{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,18]],"date-time":"2026-03-18T13:23:40Z","timestamp":1773840220585,"version":"3.50.1"},"reference-count":56,"publisher":"Institute of Electrical and Electronics Engineers (IEEE)","license":[{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/ieeexplore.ieee.org\/Xplorehelp\/downloads\/license-information\/IEEE.html"},{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"funder":[{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["62232013"],"award-info":[{"award-number":["62232013"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100001809","name":"Major Research Plan of the National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["92267204"],"award-info":[{"award-number":["92267204"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100001809","name":"Major Research Plan of the National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["92167203"],"award-info":[{"award-number":["92167203"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"name":"Natural Science Basis Research Plan in Shaanxi Province of China","award":["2022JM-338"],"award-info":[{"award-number":["2022JM-338"]}]},{"DOI":"10.13039\/501100012226","name":"Fundamental Research Funds for the Central Universities","doi-asserted-by":"publisher","award":["XJSJ23185"],"award-info":[{"award-number":["XJSJ23185"]}],"id":[{"id":"10.13039\/501100012226","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IEEE Trans.Inform.Forensic Secur."],"published-print":{"date-parts":[[2024]]},"DOI":"10.1109\/tifs.2023.3326985","type":"journal-article","created":{"date-parts":[[2023,10,23]],"date-time":"2023-10-23T13:58:15Z","timestamp":1698069495000},"page":"722-734","source":"Crossref","is-referenced-by-count":5,"title":["A Credential Usage Study: Flow-Aware Leakage Detection in Open-Source Projects"],"prefix":"10.1109","volume":"19","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-6859-6005","authenticated-orcid":false,"given":"Ruidong","family":"Han","sequence":"first","affiliation":[{"name":"School of Cyber Engineering, Xidian University, Xi’an, China"}]},{"given":"Huihui","family":"Gong","sequence":"additional","affiliation":[{"name":"Faculty of Engineering, The University of Sydney, Sydney, NSW, Australia"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-3479-5713","authenticated-orcid":false,"given":"Siqi","family":"Ma","sequence":"additional","affiliation":[{"name":"School of Engineering and Information System, University of New South Wales, Sydney, NSW, Australia"}]},{"given":"Juanru","family":"Li","sequence":"additional","affiliation":[{"name":"Zhiyuan College, Shanghai Jiao Tong University, Shanghai, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-4756-0609","authenticated-orcid":false,"given":"Chang","family":"Xu","sequence":"additional","affiliation":[{"name":"School of Computer Science, Faculty of Engineering and IT, The University of Sydney, Darlington, NSW, Australia"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-4029-7051","authenticated-orcid":false,"given":"Elisa","family":"Bertino","sequence":"additional","affiliation":[{"name":"Department of Computer Science, Purdue University, West Lafayette, IN, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-3289-6599","authenticated-orcid":false,"given":"Surya","family":"Nepal","sequence":"additional","affiliation":[{"name":"Commonwealth Scientific and Industrial Research, Sydney, NSW, Australia"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-6023-2864","authenticated-orcid":false,"given":"Zhuo","family":"Ma","sequence":"additional","affiliation":[{"name":"School of Cyber Engineering, Xidian University, Xi’an, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-4251-1143","authenticated-orcid":false,"given":"Jianfeng","family":"Ma","sequence":"additional","affiliation":[{"name":"School of Cyber Engineering, Xidian University, Xi’an, China"}]}],"member":"263","reference":[{"key":"ref1","doi-asserted-by":"publisher","DOI":"10.1109\/TITS.2017.2722688"},{"key":"ref2","doi-asserted-by":"publisher","DOI":"10.1007\/s00500-021-05929-5"},{"key":"ref3","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2022.3227753"},{"key":"ref4","first-page":"1","article-title":"Password guessing using random forest","volume-title":"Proc. 32nd USENIX Secur. Symp. (USENIX Security)","author":"Wang"},{"key":"ref5","first-page":"1","article-title":"No single silver bullet: Measuring the accuracy of password strength meters","volume-title":"Proc. 32nd USENIX Secur. Symp. (USENIX Security)","author":"Wang"},{"key":"ref6","doi-asserted-by":"publisher","DOI":"10.1109\/SP46214.2022.9833598"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-75160-3_19"},{"key":"ref8","doi-asserted-by":"publisher","DOI":"10.1109\/SP40001.2021.00010"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-29959-0_30"},{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.1109\/MSR.2019.00065"},{"key":"ref11","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE43902.2021.00148"},{"key":"ref12","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2019.23418"},{"key":"ref13","volume-title":"Git-Secrets\u2014Prevents you From Committing Passwords and Other Sensitive Information to a Git Repository"},{"key":"ref14","first-page":"1537","article-title":"Birthday, name and bifacialsecurity: Understanding passwords of Chinese web users","volume-title":"Proc. 28th USENIX Secur. Symp. (USENIX Security)","author":"Wang"},{"key":"ref15","volume-title":"Code Quality and Security for Java"},{"key":"ref16","volume-title":"A Tool Designed to Find Common Security Issues in Python Code"},{"key":"ref17","doi-asserted-by":"publisher","DOI":"10.1109\/DSN53405.2022.00055"},{"key":"ref18","doi-asserted-by":"publisher","DOI":"10.1145\/3510003.3510150"},{"key":"ref19","volume-title":"Detect-Secrets\u2014An Aptly Named Module for (Surprise) Detecting Secrets Within a Code Base"},{"key":"ref20","volume-title":"Shhgit\u2014Helps Secure Forward-Thinking Development, Operations, and Security Teams by Finding Secrets Across Their Code Before it Leads to a Security Breach"},{"key":"ref21","doi-asserted-by":"publisher","DOI":"10.1109\/CMC.2010.232"},{"key":"ref22","doi-asserted-by":"publisher","DOI":"10.1108\/IJPCC-05-2020-0035"},{"key":"ref23","volume-title":"Github Personal Access Tokens"},{"key":"ref24","volume-title":"Aws Access Tokens\u2014Use to Grant Your User Access to DDD, Change, or Delete User Attributes"},{"key":"ref25","volume-title":"Using Oauth 2.0 to Access Google Apis"},{"key":"ref26","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE.2019.00033"},{"key":"ref27","doi-asserted-by":"publisher","DOI":"10.1109\/ICSME.2019.00087"},{"key":"ref28","doi-asserted-by":"publisher","DOI":"10.1109\/ICMLA.2018.00120"},{"key":"ref29","first-page":"309","article-title":"NLP-EYE: Detecting memory corruptions via Semantic- Aware memory operation function identification","volume-title":"Proc. 22nd Int. Symp. Res. Attacks, Intrusions Defenses (RAID)","author":"Wang"},{"key":"ref30","doi-asserted-by":"publisher","DOI":"10.1109\/INNOVATIONS.2008.4781637"},{"key":"ref31","doi-asserted-by":"publisher","DOI":"10.3390\/app12052404"},{"key":"ref32","author":"Team","year":"2022","journal-title":"Codeql: The Libraries and Queries That Power Security Researchers Around the World"},{"key":"ref33","first-page":"1","article-title":"N-gram-based text categorization","volume-title":"Proc. 3rd Annu. Symp. Document Anal. Inf. Retr. (ASDAIR)","volume":"161175","author":"Cavnar"},{"key":"ref34","doi-asserted-by":"publisher","DOI":"10.1109\/TMI.2016.2528162"},{"key":"ref35","doi-asserted-by":"publisher","DOI":"10.1109\/SP40000.2020.00079"},{"key":"ref36","article-title":"Generative adversarial nets","volume-title":"Advances in Neural Information Processing Systems","volume":"27","author":"Goodfellow","year":"2014"},{"key":"ref37","first-page":"1","article-title":"Character-level convolutional networks for text classification","volume-title":"Proc. Adv. Neural Inf. Process. Syst.","volume":"28","author":"Zhang"},{"key":"ref38","doi-asserted-by":"publisher","DOI":"10.3115\/v1\/D14-1162"},{"key":"ref39","author":"Mikalauskas","year":"2021","journal-title":"Rockyou2021: Largest Password Compilation of all Time Leaked Online With 8.4 Billion Entries"},{"key":"ref40","volume-title":"Onepassword\u2014The Easiest way to Store and Use Strong Passwords. Log in to Sites and Fill Forms Securely With a Single Click"},{"key":"ref41","volume-title":"Gitleaks\u2014A Sast Tool for Detecting and Preventing Hardcoded Secrets Like Passwords, Api Keys, and Tokens in Git Repos"},{"key":"ref42","doi-asserted-by":"publisher","DOI":"10.1145\/502059.502041"},{"key":"ref43","first-page":"1","article-title":"FlawFinder: A modular system for predicting quality flaws in Wikipedia","volume-title":"Proc. Online Work. Notes\/Labs\/Workshop (CLEF)","author":"Ferschke"},{"key":"ref44","doi-asserted-by":"publisher","DOI":"10.1016\/j.procs.2020.04.217"},{"key":"ref45","first-page":"1199","article-title":"Code-based vulnerability detection in Node.Js applications: How far are we?","volume-title":"Proc. 35th IEEE\/ACM Int. Conf. Automated Softw. Eng. (ASE)","author":"Chinthanet"},{"key":"ref46","doi-asserted-by":"publisher","DOI":"10.3390\/app10051692"},{"key":"ref47","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2020.3044773"},{"key":"ref48","doi-asserted-by":"publisher","DOI":"10.1109\/JPROC.2020.2993293"},{"key":"ref49","doi-asserted-by":"publisher","DOI":"10.1145\/3296979.3192412"},{"key":"ref50","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.13"},{"key":"ref51","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2017.62"},{"key":"ref52","doi-asserted-by":"publisher","DOI":"10.1145\/2991079.2991102"},{"key":"ref53","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-41579-2_12"},{"key":"ref54","doi-asserted-by":"publisher","DOI":"10.1109\/MDM.2015.69"},{"key":"ref55","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-55304-3_29"},{"key":"ref56","doi-asserted-by":"publisher","DOI":"10.1145\/3321705.3329818"}],"container-title":["IEEE Transactions on Information Forensics and Security"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/10206\/10319981\/10292698.pdf?arnumber=10292698","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,1,27]],"date-time":"2026-01-27T05:42:50Z","timestamp":1769492570000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/10292698\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024]]},"references-count":56,"URL":"https:\/\/doi.org\/10.1109\/tifs.2023.3326985","relation":{},"ISSN":["1556-6013","1556-6021"],"issn-type":[{"value":"1556-6013","type":"print"},{"value":"1556-6021","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024]]}}}