{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,29]],"date-time":"2026-01-29T21:54:46Z","timestamp":1769723686697,"version":"3.49.0"},"publisher-location":"New York, NY, USA","reference-count":55,"publisher":"ACM","license":[{"start":{"date-parts":[[2020,6,27]],"date-time":"2020-06-27T00:00:00Z","timestamp":1593216000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/501100001459","name":"Ministry of Education - Singapore","doi-asserted-by":"publisher","award":["MOE2019-T2-1-193"],"award-info":[{"award-number":["MOE2019-T2-1-193"]}],"id":[{"id":"10.13039\/501100001459","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2020,6,27]]},"DOI":"10.1145\/3377813.3381360","type":"proceedings-article","created":{"date-parts":[[2020,9,19]],"date-time":"2020-09-19T00:21:21Z","timestamp":1600474881000},"page":"90-99","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":24,"title":["Automated identification of libraries from vulnerability data"],"prefix":"10.1145","author":[{"given":"Yang","family":"Chen","sequence":"first","affiliation":[{"name":"Veracode"}]},{"given":"Andrew E.","family":"Santosa","sequence":"additional","affiliation":[{"name":"Veracode"}]},{"given":"Asankhaya","family":"Sharma","sequence":"additional","affiliation":[{"name":"Veracode"}]},{"given":"David","family":"Lo","sequence":"additional","affiliation":[{"name":"Singapore Management University"}]}],"member":"320","published-online":{"date-parts":[[2020,9,18]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"[n.d.]. Black Duck Software Composition Analysis. https:\/\/www.synopsys.com\/software-integrity\/security-testing\/software-composition-analysis.html.  [n.d.]. Black Duck Software Composition Analysis. https:\/\/www.synopsys.com\/software-integrity\/security-testing\/software-composition-analysis.html."},{"key":"e_1_3_2_1_2_1","unstructured":"[n.d.]. FastXML \/ PFastXML \/ PFastreXML - Fast and Accurate Tree Extreme Multi-label Classifier. https:\/\/github.com\/refefer\/fastxml.  [n.d.]. FastXML \/ PFastXML \/ PFastreXML - Fast and Accurate Tree Extreme Multi-label Classifier. https:\/\/github.com\/refefer\/fastxml."},{"key":"e_1_3_2_1_3_1","unstructured":"[n.d.]. Natural Language Toolkit. https:\/\/www.nltk.org\/.  [n.d.]. Natural Language Toolkit. https:\/\/www.nltk.org\/."},{"key":"e_1_3_2_1_4_1","unstructured":"[n.d.]. NVD - CVE-2011-0448. https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2011-0448.  [n.d.]. NVD - CVE-2011-0448. https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2011-0448."},{"key":"e_1_3_2_1_5_1","unstructured":"[n.d.]. NVD - CVE-2015-7318. https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2015-7318.  [n.d.]. NVD - CVE-2015-7318. https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2015-7318."},{"key":"e_1_3_2_1_6_1","unstructured":"[n.d.]. NVD - Data Feeds. https:\/\/nvd.nist.gov\/vuln\/data-feeds.  [n.d.]. NVD - Data Feeds. https:\/\/nvd.nist.gov\/vuln\/data-feeds."},{"key":"e_1_3_2_1_7_1","unstructured":"[n.d.]. NVD - Home. https:\/\/nvd.nist.gov\/.  [n.d.]. NVD - Home. https:\/\/nvd.nist.gov\/."},{"key":"e_1_3_2_1_8_1","unstructured":"[n.d.]. scikit-learn: Machine Learning in Python. http:\/\/scikit-learn.org\/stable\/.  [n.d.]. scikit-learn: Machine Learning in Python. http:\/\/scikit-learn.org\/stable\/."},{"key":"e_1_3_2_1_9_1","unstructured":"[n.d.]. Software Composition Analysis. https:\/\/www.flexera.com\/products\/software-composition-analysis.  [n.d.]. Software Composition Analysis. https:\/\/www.flexera.com\/products\/software-composition-analysis."},{"key":"e_1_3_2_1_10_1","unstructured":"[n.d.]. Software Composition Analysis --- Veracode. https:\/\/www.veracode.com\/products\/software-composition-analysis.  [n.d.]. Software Composition Analysis --- Veracode. https:\/\/www.veracode.com\/products\/software-composition-analysis."},{"key":"e_1_3_2_1_11_1","unstructured":"[n.d.]. Vulnerability Scanner. https:\/\/www.sonatype.com\/appscan.  [n.d.]. Vulnerability Scanner. https:\/\/www.sonatype.com\/appscan."},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1145\/2488388.2488391"},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"crossref","unstructured":"R. Babbar and B. Sch\u00f6lkopf. 2017. DiSMEC: Distributed Sparse Machines for Extreme Multi-label Classification. In 10th WSDM. ACM 721--729.  R. Babbar and B. Sch\u00f6lkopf. 2017. DiSMEC: Distributed Sparse Machines for Extreme Multi-label Classification. In 10th WSDM. ACM 721--729.","DOI":"10.1145\/3018661.3018741"},{"key":"e_1_3_2_1_14_1","unstructured":"K. Bhatia H. Jain P. Kar M. Varma and P. Jain. 2015. Sparse Local Embeddings for Extreme Multi-label Classification. In 28th NIPS. 730--738.  K. Bhatia H. Jain P. Kar M. Varma and P. Jain. 2015. Sparse Local Embeddings for Extreme Multi-label Classification. In 28th NIPS. 730--738."},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"crossref","unstructured":"C. Chen S. Gao and Z. Xing. 2016. Mining Analogical Libraries in Q&A Discussions - Incorporating Relational and Categorical Knowledge into Word Embedding. In 23rd SANER. IEEE Comp. Soc. 338--348.  C. Chen S. Gao and Z. Xing. 2016. Mining Analogical Libraries in Q&A Discussions - Incorporating Relational and Categorical Knowledge into Word Embedding. In 23rd SANER. IEEE Comp. Soc. 338--348.","DOI":"10.1109\/SANER.2016.21"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"crossref","unstructured":"C. Chen and Z. Xing. 2016. SimilarTech: automatically recommend analogical libraries across different programming languages. In 31st ASE. IEEE Comp. Soc. 834--839.  C. Chen and Z. Xing. 2016. SimilarTech: automatically recommend analogical libraries across different programming languages. In 31st ASE. IEEE Comp. Soc. 834--839.","DOI":"10.1145\/2970276.2970290"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"crossref","unstructured":"Y. Feng and Z. Chen. 2012. Multi-label software behavior learning. In 34th ICSE. IEEE Comp. Soc. 1305--1308.  Y. Feng and Z. Chen. 2012. Multi-label software behavior learning. In 34th ICSE. IEEE Comp. Soc. 1305--1308.","DOI":"10.1109\/ICSE.2012.6227093"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"crossref","unstructured":"Y. Feng J. A. Jones Z. Chen and C. Fang. 2018. An Empirical Study on Software Failure Classification with Multi-label and Problem-Transformation Techniques. In 11th ICST. IEEE Comp. Soc. 320--330.  Y. Feng J. A. Jones Z. Chen and C. Fang. 2018. An Empirical Study on Software Failure Classification with Multi-label and Problem-Transformation Techniques. In 11th ICST. IEEE Comp. Soc. 320--330.","DOI":"10.1109\/ICST.2018.00039"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1145\/5666.5673"},{"key":"e_1_3_2_1_20_1","unstructured":"D. Foo J. Yeo X. Hao and A. Sharma. 2019. The Dynamics of Software Composition Analysis. CoRR abs\/1909.00973 (2019). arXiv:1909.00973  D. Foo J. Yeo X. Hao and A. Sharma. 2019. The Dynamics of Software Composition Analysis. CoRR abs\/1909.00973 (2019). arXiv:1909.00973"},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1023\/A:1022602019183"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"crossref","unstructured":"H. Jain Y. Prabhu and M. Varma. 2016. Extreme Multi-label Loss Functions for Recommendation Tagging Ranking & Other Missing Label Applications. In 22nd KDD. ACM 935--944.  H. Jain Y. Prabhu and M. Varma. 2016. Extreme Multi-label Loss Functions for Recommendation Tagging Ranking & Other Missing Label Applications. In 22nd KDD. ACM 935--944.","DOI":"10.1145\/2939672.2939756"},{"key":"e_1_3_2_1_23_1","unstructured":"A. Joulin E. Grave P. Bojanowski and T. Mikolov. 2016. Bag of Tricks for Efficient Text Classification. CoRR abs\/1607.01759 (2016).  A. Joulin E. Grave P. Bojanowski and T. Mikolov. 2016. Bag of Tricks for Efficient Text Classification. CoRR abs\/1607.01759 (2016)."},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"crossref","unstructured":"J. Liu W.-C. Chang Y. Wu and Y. Yang. 2017. Deep Learning for Extreme Multi-label Text Classification. In 40th SIGIR. ACM 115--124.  J. Liu W.-C. Chang Y. Wu and Y. Yang. 2017. Deep Learning for Extreme Multi-label Text Classification. In 40th SIGIR. ACM 115--124.","DOI":"10.1145\/3077136.3080834"},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"crossref","unstructured":"T.-Y. Liu. 2011. Learning to Rank for Information Retrieval.  T.-Y. Liu. 2011. Learning to Rank for Information Retrieval.","DOI":"10.1007\/978-3-642-14267-3"},{"key":"e_1_3_2_1_26_1","first-page":"303","article-title":"Binary relevance efficacy for multilabel classification","volume":"1","author":"Luaces O.","year":"2012","journal-title":"Progress in AI"},{"key":"e_1_3_2_1_27_1","volume-title":"LSHTC: A Benchmark for Large-Scale Text Classification. CoRR abs\/1503.08581","author":"Partalas I.","year":"2015"},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"crossref","unstructured":"Y. Prabhu and M. Varma. 2014. FastXML: a fast accurate and stable tree-classifier for extreme multi-label learning. In 20th KDD. ACM 263--272.  Y. Prabhu and M. Varma. 2014. FastXML: a fast accurate and stable tree-classifier for extreme multi-label learning. In 20th KDD. ACM 263--272.","DOI":"10.1145\/2623330.2623651"},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1007\/s10664-018-9660-3"},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"crossref","unstructured":"A. Sabetta and M. Bezzi. 2018. A Practical Approach to the Automatic Classification of Security-Relevant Commits. In 34th ICSME. IEEE Comp. Soc.  A. Sabetta and M. Bezzi. 2018. A Practical Approach to the Automatic Classification of Security-Relevant Commits. In 34th ICSME. IEEE Comp. Soc.","DOI":"10.1109\/ICSME.2018.00058"},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.18653\/v1\/N18-3002"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"crossref","unstructured":"R. Shokripour J. Anvik Z. M. Kasirun and S. Zamani. 2013. Why so complicated? simple term filtering and weighting for location-based bug report assignment recommendation. In 10th MSR. IEEE Comp. Soc. 2--11.  R. Shokripour J. Anvik Z. M. Kasirun and S. Zamani. 2013. Why so complicated? simple term filtering and weighting for location-based bug report assignment recommendation. In 10th MSR. IEEE Comp. Soc. 2--11.","DOI":"10.1109\/MSR.2013.6623997"},{"key":"e_1_3_2_1_33_1","unstructured":"L. Short C. Wong and D. Zeng. 2014. Tag Recommendations in StackOverflow. Technical Report. Stanford University. CS224W Final Project.  L. Short C. Wong and D. Zeng. 2014. Tag Recommendations in StackOverflow. Technical Report. Stanford University. CS224W Final Project."},{"key":"e_1_3_2_1_34_1","volume-title":"23rd KDD. ACM, 455--464.","author":"Tagami Y."},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"crossref","unstructured":"F. Thung D. Lo and J. L. Lawall. 2013. Automated library recommendation. In 20th WCRE. IEEE Comp. Soc. 182--191.  F. Thung D. Lo and J. L. Lawall. 2013. Automated library recommendation. In 20th WCRE. IEEE Comp. Soc. 182--191.","DOI":"10.1109\/WCRE.2013.6671293"},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"crossref","unstructured":"A. S. M. Venigalla C. S. Lakkundi and S. Chimalakonda. 2019. SOTagger - Towards Classifying Stack Overflow Posts through Contextual Tagging (S). In 31st SEKE. KSI Research Inc. and Knowledge Systems Institute Graduate School 493--639.  A. S. M. Venigalla C. S. Lakkundi and S. Chimalakonda. 2019. SOTagger - Towards Classifying Stack Overflow Posts through Contextual Tagging (S). In 31st SEKE. KSI Research Inc. and Knowledge Systems Institute Graduate School 493--639.","DOI":"10.18293\/SEKE2019-067"},{"key":"e_1_3_2_1_37_1","volume-title":"Automated Vulnerability Detection System Based on Commit Messages. Master's thesis","author":"Wan L."},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"crossref","unstructured":"S. Wang D. Lo B. Vasilescu and A. Serebrenik. 2014. EnTagRec: An Enhanced Tag Recommendation System for Software Information Sites. In 30th ICSM. IEEE Comp. Soc. 291--300.  S. Wang D. Lo B. Vasilescu and A. Serebrenik. 2014. EnTagRec: An Enhanced Tag Recommendation System for Software Information Sites. In 30th ICSM. IEEE Comp. Soc. 291--300.","DOI":"10.1109\/ICSME.2014.51"},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1007\/s10664-017-9533-1"},{"key":"e_1_3_2_1_40_1","volume-title":"26th COLT (JMLR Workshop and Conf. Proceedings)","volume":"30","author":"Wang Y.","year":"2013"},{"key":"e_1_3_2_1_41_1","volume-title":"WSABIE: Scaling Up to Large Vocabulary Image Annotation. In 22nd IJCAI. IJCAI\/AAAI, 2764--2770.","author":"Weston J.","year":"2011"},{"key":"e_1_3_2_1_42_1","volume-title":"Label Partitioning For Sublinear Ranking. In 30th ICML (JMLR Workshop and Conf. Proceedings)","volume":"28","author":"Weston J."},{"key":"e_1_3_2_1_43_1","volume-title":"5th","author":"Wijayasekara D."},{"key":"e_1_3_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.5555\/1005332.1016791"},{"key":"e_1_3_2_1_45_1","volume-title":"CSMR-WCRE '14","author":"Xia X."},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"crossref","unstructured":"X. Xia D. Lo X. Wang and B. Zhou. 2013. Tag recommendation in software information sites. In 10th MSR. IEEE Comp. Soc. 287--296.  X. Xia D. Lo X. Wang and B. Zhou. 2013. Tag recommendation in software information sites. In 10th MSR. IEEE Comp. Soc. 287--296.","DOI":"10.1109\/MSR.2013.6624040"},{"key":"e_1_3_2_1_47_1","unstructured":"I. E.-H. Yen X. Huang W. Dai P. Ravikumar I. S. Dhillon and E. P. Xing. 2017. PPDsparse: A Parallel Primal-Dual Sparse Method for Extreme Classification. In 23rd KDD. ACM 545--553.  I. E.-H. Yen X. Huang W. Dai P. Ravikumar I. S. Dhillon and E. P. Xing. 2017. PPDsparse: A Parallel Primal-Dual Sparse Method for Extreme Classification. In 23rd KDD. ACM 545--553."},{"key":"e_1_3_2_1_48_1","volume-title":"33rd ICML (JMLR Workshop and Conf. Proceedings)","volume":"48","author":"Yen I. E.-H."},{"key":"e_1_3_2_1_49_1","unstructured":"R. You S. Dai Z. Zhang H. Mamitsuka and S. Zhu. 2018. AttentionXML: Extreme Multi-Label Text Classification with Multi-Label Attention Based Recurrent Neural Networks. CoRR abs\/1811.01727 (2018). arXiv:1811.01727  R. You S. Dai Z. Zhang H. Mamitsuka and S. Zhu. 2018. AttentionXML: Extreme Multi-Label Text Classification with Multi-Label Attention Based Recurrent Neural Networks. CoRR abs\/1811.01727 (2018). arXiv:1811.01727"},{"key":"e_1_3_2_1_50_1","volume-title":"Question Retrieval in Community Question Answering Enhanced by Tags Information in a Deep Neural Network Framework. Master's thesis","author":"Zavou C."},{"key":"e_1_3_2_1_51_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.patcog.2006.12.019"},{"key":"e_1_3_2_1_52_1","volume-title":"Deep Extreme Multi-label Learning. In ICMR '18","author":"Zhang W."},{"key":"e_1_3_2_1_53_1","doi-asserted-by":"crossref","unstructured":"X. Zhao S. Li H. Yu Y. Wang and W. Qiu. 2019. Accurate Library Recommendation Using Combining Collaborative Filtering and Topic Model for Mobile Development. IEICE Transactions 102-D 3 (2019) 522--536.  X. Zhao S. Li H. Yu Y. Wang and W. Qiu. 2019. Accurate Library Recommendation Using Combining Collaborative Filtering and Topic Model for Mobile Development. IEICE Transactions 102-D 3 (2019) 522--536.","DOI":"10.1587\/transinf.2018EDP7227"},{"key":"e_1_3_2_1_54_1","doi-asserted-by":"crossref","unstructured":"P. Zhou J. Liu Z. Yang and G. Zhou. 2017. Scalable tag recommendation for software information sites. In 24th SANER. IEEE Comp. Soc. 272--282.  P. Zhou J. Liu Z. Yang and G. Zhou. 2017. Scalable tag recommendation for software information sites. In 24th SANER. IEEE Comp. Soc. 272--282.","DOI":"10.1109\/SANER.2017.7884628"},{"key":"e_1_3_2_1_55_1","doi-asserted-by":"crossref","unstructured":"Y. Zhou and A. Sharma. 2017. Automated identification of security issues from commit messages and bug reports. In 11th FSE. ACM 914--919.  Y. Zhou and A. Sharma. 2017. Automated identification of security issues from commit messages and bug reports. In 11th FSE. ACM 914--919.","DOI":"10.1145\/3106237.3117771"}],"event":{"name":"ICSE '20: 42nd International Conference on Software Engineering","location":"Seoul South Korea","acronym":"ICSE '20","sponsor":["SIGSOFT ACM Special Interest Group on Software Engineering","KIISE Korean Institute of Information Scientists and Engineers","IEEE CS"]},"container-title":["Proceedings of the ACM\/IEEE 42nd International Conference on Software Engineering: Software Engineering in Practice"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3377813.3381360","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3377813.3381360","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T22:38:51Z","timestamp":1750199931000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3377813.3381360"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,6,27]]},"references-count":55,"alternative-id":["10.1145\/3377813.3381360","10.1145\/3377813"],"URL":"https:\/\/doi.org\/10.1145\/3377813.3381360","relation":{},"subject":[],"published":{"date-parts":[[2020,6,27]]},"assertion":[{"value":"2020-09-18","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}