{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,10]],"date-time":"2026-04-10T16:10:00Z","timestamp":1775837400167,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":22,"publisher":"ACM","license":[{"start":{"date-parts":[[2017,8,21]],"date-time":"2017-08-21T00:00:00Z","timestamp":1503273600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2017,8,21]]},"DOI":"10.1145\/3106237.3117771","type":"proceedings-article","created":{"date-parts":[[2017,8,2]],"date-time":"2017-08-02T19:36:18Z","timestamp":1501702578000},"page":"914-919","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":143,"title":["Automated identification of security issues from commit messages and bug reports"],"prefix":"10.1145","author":[{"given":"Yaqin","family":"Zhou","sequence":"first","affiliation":[{"name":"SourceClear, Singapore"}]},{"given":"Asankhaya","family":"Sharma","sequence":"additional","affiliation":[{"name":"SourceClear, Singapore"}]}],"member":"320","published-online":{"date-parts":[[2017,8,21]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"2017. OWASP Zed Attack Proxy Project. (2017).  2017. OWASP Zed Attack Proxy Project. (2017)."},{"key":"e_1_3_2_1_2_1","volume-title":"https:\/\/www.sourceclear.com\/","author":"SourceClear Project","year":"2017","unstructured":"https:\/\/www.owasp.org\/index.php\/OWASP_Zed_Attack_Proxy_ Project 2017. SourceClear . ( 2017 ). https:\/\/www.sourceclear.com\/ https:\/\/www.owasp.org\/index.php\/OWASP_Zed_Attack_Proxy_Project 2017. SourceClear. (2017). https:\/\/www.sourceclear.com\/"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1145\/1315245.1315249"},{"key":"e_1_3_2_1_4_1","volume-title":"Ana LC Bazzan, and Maria Carolina Monard","author":"Batista Gustavo EAPA","year":"2003","unstructured":"Gustavo EAPA Batista , Ana LC Bazzan, and Maria Carolina Monard . 2003 . Balancing Training Data for Automated Annotation of Keywords: a Case Study.. In WOB. 10\u201318. Gustavo EAPA Batista, Ana LC Bazzan, and Maria Carolina Monard. 2003. Balancing Training Data for Automated Annotation of Keywords: a Case Study.. In WOB. 10\u201318."},{"key":"e_1_3_2_1_5_1","first-page":"209","article-title":"KLEE: Unassisted and Automatic Generation of High-Coverage Tests for Complex Systems Programs","volume":"8","author":"Cadar Cristian","year":"2008","unstructured":"Cristian Cadar , Daniel Dunbar , Dawson R Engler , 2008 . KLEE: Unassisted and Automatic Generation of High-Coverage Tests for Complex Systems Programs .. In OSDI , Vol. 8. 209 \u2013 224 . Cristian Cadar, Daniel Dunbar, Dawson R Engler, et al. 2008. KLEE: Unassisted and Automatic Generation of High-Coverage Tests for Complex Systems Programs.. In OSDI, Vol. 8. 209\u2013224.","journal-title":"OSDI"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1613\/jair.953"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSMCC.2011.2161285"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1145\/360248.360252"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1007\/s13748-016-0094-0"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSMCB.2008.2007853"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1145\/2566486.2568024"},{"key":"e_1_3_2_1_12_1","unstructured":"Tomas Mikolov Ilya Sutskever Kai Chen Greg S Corrado and Jeff Dean. 2013. Distributed representations of words and phrases and their compositionality. In Advances in neural information processing systems. 3111\u20133119.   Tomas Mikolov Ilya Sutskever Kai Chen Greg S Corrado and Jeff Dean. 2013. Distributed representations of words and phrases and their compositionality. In Advances in neural information processing systems. 3111\u20133119."},{"key":"e_1_3_2_1_13_1","volume-title":"Proceedings of the 2Nd USENIX Conference on Web Application Development (WebApps\u201911)","author":"Papagiannis Ioannis","year":"2011","unstructured":"Ioannis Papagiannis , Matteo Migliavacca , and Peter Pietzuch . 2011 . PHP Aspis: Using Partial Taint Tracking to Protect Against Injection Attacks . In Proceedings of the 2Nd USENIX Conference on Web Application Development (WebApps\u201911) . USENIX Association, Berkeley, CA, USA, 2\u20132. http:\/\/dl.acm.org\/citation.cfm?id= 2002168.2002170 Ioannis Papagiannis, Matteo Migliavacca, and Peter Pietzuch. 2011. PHP Aspis: Using Partial Taint Tracking to Protect Against Injection Attacks. In Proceedings of the 2Nd USENIX Conference on Web Application Development (WebApps\u201911). USENIX Association, Berkeley, CA, USA, 2\u20132. http:\/\/dl.acm.org\/citation.cfm?id=2002168.2002170"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813604"},{"key":"e_1_3_2_1_15_1","volume-title":"Proceedings of the 24th USENIX Conference on Security Symposium (SEC\u201915)","author":"Sabottke Carl","year":"2015","unstructured":"Carl Sabottke , Octavian Suciu , and Tudor Dumitras . 2015 . Vulnerability Disclosure in the Age of Social Media: Exploiting Twitter for Predicting Real-world Exploits . In Proceedings of the 24th USENIX Conference on Security Symposium (SEC\u201915) . USENIX Association, Berkeley, CA, USA, 1041\u20131056. http:\/\/dl.acm.org\/citation.cfm?id=2831143.2831209 Carl Sabottke, Octavian Suciu, and Tudor Dumitras. 2015. Vulnerability Disclosure in the Age of Social Media: Exploiting Twitter for Predicting Real-world Exploits. In Proceedings of the 24th USENIX Conference on Security Symposium (SEC\u201915). USENIX Association, Berkeley, CA, USA, 1041\u20131056. http:\/\/dl.acm.org\/citation.cfm?id=2831143.2831209"},{"key":"e_1_3_2_1_16_1","volume-title":"Hoi","author":"Sahoo Doyen","year":"2017","unstructured":"Doyen Sahoo , Chenghao Liu , and Steven C. H . Hoi . 2017 . Malicious Doyen Sahoo, Chenghao Liu, and Steven C. H. Hoi. 2017. Malicious"},{"key":"e_1_3_2_1_17_1","volume-title":"Proceedings of the 2013 International Conference on Software Engineering (ICSE \u201913)","author":"Shar Lwin Khin","unstructured":"Lwin Khin Shar , Hee Beng Kuan Tan , and Lionel C. Briand . 2013. Mining SQL Injection and Cross Site Scripting Vulnerabilities Using Hybrid Program Analysis . In Proceedings of the 2013 International Conference on Software Engineering (ICSE \u201913) . IEEE Press, Piscataway, NJ, USA, 642\u2013651. http:\/\/dl.acm.org\/citation.cfm?id=2486788.2486873 Lwin Khin Shar, Hee Beng Kuan Tan, and Lionel C. Briand. 2013. Mining SQL Injection and Cross Site Scripting Vulnerabilities Using Hybrid Program Analysis. In Proceedings of the 2013 International Conference on Software Engineering (ICSE \u201913). IEEE Press, Piscataway, NJ, USA, 642\u2013651. http:\/\/dl.acm.org\/citation.cfm?id=2486788.2486873"},{"key":"e_1_3_2_1_18_1","volume-title":"Computer Security Applications, 2000. ACSAC \u201900. 16th Annual Conference. 257\u2013267","author":"Viega J.","unstructured":"J. Viega , J. T. Bloch , Y. Kohno , and G. McGraw . 2000. ITS4: a static vulnerability scanner for C and C++ code . In Computer Security Applications, 2000. ACSAC \u201900. 16th Annual Conference. 257\u2013267 . J. Viega, J. T. Bloch, Y. Kohno, and G. McGraw. 2000. ITS4: a static vulnerability scanner for C and C++ code. In Computer Security Applications, 2000. ACSAC \u201900. 16th Annual Conference. 257\u2013267."},{"key":"e_1_3_2_1_19_1","unstructured":"David A. Wheeler. 2017.  David A. Wheeler. 2017."},{"key":"e_1_3_2_1_20_1","unstructured":"Flawfinder. (2017).  Flawfinder. (2017)."},{"key":"e_1_3_2_1_21_1","unstructured":"https:\/\/www.dwheeler.com\/flawfinder\/  https:\/\/www.dwheeler.com\/flawfinder\/"},{"key":"e_1_3_2_1_22_1","unstructured":"Dumidu Wijayasekara Milos Manic Jason L. Wright and Miles McQueen. 2012.  Dumidu Wijayasekara Milos Manic Jason L. Wright and Miles McQueen. 2012."}],"event":{"name":"ESEC\/FSE'17: Joint Meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Software Engineering","location":"Paderborn Germany","acronym":"ESEC\/FSE'17","sponsor":["SIGSOFT ACM Special Interest Group on Software Engineering"]},"container-title":["Proceedings of the 2017 11th Joint Meeting on Foundations of Software Engineering"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3106237.3117771","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3106237.3117771","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T03:30:17Z","timestamp":1750217417000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3106237.3117771"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017,8,21]]},"references-count":22,"alternative-id":["10.1145\/3106237.3117771","10.1145\/3106237"],"URL":"https:\/\/doi.org\/10.1145\/3106237.3117771","relation":{},"subject":[],"published":{"date-parts":[[2017,8,21]]},"assertion":[{"value":"2017-08-21","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}