{"key":"ref176","doi-asserted-by":"publisher","DOI":"10.1007\/s12083-025-02073-x"},{"key":"ref177","doi-asserted-by":"publisher","DOI":"10.1145\/3650212.3652124"},{"key":"ref178","doi-asserted-by":"publisher","DOI":"10.3390\/sym16101381"},{"key":"ref179","first-page":"393","article-title":"Effective vulnerable function identification based on CVE description empowered by large language models","volume-title":"Proc. 39th IEEE\/ACM Int. Conf. Automated Softw. Eng.","author":"Wu"},{"key":"ref180","doi-asserted-by":"publisher","DOI":"10.1145\/3728875"},{"key":"ref181","doi-asserted-by":"publisher","DOI":"10.1109\/CISCE62493.2024.10653337"},{"key":"ref182","doi-asserted-by":"publisher","DOI":"10.1007\/s10207-025-00983-8"},{"key":"ref183","doi-asserted-by":"publisher","DOI":"10.1016\/j.compeleceng.2025.110096"},{"key":"ref184","doi-asserted-by":"publisher","DOI":"10.1109\/ICCECE65250.2025.10985370"},{"key":"ref185","doi-asserted-by":"publisher","DOI":"10.1109\/ICCNEA57056.2022.00041"},{"key":"ref186","doi-asserted-by":"publisher","DOI":"10.1109\/TrustCom60117.2023.00129"},{"key":"ref187","doi-asserted-by":"publisher","DOI":"10.1109\/JIOT.2024.3459921"},{"key":"ref188","doi-asserted-by":"publisher","DOI":"10.32604\/cmes.2023.026627"},{"key":"ref189","doi-asserted-by":"publisher","DOI":"10.1145\/3649814"},{"key":"ref190","doi-asserted-by":"publisher","DOI":"10.1145\/3651655.3651658"},{"key":"ref191","doi-asserted-by":"publisher","DOI":"10.1145\/3715738"},{"key":"ref192","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2024.3470333"},{"key":"ref193","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE55347.2025.00214"},{"key":"ref194","doi-asserted-by":"publisher","DOI":"10.1155\/2022\/5203217"},{"key":"ref195","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE48619.2023.00190"},{"key":"ref196","doi-asserted-by":"publisher","DOI":"10.1109\/ISSRE59848.2023.00030"},{"key":"ref197","doi-asserted-by":"publisher","DOI":"10.1145\/3728878"},{"key":"ref198","doi-asserted-by":"publisher","DOI":"10.1109\/ICPADS60453.2023.00101"},{"key":"ref199","doi-asserted-by":"publisher","DOI":"10.1002\/nem.2198"},{"key":"ref200","doi-asserted-by":"publisher","DOI":"10.1007\/978-981-97-0859-8_3"},{"key":"ref201","doi-asserted-by":"publisher","DOI":"10.1109\/TR.2024.3521381"},{"key":"ref202","doi-asserted-by":"publisher","DOI":"10.1109\/CISCE65916.2025.11065803"},{"key":"ref203","doi-asserted-by":"publisher","DOI":"10.1109\/APSIPAASC63619.2025.10849117"},{"key":"ref204","doi-asserted-by":"publisher","DOI":"10.1109\/ACAI63924.2024.10899694"},{"key":"ref205","doi-asserted-by":"publisher","DOI":"10.1145\/3639476.3639762"},{"key":"ref206","doi-asserted-by":"publisher","DOI":"10.1109\/AINIT65432.2025.11035424"},{"key":"ref207","doi-asserted-by":"publisher","DOI":"10.1109\/ISSRE59848.2023.00024"},{"key":"ref208","doi-asserted-by":"publisher","DOI":"10.1109\/ACSAC63791.2024.00086"},{"key":"ref209","doi-asserted-by":"publisher","DOI":"10.1016\/j.infsof.2025.107786"},{"key":"ref210","doi-asserted-by":"publisher","DOI":"10.1109\/ISEAE64934.2025.11041756"},{"key":"ref211","doi-asserted-by":"publisher","DOI":"10.1016\/j.engappai.2024.109291"},{"key":"ref212","doi-asserted-by":"publisher","DOI":"10.1109\/SANER64311.2025.00026"},{"key":"ref213","doi-asserted-by":"publisher","DOI":"10.1145\/3540250.3549098"},{"key":"ref214","doi-asserted-by":"publisher","DOI":"10.1016\/j.future.2024.107671"},{"key":"ref215","doi-asserted-by":"publisher","DOI":"10.1109\/DSN-W54100.2022.00027"},{"key":"ref216","doi-asserted-by":"publisher","DOI":"10.1145\/3664646.3664770"},{"key":"ref217","doi-asserted-by":"publisher","DOI":"10.1145\/3589335.3651463"},{"key":"ref218","first-page":"1","article-title":"Out of sight, out of mind: Better automatic vulnerability repair by broadening input ranges and sources","volume-title":"Proc. IEEE\/ACM 46th Int. Conf. Softw. Eng.","author":"Zhou"},{"key":"ref219","first-page":"2350","article-title":"ContractTinker: LLM-empowered vulnerability repair for real-world smart contracts","volume-title":"Proc. 39th IEEE\/ACM Int. Conf. Automated Softw. Eng.","author":"Wang"},{"key":"ref220","doi-asserted-by":"publisher","DOI":"10.1145\/3597926.3598135"},{"key":"ref221","doi-asserted-by":"publisher","DOI":"10.1145\/3643651.3659892"},{"key":"ref222","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2023.3308897"},{"key":"ref223","first-page":"1932","article-title":"VulAdvisor: Natural language suggestion generation for software vulnerability repair","volume-title":"Proc. 39th IEEE\/ACM Int. Conf. Automated Softw. Eng.","author":"Zhang"},{"key":"ref224","doi-asserted-by":"publisher","DOI":"10.1109\/tse.2022.3147265"},{"key":"ref225","doi-asserted-by":"publisher","DOI":"10.5220\/0013379200003890"},{"key":"ref226","article-title":"Captum: A unified and generic model interpretability library for PyTorch","author":"Kokhlikyan","year":"2020","journal-title":"arXiv:2009.07896"},{"key":"ref227","doi-asserted-by":"publisher","DOI":"10.1016\/j.infsof.2023.107221"},{"volume-title":"Machine Learning for Vulnerability Discovery","year":"2018","author":"Ballestas","key":"ref228"},{"key":"ref229","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE55347.2025.00038"},{"key":"ref230","doi-asserted-by":"publisher","DOI":"10.1145\/3732365.3732421"},{"key":"ref231","article-title":"DistilBERT, a distilled version of BERT: Smaller, faster, cheaper and lighter","author":"Sanh","year":"2019","journal-title":"arXiv:1910.01108"},{"key":"ref232","first-page":"4171","article-title":"Bert: Pre-training of deep bidirectional transformers for language understanding","volume-title":"Proc. Conf. North Amer. Chapter Assoc. Comput. Linguistics Human Lang. Technol. (NAACL-HLT)","author":"Devlin"},{"key":"ref233","first-page":"18","article-title":"Graphcodebert: Pre-training code representations with data flow","volume-title":"Proc. 9th Int. Conf. Learn. Represent. (ICLR)","author":"Guo"},{"key":"ref234","first-page":"20378","article-title":"Movement pruning: Adaptive sparsity by fine-tuning","volume-title":"Proc. Adv. Neural Inf. Process. Syst. (NeurIPS)","volume":"33","author":"Sanh"},{"key":"ref235","doi-asserted-by":"publisher","DOI":"10.1109\/icse48619.2023.00207"},{"key":"ref236","doi-asserted-by":"publisher","DOI":"10.1145\/3708522"},{"key":"ref237","first-page":"1877","article-title":"Language models are few-shot learners","volume-title":"Proc. Adv. Neural Inf. Process. Syst.","volume":"33","author":"Brown"},{"key":"ref238","article-title":"Evaluating large language models trained on code","author":"Chen","year":"2021","journal-title":"arXiv:2107.03374"},{"volume-title":"GPT-4 Technical Report","year":"2023","key":"ref239"},{"volume-title":"OpenAI\u2019s GPT-3.5, GPT-4 Turbo, GPT-4o, GPT-O1, and GPT-O1-Mini (Model Series)","year":"2025","key":"ref240"},{"key":"ref241","article-title":"Llama 2: Open foundation and fine-tuned chat models","author":"Touvron","year":"2023","journal-title":"arXiv:2307.09288"},{"key":"ref242","article-title":"The llama 3 herd of models","author":"Grattafiori","year":"2024","journal-title":"arXiv:2407.21783"},{"issue":"140","key":"ref243","first-page":"1","article-title":"Exploring the limits of transfer learning with a unified text-to-text transformer","volume":"21","author":"Raffel","year":"2022","journal-title":"J. Mach. Learn. Res."},{"key":"ref244","first-page":"8696","article-title":"CodeT5: Identifier-aware unified pre-trained encoder\u2013decoder models for code understanding and generation","volume-title":"Proc. Conf. Empirical Methods Natural Lang. Process.","author":"Wang"},{"key":"ref245","doi-asserted-by":"publisher","DOI":"10.18653\/v1\/2023.emnlp-main.68"},{"key":"ref246","article-title":"DeepSeek-r1: Incentivizing reasoning capability in LLMs via reinforcement learning","author":"Guo","year":"2025","journal-title":"arXiv:2501.12948"},{"key":"ref247","article-title":"DeepSeek-V3 technical report","volume-title":"arXiv:2412.19437","author":"Liu","year":"2024"},{"key":"ref248","article-title":"DeepSeek-coder: When the large language model meets programming - the rise of code intelligence","author":"Guo","year":"2024","journal-title":"arXiv:2401.14196"},{"volume-title":"Accessed","year":"2025","author":"Knight","key":"ref249"},{"volume-title":"Accessed","year":"2025","author":"Tan","key":"ref250"},{"volume-title":"The Top Programming Languages 2024","year":"2024","author":"Cass","key":"ref251"},{"key":"ref252","article-title":"ILibScope: Reliable third-party library detection for iOS mobile apps","author":"Guo","year":"2022","journal-title":"arXiv:2207.01837"},{"key":"ref253","doi-asserted-by":"publisher","DOI":"10.3390\/app13179710"},{"key":"ref254","doi-asserted-by":"publisher","DOI":"10.1145\/3379597.3387501"},{"key":"ref255","article-title":"CodeXGLUE: A machine learning benchmark dataset for code understanding and generation","author":"Lu","year":"2021","journal-title":"arXiv:2102.04664"},{"key":"ref256","article-title":"Devign: Effective vulnerability identification by learning comprehensive program semantics via graph neural networks","author":"Zhou","year":"2019","journal-title":"arXiv:1909.03496"},{"volume-title":"Software Assurance Reference Dataset (SARD)","year":"2024","key":"ref257"},{"key":"ref258","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2021.3087402"},{"key":"ref259","doi-asserted-by":"publisher","DOI":"10.1145\/3475960.3475985"},{"key":"ref260","doi-asserted-by":"publisher","DOI":"10.1109\/IJCNN55064.2022.9892280"},{"key":"ref261","doi-asserted-by":"publisher","DOI":"10.1109\/ICMLA.2018.00120"},{"key":"ref262","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE-SEIP52600.2021.00020"},{"key":"ref263","doi-asserted-by":"publisher","DOI":"10.1109\/tdsc.2021.3051525"},{"key":"ref264","doi-asserted-by":"publisher","DOI":"10.1109\/tdsc.2019.2942930"},{"key":"ref265","doi-asserted-by":"publisher","DOI":"10.1007\/s00521-021-05954-3"},{"key":"ref266","doi-asserted-by":"publisher","DOI":"10.1109\/TII.2018.2821768"},{"key":"ref267","doi-asserted-by":"publisher","DOI":"10.1145\/3617555.3617874"},{"key":"ref268","doi-asserted-by":"publisher","DOI":"10.1145\/3639478.3647634"},{"key":"ref269","doi-asserted-by":"publisher","DOI":"10.1145\/3377811.3380364"},{"key":"ref270","doi-asserted-by":"publisher","DOI":"10.1109\/tkde.2021.3095196"},{"key":"ref271","doi-asserted-by":"publisher","DOI":"10.1145\/3395363.3397385"},{"key":"ref272","doi-asserted-by":"publisher","DOI":"10.1145\/3543507.3583367"},{"key":"ref273","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2023.3237370"},{"key":"ref274","article-title":"ScrawlD: A dataset of real world Ethereum smart contracts labelled with vulnerabilities","author":"Yashavant","year":"2022","journal-title":"arXiv:2202.11409"},{"volume-title":"OWASP Benchmark Project","year":"2024","key":"ref275"},{"key":"ref276","doi-asserted-by":"publisher","DOI":"10.1145\/3524842.3528482"},{"key":"ref277","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-85347-1_20"},{"key":"ref278","doi-asserted-by":"publisher","DOI":"10.1145\/3549035.3561184"},{"key":"ref279","doi-asserted-by":"publisher","DOI":"10.1145\/3590777.3590780"},{"key":"ref280","first-page":"121","article-title":"Data quality for software vulnerability datasets","volume-title":"Proc. IEEE\/ACM 45th Int. Conf. Softw. Eng. (ICSE)","author":"Russell"},{"key":"ref281","doi-asserted-by":"publisher","DOI":"10.3115\/1073083.1073135"},{"key":"ref282","article-title":"CodeBLEU: A method for automatic evaluation of code synthesis","author":"Ren","year":"2020","journal-title":"arXiv:2009.10297"},{"key":"ref283","first-page":"68772","article-title":"LLM evaluators recognize and favor their own generations","volume-title":"Proc. Int. Conf. Neural Inf. Process. Syst.","author":"Panickssery"},{"key":"ref284","doi-asserted-by":"publisher","DOI":"10.1109\/CVPRW67362.2025.00403"},{"key":"ref285","first-page":"7066","article-title":"ReConcile: Round-table conference improves reasoning via consensus among diverse LLMs","volume-title":"Proc. 62nd Annu. Meeting Assoc. Comput. Linguistics","author":"Chen"},{"key":"ref286","doi-asserted-by":"publisher","DOI":"10.18653\/v1\/2022.findings-emnlp.38"},{"key":"ref287","first-page":"125","article-title":"Unifying the perspectives of NLP and software engineering: A survey on language models for code","author":"Zhang","year":"2023","journal-title":"Trans. Mach. Learn. Res."},{"key":"ref288","doi-asserted-by":"publisher","DOI":"10.1145\/3695988"},{"key":"ref289","doi-asserted-by":"publisher","DOI":"10.1016\/j.hcc.2024.100211"},{"key":"ref290","doi-asserted-by":"publisher","DOI":"10.1109\/IC2SDT62152.2024.10696131"},{"key":"ref291","doi-asserted-by":"publisher","DOI":"10.1109\/ICAISC64594.2025.10959494"},{"key":"ref292","doi-asserted-by":"publisher","DOI":"10.1109\/ICAIBD64986.2025.11082007"},{"key":"ref293","doi-asserted-by":"publisher","DOI":"10.1007\/s10207-025-00992-7"}],"container-title":["IEEE Access"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx8\/6287639\/10820123\/11237115.pdf?arnumber=11237115","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,11,17]],"date-time":"2025-11-17T18:42:25Z","timestamp":1763404945000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/11237115\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025]]},"references-count":293,"URL":"https:\/\/doi.org\/10.1109\/access.2025.3631363","relation":{},"ISSN":["2169-3536"],"issn-type":[{"type":"electronic","value":"2169-3536"}],"subject":[],"published":{"date-parts":[[2025]]}}}