{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,11]],"date-time":"2026-04-11T21:00:16Z","timestamp":1775941216757,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":41,"publisher":"ACM","license":[{"start":{"date-parts":[[2014,4,7]],"date-time":"2014-04-07T00:00:00Z","timestamp":1396828800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/501100001871","name":"Funda\u00e7\u00e3o para a Ci\u00eancia e a Tecnologia","doi-asserted-by":"publisher","id":[{"id":"10.13039\/501100001871","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100004963","name":"Seventh Framework Programme","doi-asserted-by":"publisher","id":[{"id":"10.13039\/501100004963","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2014,4,7]]},"DOI":"10.1145\/2566486.2568024","type":"proceedings-article","created":{"date-parts":[[2014,10,7]],"date-time":"2014-10-07T12:57:59Z","timestamp":1412686679000},"page":"63-74","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":60,"title":["Automatic detection and correction of web application vulnerabilities using data mining to predict false positives"],"prefix":"10.1145","author":[{"given":"Ib\u00e9ria","family":"Medeiros","sequence":"first","affiliation":[{"name":"University of Lisboa, Faculty of Sciences, Lisboa, Portugal"}]},{"given":"Nuno F.","family":"Neves","sequence":"additional","affiliation":[{"name":"University of Lisboa, Faculty of Sciences, Lisboa, Portugal"}]},{"given":"Miguel","family":"Correia","sequence":"additional","affiliation":[{"name":"University of Lisboa, Instituto Superior T\u00e9cnico, Lisboa, Portugal"}]}],"member":"320","published-online":{"date-parts":[[2014,4,7]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2009.91"},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.jss.2009.06.055"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1145\/2168836.2168865"},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1145\/1315245.1315249"},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1016\/S0164-1212(99)00102-8"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/1108473.1108496"},{"key":"e_1_3_2_1_7_1","volume-title":": The supply chain problem (Apr","author":"Davidson M.A.","year":"2008","unstructured":"Davidson , M.A. : The supply chain problem (Apr 2008 ), http:\/\/blogs.oracle.com\/maryanndavidson\/2008\/04\/the_supply_chain_problem.html Davidson, M.A.: The supply chain problem (Apr 2008), http:\/\/blogs.oracle.com\/maryanndavidson\/2008\/04\/the_supply_chain_problem.html"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.5555\/1248547.1248548"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1109\/52.976940"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1145\/1101908.1101935"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2007.70748"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1145\/775152.775174"},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/988672.988679"},{"key":"e_1_3_2_1_14_1","series-title":"Apr 2012","volume-title":"Hacker intelligence initiative, monthly trend report#8","author":"Imperva","unstructured":"Imperva : Hacker intelligence initiative, monthly trend report#8 ( Apr 2012 ) Imperva: Hacker intelligence initiative, monthly trend report#8 (Apr 2012)"},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1145\/1134744.1134751"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/161494.161501"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2008.35"},{"key":"e_1_3_2_1_18_1","volume-title":"Correia","author":"Medeiros I.","year":"2014","unstructured":"Medeiros , I. , Neves , N.F. , Correia , M. : Website of WAP tool ( Jan 2014 ), http:\/\/awap.sourceforge.net\/ Medeiros, I., Neves, N.F., Correia, M.: Website of WAP tool (Jan 2014), http:\/\/awap.sourceforge.net\/"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1109\/CSMR.2007.16"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1145\/1315245.1315311"},{"key":"e_1_3_2_1_21_1","first-page":"295","volume-title":"et al.: Automatically hardening web applications using precise tainting. Security and Privacy in the Age of Ubiquitous Computing","author":"Nguyen-Tuong A.","year":"2005","unstructured":"Nguyen-Tuong , A. et al.: Automatically hardening web applications using precise tainting. Security and Privacy in the Age of Ubiquitous Computing pp. 295 -- 307 ( 2005 ) Nguyen-Tuong, A. et al.: Automatically hardening web applications using precise tainting. Security and Privacy in the Age of Ubiquitous Computing pp. 295--307 (2005)"},{"key":"e_1_3_2_1_22_1","volume-title":"Proceedings of the 2nd USENIX Conference on Web Application Development (2011)","author":"Papagiannis I.","unstructured":"Papagiannis , I. , Migliavacca , M. , Pietzuch , P. : PHP Aspis: using partial taint tracking to protect against injection attacks . In: Proceedings of the 2nd USENIX Conference on Web Application Development (2011) Papagiannis, I., Migliavacca, M., Pietzuch, P.: PHP Aspis: using partial taint tracking to protect against injection attacks. In: Proceedings of the 2nd USENIX Conference on Web Application Development (2011)"},{"key":"e_1_3_2_1_23_1","unstructured":"Parr T.: Language Implementation Patterns: Create Your Own Domain-Specific and General Programming Languages. Pragmatic Bookshelf (2009)   Parr T.: Language Implementation Patterns: Create Your Own Domain-Specific and General Programming Languages. Pragmatic Bookshelf (2009)"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1007\/11663812_7"},{"key":"e_1_3_2_1_25_1","volume-title":": Automated Security Review of PHP Web Applications with Static Code Analysis. Master's thesis","author":"de Poel N.L.","year":"2010","unstructured":"de Poel , N.L. : Automated Security Review of PHP Web Applications with Static Code Analysis. Master's thesis , State University of Groningen (May 2010 ) de Poel, N.L.: Automated Security Review of PHP Web Applications with Static Code Analysis. Master's thesis, State University of Groningen (May 2010)"},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1109\/JSAC.2002.806121"},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1109\/2.241422"},{"key":"e_1_3_2_1_28_1","first-page":"16","volume-title":"Proceedings of the 10th USENIX Security Symposium.","volume":"10","author":"Shankar U.","year":"2001","unstructured":"Shankar , U. et al.: Detecting format-string vulnerabilities with type qualifiers . In: Proceedings of the 10th USENIX Security Symposium. vol. 10 , pp. 16 -- 16 ( Aug 2001 ) Shankar, U. et al.: Detecting format-string vulnerabilities with type qualifiers. In: Proceedings of the 10th USENIX Security Symposium. vol. 10, pp. 16--16 (Aug 2001)"},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.5555\/2337223.2337399"},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1145\/2351676.2351733"},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.5555\/2486788.2486873"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2010.81"},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2010.25"},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1145\/2166956.2166964"},{"key":"e_1_3_2_1_35_1","volume-title":"Internet threat report. 2012 trends","author":"Symantec","year":"2013","unstructured":"Symantec : Internet threat report. 2012 trends , volume 18 ( Apr 2013 ) Symantec: Internet threat report. 2012 trends, volume 18 (Apr 2013)"},{"key":"e_1_3_2_1_36_1","volume-title":"Proceedings of the 39th IEEE\/IFIP International Conference on Dependable Systems and Networks (Jul 2009)","author":"Vieira M.","unstructured":"Vieira , M. , Antunes , N. , Madeira , H. : Using web security scanners to detect vulnerabilities in web services . In: Proceedings of the 39th IEEE\/IFIP International Conference on Dependable Systems and Networks (Jul 2009) Vieira, M., Antunes, N., Madeira, H.: Using web security scanners to detect vulnerabilities in web services. In: Proceedings of the 39th IEEE\/IFIP International Conference on Dependable Systems and Networks (Jul 2009)"},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1109\/ESEM.2009.5314215"},{"key":"e_1_3_2_1_38_1","first-page":"225","volume-title":"Proceedings of the 15th USENIX Security Symposium.","author":"Wang X.","year":"2006","unstructured":"Wang , X. , Pan , C. , Liu , P. , Zhu , S. : SigFree: A signature-free buffer overflow attack blocker . In: Proceedings of the 15th USENIX Security Symposium. pp. 225 -- 240 ( Aug 2006 ) Wang, X., Pan, C., Liu, P., Zhu, S.: SigFree: A signature-free buffer overflow attack blocker. In: Proceedings of the 15th USENIX Security Symposium. pp. 225--240 (Aug 2006)"},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1145\/1250734.1250739"},{"key":"e_1_3_2_1_40_1","volume-title":"Wichers","author":"Williams J.","year":"2013","unstructured":"Williams , J. , Wichers , D. : OWASP Top 10 - 2013 rcl - the ten most critical web application security risks. Tech. rep., OWASP Foundation ( 2013) Williams, J., Wichers, D.: OWASP Top 10 - 2013 rcl - the ten most critical web application security risks. Tech. rep., OWASP Foundation (2013)"},{"key":"e_1_3_2_1_41_1","volume-title":"Hall","author":"Witten I.H.","year":"2011","unstructured":"Witten , I.H. , Frank , E. , Hall , M.A. : Data Mining: Practical Machine Learning Tools and Techniques. Morgan Kaufmann , 3 rd edn. ( 2011 ) Witten, I.H., Frank, E., Hall, M.A.: Data Mining: Practical Machine Learning Tools and Techniques. Morgan Kaufmann, 3rd edn. (2011)","edition":"3"}],"event":{"name":"WWW '14: 23rd International World Wide Web Conference","location":"Seoul Korea","acronym":"WWW '14","sponsor":["IW3C2 International World Wide Web Conference Committee","SIGWEB ACM Special Interest Group on Hypertext, Hypermedia, and Web"]},"container-title":["Proceedings of the 23rd international conference on World wide web"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2566486.2568024","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2566486.2568024","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T07:01:00Z","timestamp":1750230060000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2566486.2568024"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2014,4,7]]},"references-count":41,"alternative-id":["10.1145\/2566486.2568024","10.1145\/2566486"],"URL":"https:\/\/doi.org\/10.1145\/2566486.2568024","relation":{},"subject":[],"published":{"date-parts":[[2014,4,7]]},"assertion":[{"value":"2014-04-07","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}