{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,5]],"date-time":"2025-10-05T04:25:00Z","timestamp":1759638300941},"reference-count":38,"publisher":"World Scientific Pub Co Pte Ltd","issue":"04","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Int. J. Semantic Computing"],"published-print":{"date-parts":[[2020,12]]},"abstract":"<jats:p> We present an empirical analysis of the source code of the Fluoride Bluetooth module, which is a part of standard Android OS distribution, by exhibiting a novel approach for classifying and scoring source code and vulnerability rating. Our workflow combines deep learning, combinatorial optimization, heuristics and machine learning. A combination of heuristics and deep learning is used to embed function (and method) labels into a low-dimensional Euclidean space. Because the corpus of the Fluoride source code is rather limited (containing approximately 12,000 functions), a straightforward embedding (using, e.g. code2vec) is untenable. To overcome the challenge of dearth of data, it is necessary to go through an intermediate step of Byte-Pair Encoding. Subsequently, we embed the tokens from which we assemble an embedding of function\/method labels. Long short-term memory network (LSTM) is used to embed tokens. The next step is to form a distance matrix consisting of the cosines between every pairs of vectors (function embedding) which in turn is interpreted as a (combinatorial) graph whose vertices represent functions, and edges correspond to entries whose value exceed some given threshold. Cluster-Editing is then applied to partition the vertex set of the graph into subsets representing \u201cdense graphs,\u201d that are nearly complete subgraphs. Finally, the vectors representing the components, plus additional heuristic-based features are used as features to model the components for vulnerability risk. <\/jats:p>","DOI":"10.1142\/s1793351x20500087","type":"journal-article","created":{"date-parts":[[2021,4,9]],"date-time":"2021-04-09T06:43:04Z","timestamp":1617950584000},"page":"501-516","source":"Crossref","is-referenced-by-count":10,"title":["Vulnerability Rating of Source Code with Token Embedding and Combinatorial Algorithms"],"prefix":"10.1142","volume":"14","author":[{"given":"Joseph R.","family":"Barr","sequence":"first","affiliation":[{"name":"Acronis SCS, Scottsdale, Arizona, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Peter","family":"Shaw","sequence":"additional","affiliation":[{"name":"Nanjing University of Information Science & Technology, Jiangsu, P.\u00a0R.\u00a0China"},{"name":"School of Child Health, Menzies Darwin, Australia"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Faisal N.","family":"Abu-Khzam","sequence":"additional","affiliation":[{"name":"Lebanese American Univ., Beirut, Lebanon"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Tyler","family":"Thatcher","sequence":"additional","affiliation":[{"name":"Acronis SCS, Scottsdale, Arizona, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Sheng","family":"Yu","sequence":"additional","affiliation":[{"name":"University of California, Riverside, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"219","published-online":{"date-parts":[[2021,4,8]]},"reference":[{"key":"S1793351X20500087BIB001","doi-asserted-by":"crossref","first-page":"80","DOI":"10.1109\/TransAI49837.2020.00017","volume-title":"2020 Second Int. Conf. Transdisciplinary AI","author":"Barr J. R.","year":"2020"},{"key":"S1793351X20500087BIB004","doi-asserted-by":"publisher","DOI":"10.1613\/jair.953"},{"issue":"2","key":"S1793351X20500087BIB005","first-page":"23","volume":"12","author":"Gage P.","year":"1994","journal-title":"C Users Journal"},{"key":"S1793351X20500087BIB008","first-page":"3111","volume":"26","author":"Mikolov T.","year":"2013","journal-title":"Adv. Neural Inf. Proc. Sys."},{"key":"S1793351X20500087BIB009","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/3290353","volume":"3","author":"Alon U.","year":"2019","journal-title":"Proc. ACM Program. Lang."},{"key":"S1793351X20500087BIB010","doi-asserted-by":"crossref","first-page":"105","DOI":"10.1007\/978-3-642-40585-3_14","volume":"8082","author":"Soutner M. L.","year":"2013","journal-title":"International Conference on Text, Speech and Dialogue Lecture Notes in Computer Science"},{"key":"S1793351X20500087BIB011","first-page":"1","volume-title":"Interspeech","author":"Sundermeyer M.","year":"2012"},{"key":"S1793351X20500087BIB012","first-page":"321","volume-title":"Proc. North American Chapter of the Association for Computational Linguistics: Human Language Technologies 2016","author":"Tran K.","year":"2016"},{"key":"S1793351X20500087BIB014","first-page":"1","volume-title":"Int. Conf. Learning Representations","author":"Alon U.","year":"2019"},{"key":"S1793351X20500087BIB015","first-page":"13","volume-title":"Proc. 16th Int. Conf. Mining Software Repositories","author":"Kovalenko V.","year":"2019"},{"key":"S1793351X20500087BIB017","first-page":"29","volume-title":"2019 First Int. Conf. Graph Computing","author":"Barr J. R.","year":"2019"},{"key":"S1793351X20500087BIB018","first-page":"12","volume-title":"Proc. 2005 ACM\/IEEE Conf. Supercomputing","author":"Zhang Y.","year":"2005"},{"issue":"5","key":"S1793351X20500087BIB019","doi-asserted-by":"crossref","first-page":"1199","DOI":"10.3390\/cancers12051199","volume":"12","author":"Jayaraj R.","year":"2020","journal-title":"Cancers"},{"journal-title":"Sentencepiece","year":"2020","author":"Sennrich R.","key":"S1793351X20500087BIB020"},{"key":"S1793351X20500087BIB021","first-page":"8024","volume-title":"Advances in Neural Information Processing Systems 32","author":"Paszke A.","year":"2019"},{"issue":"10","key":"S1793351X20500087BIB022","doi-asserted-by":"crossref","first-page":"S7","DOI":"10.1186\/1471-2105-13-S10-S7","volume":"13","author":"Jay J. J.","year":"2012","journal-title":"BMC Bioinf."},{"key":"S1793351X20500087BIB023","doi-asserted-by":"publisher","DOI":"10.1162\/neco.1997.9.8.1735"},{"key":"S1793351X20500087BIB024","doi-asserted-by":"publisher","DOI":"10.1089\/106652799318274"},{"key":"S1793351X20500087BIB025","doi-asserted-by":"publisher","DOI":"10.1016\/0020-0190(96)00050-6"},{"key":"S1793351X20500087BIB026","doi-asserted-by":"publisher","DOI":"10.1007\/s00224-004-1178-y"},{"issue":"8","key":"S1793351X20500087BIB027","doi-asserted-by":"crossref","first-page":"718","DOI":"10.1016\/j.tcs.2008.10.021","volume":"410","author":"Guo J.","year":"2009","journal-title":"Theo. Comput. Sci."},{"issue":"52","key":"S1793351X20500087BIB028","doi-asserted-by":"crossref","first-page":"5467","DOI":"10.1016\/j.tcs.2009.05.006","volume":"410","author":"B\u00f6cker S.","year":"2009","journal-title":"Theo. Comput. Sci."},{"key":"S1793351X20500087BIB029","doi-asserted-by":"crossref","first-page":"79","DOI":"10.1016\/j.jda.2012.04.005","volume":"16","author":"B\u00f6cker S.","year":"2012","journal-title":"J. Discrete Algorithms"},{"issue":"15","key":"S1793351X20500087BIB030","doi-asserted-by":"crossref","first-page":"2259","DOI":"10.1016\/j.dam.2012.05.019","volume":"160","author":"Komusiewicz C.","year":"2012","journal-title":"Discrete Appl. Math."},{"issue":"1","key":"S1793351X20500087BIB031","doi-asserted-by":"crossref","first-page":"152","DOI":"10.1007\/s00453-011-9595-1","volume":"64","author":"Cao Y.","year":"2012","journal-title":"Algorithmica"},{"key":"S1793351X20500087BIB032","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"171","DOI":"10.1007\/978-3-642-16926-7_17","volume-title":"Graph Theoretic Concepts in Computer Science \u2014 36th Int. Workshop","volume":"6410","author":"Heggernes P.","year":"2010"},{"issue":"1","key":"S1793351X20500087BIB033","doi-asserted-by":"crossref","first-page":"211","DOI":"10.1016\/j.jcss.2011.04.001","volume":"78","author":"Chen J.","year":"2012","journal-title":"J. Comput. Syst. Sci."},{"key":"S1793351X20500087BIB034","doi-asserted-by":"crossref","first-page":"26","DOI":"10.1016\/j.jda.2017.07.003","volume":"45","author":"Abu-Khzam F. N.","year":"2017","journal-title":"J. Discrete Algorithms"},{"key":"S1793351X20500087BIB035","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"136","DOI":"10.1007\/978-3-642-14553-7_15","volume-title":"4th Int. Workshop Proc. Frontiers in Algorithmics","volume":"6213","author":"Abu-Khzam F. N.","year":"2010"},{"issue":"3","key":"S1793351X20500087BIB036","doi-asserted-by":"crossref","first-page":"739","DOI":"10.1109\/TKDE.2013.25","volume":"26","author":"Tomasev N.","year":"2013","journal-title":"IEEE Trans. Knowl. Data Eng."},{"key":"S1793351X20500087BIB037","first-page":"1","volume-title":"Int. Conf. Research Trends in Science and Technology","author":"Abu-Khzam F. N.","year":"2005"},{"volume-title":"Addison Wesley Object Technology Series","year":"1999","author":"Fowler M.","key":"S1793351X20500087BIB038"},{"volume-title":"Refactoring: Improving the Design of Existing Code","year":"2018","author":"Fowler M.","key":"S1793351X20500087BIB039"},{"issue":"8","key":"S1793351X20500087BIB040","doi-asserted-by":"crossref","first-page":"575","DOI":"10.1080\/0094965031000136012","volume":"73","author":"Van der Laan M.","year":"2003","journal-title":"J. Statistic. Comput. Simul."},{"key":"S1793351X20500087BIB041","first-page":"1","volume-title":"Int. Symp. Combinatorial Optimization","author":"Abu-Khzam F. N.","year":"2018"},{"key":"S1793351X20500087BIB042","first-page":"163","volume-title":"Proc. Int. Conf. Management of Data","author":"Faloutsos C.","year":"1995"},{"key":"S1793351X20500087BIB043","first-page":"483","volume-title":"Pacific-Asia Conf. Knowledge Discovery and Data Mining Workshops","author":"Khan I.","year":"2014"},{"key":"S1793351X20500087BIB044","first-page":"167","volume-title":"Int. Conf. Parallel and Distributed Computing Systems (PDCS 2002)","author":"Abu-Khzam F. N.","year":"2002"}],"container-title":["International Journal of Semantic Computing"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.worldscientific.com\/doi\/pdf\/10.1142\/S1793351X20500087","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,4,9]],"date-time":"2021-04-09T06:43:38Z","timestamp":1617950618000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.worldscientific.com\/doi\/abs\/10.1142\/S1793351X20500087"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,12]]},"references-count":38,"journal-issue":{"issue":"04","published-print":{"date-parts":[[2020,12]]}},"alternative-id":["10.1142\/S1793351X20500087"],"URL":"https:\/\/doi.org\/10.1142\/s1793351x20500087","relation":{},"ISSN":["1793-351X","1793-7108"],"issn-type":[{"type":"print","value":"1793-351X"},{"type":"electronic","value":"1793-7108"}],"subject":[],"published":{"date-parts":[[2020,12]]}}}