{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,1]],"date-time":"2025-11-01T09:37:03Z","timestamp":1761989823783,"version":"build-2065373602"},"reference-count":75,"publisher":"IEEE","license":[{"start":{"date-parts":[[2025,9,7]],"date-time":"2025-09-07T00:00:00Z","timestamp":1757203200000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2025,9,7]],"date-time":"2025-09-07T00:00:00Z","timestamp":1757203200000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2025,9,7]]},"DOI":"10.1109\/icsme64153.2025.00023","type":"proceedings-article","created":{"date-parts":[[2025,10,31]],"date-time":"2025-10-31T17:08:56Z","timestamp":1761930536000},"page":"1-10","source":"Crossref","is-referenced-by-count":1,"title":["Toward Realistic Evaluations of Just-In-Time Vulnerability Prediction"],"prefix":"10.1109","author":[{"given":"Duong","family":"Nguyen","sequence":"first","affiliation":[{"name":"Hanoi University of Science and Technology,School of Communication and Information Technology,Hanoi,Vietnam"}]},{"given":"Thanh","family":"Le-Cong","sequence":"additional","affiliation":[{"name":"The University of Melbourne,School of Computing and Information Systems,Melbourne,Australia"}]},{"given":"Triet Huynh Minh","family":"Le","sequence":"additional","affiliation":[{"name":"The University of Adelaide,School of Computer and Mathematical Sciences,Adelaide,Australia"}]},{"given":"M. Ali","family":"Babar","sequence":"additional","affiliation":[{"name":"The University of Adelaide,School of Computer and Mathematical Sciences,Adelaide,Australia"}]},{"given":"Quyet-Thang","family":"Huynh","sequence":"additional","affiliation":[{"name":"Hanoi University of Science and Technology,School of Communication and Information Technology,Hanoi,Vietnam"}]}],"member":"263","reference":[{"year":"2024","journal-title":"CrowdStrike","article-title":"Crowdstrike outage report","key":"ref1"},{"year":"2024","journal-title":"TechTarget","article-title":"Crowdstrike outage damage","key":"ref2"},{"doi-asserted-by":"publisher","key":"ref3","DOI":"10.1145\/2810103.2813604"},{"doi-asserted-by":"publisher","key":"ref4","DOI":"10.1016\/j.jss.2024.112014"},{"doi-asserted-by":"publisher","key":"ref5","DOI":"10.1007\/s10664-021-09944-w"},{"volume-title":"FFmpeg Project","article-title":"FFmpeg","key":"ref6"},{"volume-title":"Linux Kernel Organization","article-title":"Linux kernel","key":"ref7"},{"doi-asserted-by":"publisher","key":"ref8","DOI":"10.1145\/3540250.3549165"},{"doi-asserted-by":"publisher","key":"ref9","DOI":"10.1109\/ICCV.2017.324"},{"doi-asserted-by":"publisher","key":"ref10","DOI":"10.1613\/jair.1.11192"},{"issue":"1","key":"ref11","first-page":"179","article-title":"Addressing the curse of imbalanced training sets: one-sided selection","volume-title":"ICML","volume":"97","author":"Kubat","year":"1997"},{"year":"2025","author":"Nguyen","journal-title":"Replication package for \u201ctoward realistic evaluations of just-in-time vulnerability prediction","key":"ref12"},{"doi-asserted-by":"publisher","key":"ref13","DOI":"10.14722\/ndss.2018.23158"},{"doi-asserted-by":"publisher","key":"ref14","DOI":"10.1109\/SCAM.2007.31"},{"key":"ref15","first-page":"1","article-title":"Flawfinder: A modular system for predicting quality flaws in wikipedia","volume-title":"CLEF (Online Working Notes\/Labs\/Workshop)","author":"Ferschke","year":"2012"},{"key":"ref16","article-title":"Comparison of static application security testing tools and large language models for repo-level vulnerability detection","author":"Zhou","year":"2024","journal-title":"arXiv preprint"},{"doi-asserted-by":"publisher","key":"ref17","DOI":"10.1109\/TSE.2021.3087402"},{"doi-asserted-by":"publisher","key":"ref18","DOI":"10.1109\/TDSC.2021.3051525"},{"doi-asserted-by":"publisher","key":"ref19","DOI":"10.1145\/3661167.3661281"},{"year":"2024","author":"Chen","journal-title":"Improving data curation of software vulnerability patches through uncertainty quantification","key":"ref20"},{"doi-asserted-by":"publisher","key":"ref21","DOI":"10.1109\/GLOCOM.2017.8254428"},{"doi-asserted-by":"publisher","key":"ref22","DOI":"10.1145\/3611643.3616346"},{"doi-asserted-by":"publisher","key":"ref23","DOI":"10.1016\/j.jss.2022.111283"},{"doi-asserted-by":"publisher","key":"ref24","DOI":"10.1145\/3540250.3558936"},{"doi-asserted-by":"publisher","key":"ref25","DOI":"10.1109\/TSE.2023.3281275"},{"key":"ref26","article-title":"Mapping nvd records to their vfcs: How hard is it?","author":"Nguyen","year":"2025","journal-title":"arXiv preprint"},{"doi-asserted-by":"publisher","key":"ref27","DOI":"10.1109\/MSEC.2023.3343836"},{"doi-asserted-by":"publisher","key":"ref28","DOI":"10.1145\/3650212.3680305"},{"key":"ref29","article-title":"Devign: Effective vulnerability identification by learning comprehensive program semantics via graph neural networks","volume":"32","author":"Zhou","year":"2019","journal-title":"Advances in neural information processing systems"},{"doi-asserted-by":"publisher","key":"ref30","DOI":"10.1145\/1082983.1083147"},{"doi-asserted-by":"publisher","key":"ref31","DOI":"10.1145\/3510003.3510113"},{"doi-asserted-by":"publisher","key":"ref32","DOI":"10.1016\/j.infsof.2018.03.009"},{"key":"ref33","first-page":"1547","article-title":"A large-scale empirical study on vulnerability distribution within projects and the lessons learned","volume-title":"Proceedings of the ACM\/IEEE 42nd International Conference on Software Engineering","author":"Liu"},{"doi-asserted-by":"publisher","key":"ref34","DOI":"10.1109\/ICSE43902.2021.00049"},{"doi-asserted-by":"publisher","key":"ref35","DOI":"10.1109\/TSE.2024.3406718"},{"doi-asserted-by":"publisher","key":"ref36","DOI":"10.1109\/ICSE48619.2023.00022"},{"year":"2024","journal-title":"FFmpeg Project","article-title":"FFmpeg Official Website","key":"ref37"},{"year":"2024","journal-title":"FFmpeg Trac Wiki","key":"ref38"},{"year":"2024","journal-title":"Linux Kernel Organization","article-title":"Linux Kernel Official Website","key":"ref39"},{"year":"2024","journal-title":"Linux Kernel CVE Documentation","key":"ref40"},{"doi-asserted-by":"publisher","key":"ref41","DOI":"10.1109\/ASE.2006.23"},{"doi-asserted-by":"publisher","key":"ref42","DOI":"10.1145\/3180155.3182514"},{"doi-asserted-by":"publisher","key":"ref43","DOI":"10.1145\/3338906.3338941"},{"doi-asserted-by":"publisher","key":"ref44","DOI":"10.1145\/3524842.3528446"},{"year":"2024","journal-title":"National Institute of Standards and Technology (NIST)","article-title":"National Vulnerability Database (NVD)","key":"ref45"},{"year":"2022","journal-title":"National Vulnerability Database","article-title":"CVE-2022\u20133965","key":"ref46"},{"year":"2023","journal-title":"CVE-2023\u201352461","key":"ref47"},{"year":"2024","author":"Organization","journal-title":"Linux guide for submitting patches","key":"ref48"},{"doi-asserted-by":"publisher","key":"ref49","DOI":"10.1145\/3460319.3464819"},{"doi-asserted-by":"publisher","key":"ref50","DOI":"10.1109\/ICSE48619.2023.00094"},{"doi-asserted-by":"publisher","key":"ref51","DOI":"10.1109\/ACCESS.2024.3424276"},{"doi-asserted-by":"publisher","key":"ref52","DOI":"10.1109\/MSR.2019.00063"},{"doi-asserted-by":"publisher","key":"ref53","DOI":"10.1207\/s15327906mbr2401_1"},{"doi-asserted-by":"publisher","key":"ref54","DOI":"10.1186\/s12864-019-6413-7"},{"doi-asserted-by":"publisher","key":"ref55","DOI":"10.1016\/j.patrec.2020.03.030"},{"doi-asserted-by":"publisher","key":"ref56","DOI":"10.1145\/3524842.3528433"},{"doi-asserted-by":"publisher","key":"ref57","DOI":"10.1109\/TSE.2012.70"},{"doi-asserted-by":"publisher","key":"ref58","DOI":"10.1016\/j.infsof.2017.03.007"},{"doi-asserted-by":"publisher","key":"ref59","DOI":"10.1109\/MSR.2019.00016"},{"doi-asserted-by":"publisher","key":"ref60","DOI":"10.1145\/3524610.3527910"},{"doi-asserted-by":"publisher","key":"ref61","DOI":"10.1109\/SP.2014.44"},{"volume-title":"Joernio","article-title":"Joern","key":"ref62"},{"doi-asserted-by":"publisher","key":"ref63","DOI":"10.1145\/3383458"},{"doi-asserted-by":"publisher","key":"ref64","DOI":"10.18653\/v1\/2020.findings-emnlp.139"},{"doi-asserted-by":"publisher","key":"ref65","DOI":"10.1145\/1315245.1315311"},{"doi-asserted-by":"publisher","key":"ref66","DOI":"10.1007\/s10664-011-9190-8"},{"doi-asserted-by":"publisher","key":"ref67","DOI":"10.1109\/ASE56229.2023.00157"},{"doi-asserted-by":"publisher","key":"ref68","DOI":"10.1145\/3597503.3639116"},{"doi-asserted-by":"publisher","key":"ref69","DOI":"10.1109\/ICSE48619.2023.00211"},{"doi-asserted-by":"publisher","key":"ref70","DOI":"10.1145\/3674805.3686674"},{"doi-asserted-by":"publisher","key":"ref71","DOI":"10.1145\/3716167"},{"key":"ref72","first-page":"716","article-title":"Are latent vulnerabilities hidden gems for software vulnerability prediction? an empirical study","volume-title":"Proceedings of the 21st International Conference on Mining Software Repositories","author":"Le"},{"doi-asserted-by":"publisher","key":"ref73","DOI":"10.1109\/ASE51524.2021.9678622"},{"doi-asserted-by":"publisher","key":"ref74","DOI":"10.1145\/3529757"},{"doi-asserted-by":"publisher","key":"ref75","DOI":"10.1145\/3631974"}],"event":{"name":"2025 IEEE International Conference on Software Maintenance and Evolution (ICSME)","start":{"date-parts":[[2025,9,7]]},"location":"Auckland, New Zealand","end":{"date-parts":[[2025,9,12]]}},"container-title":["2025 IEEE International Conference on Software Maintenance and Evolution (ICSME)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx8\/11185055\/11185853\/11185080.pdf?arnumber=11185080","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,11,1]],"date-time":"2025-11-01T05:51:08Z","timestamp":1761976268000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/11185080\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,9,7]]},"references-count":75,"URL":"https:\/\/doi.org\/10.1109\/icsme64153.2025.00023","relation":{},"subject":[],"published":{"date-parts":[[2025,9,7]]}}}