{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,7,27]],"date-time":"2025-07-27T07:50:42Z","timestamp":1753602642445,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":42,"publisher":"ACM","license":[{"start":{"date-parts":[[2020,9,14]],"date-time":"2020-09-14T00:00:00Z","timestamp":1600041600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2020,9,14]]},"DOI":"10.1145\/3410886.3410901","type":"proceedings-article","created":{"date-parts":[[2020,9,12]],"date-time":"2020-09-12T19:46:30Z","timestamp":1599939990000},"page":"217-226","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":3,"title":["Graft: Static Analysis of Java Bytecode with Graph Databases"],"prefix":"10.1145","author":[{"given":"Wim","family":"Keirsgieter","sequence":"first","affiliation":[{"name":"Stellenbosch University, South Africa"}]},{"given":"Willem","family":"Visser","sequence":"additional","affiliation":[{"name":"Stellenbosch University, South Africa"}]}],"member":"320","published-online":{"date-parts":[[2020,9,14]]},"reference":[{"doi-asserted-by":"publisher","key":"e_1_3_2_1_1_1","DOI":"10.14569\/IJACSA.2018.090178"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_2_1","DOI":"10.5555\/1177220"},{"volume-title":"Proceedings of the International Conference on Software Maintenance. 368\u2013377","year":"1998","author":"Baxter I.","key":"e_1_3_2_1_3_1"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_4_1","DOI":"10.1109\/TSE.2008.24"},{"volume-title":"Proceedings of the ACM SIGCOMM Internet Measurement Conference. ACM, 475\u2013488","author":"Durumeric Z.","key":"e_1_3_2_1_5_1"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_6_1","DOI":"10.1145\/178243.178264"},{"doi-asserted-by":"crossref","unstructured":"J. Ferrante K.\u00a0J. Ottenstein and J.\u00a0D. Warren. 1987. The Program Dependence Graph and Its Use in Optimization.ACM Transactions on Programming Languages and Systems 9 3 (1987) 319\u2013349. https:\/\/doi.org\/10.1145\/24039.24041 10.1145\/24039.24041  J. Ferrante K.\u00a0J. Ottenstein and J.\u00a0D. Warren. 1987. The Program Dependence Graph and Its Use in Optimization.ACM Transactions on Programming Languages and Systems 9 3 (1987) 319\u2013349. https:\/\/doi.org\/10.1145\/24039.24041 10.1145\/24039.24041","key":"e_1_3_2_1_7_1","DOI":"10.1145\/24039.24041"},{"doi-asserted-by":"crossref","unstructured":"S. Ghaffarian and H.\u00a0R. Shahriari. 2017. Software Vulnerability Analysis and Discovery Using Machine-Learning and Data-Mining Techniques: A Survey. ACM Computing Surveys 50 4 Article 56(2017) 36\u00a0pages. https:\/\/doi.org\/10.1145\/3092566 10.1145\/3092566  S. Ghaffarian and H.\u00a0R. Shahriari. 2017. Software Vulnerability Analysis and Discovery Using Machine-Learning and Data-Mining Techniques: A Survey. ACM Computing Surveys 50 4 Article 56(2017) 36\u00a0pages. https:\/\/doi.org\/10.1145\/3092566 10.1145\/3092566","key":"e_1_3_2_1_8_1","DOI":"10.1145\/3092566"},{"volume-title":"Proceedings of the GRADES \u201915","author":"Hawes N.","key":"e_1_3_2_1_9_1"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_10_1","DOI":"10.1109\/MSP.2011.70"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_11_1","DOI":"10.1145\/960116.53994"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_12_1","DOI":"10.1145\/2813885.2737957"},{"volume-title":"The 1st International Workshop on Managing Insider Security Threats (MIST","year":"2009","author":"Kupsch J.","key":"e_1_3_2_1_13_1"},{"volume-title":"Proceedings of the 24th ACM SIGACT-SIGMOD-SIGART Symposium on Principles of Database Systems. ACM, 1\u201312","author":"Lam M.","key":"e_1_3_2_1_14_1"},{"doi-asserted-by":"crossref","unstructured":"P. Lathar R. Shah and S. K\u00a0G. 2017. Stacy - static code analysis for enhanced vulnerability detection. Cogent Engineering 4 1 (2017). https:\/\/doi.org\/10.1080\/23311916.2017.1335470  P. Lathar R. Shah and S. K\u00a0G. 2017. Stacy - static code analysis for enhanced vulnerability detection. Cogent Engineering 4 1 (2017). https:\/\/doi.org\/10.1080\/23311916.2017.1335470","key":"e_1_3_2_1_15_1","DOI":"10.1080\/23311916.2017.1335470"},{"unstructured":"T. Lenherr. 2008. Taxonomy and applications of alias analysis. Master\u2019s thesis. Eidgen\u00f6ssische Technische Hochschule Zurich Switzerland. https:\/\/doi.org\/10.3929\/ethz-a-005697567  T. Lenherr. 2008. Taxonomy and applications of alias analysis. Master\u2019s thesis. Eidgen\u00f6ssische Technische Hochschule Zurich Switzerland. https:\/\/doi.org\/10.3929\/ethz-a-005697567","key":"e_1_3_2_1_16_1"},{"volume-title":"Proceedings of the 14th Conference on USENIX Security Symposium. USENIX Association, 271\u2013286","author":"Livshits B.","key":"e_1_3_2_1_17_1"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_18_1","DOI":"10.1109\/MSECP.2003.1193213"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_19_1","DOI":"10.1155\/2017\/5452396"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_20_1","DOI":"10.17706\/jsw.11.11.1083-1088"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_21_1","DOI":"10.1145\/2815072.2815073"},{"doi-asserted-by":"crossref","unstructured":"M.\u00a0A. Rodriguez and P. Neubauer. 2012. The Graph Traversal Pattern. In Graph Data Management: Techniques and Applications S.\u00a0Sakr and E.\u00a0Pardede (Eds.). IGI Global 29\u201346. https:\/\/doi.org\/10.4018\/978-1-61350-053-8.ch002  M.\u00a0A. Rodriguez and P. Neubauer. 2012. The Graph Traversal Pattern. In Graph Data Management: Techniques and Applications S.\u00a0Sakr and E.\u00a0Pardede (Eds.). IGI Global 29\u201346. https:\/\/doi.org\/10.4018\/978-1-61350-053-8.ch002","key":"e_1_3_2_1_22_1","DOI":"10.4018\/978-1-61350-053-8.ch002"},{"volume-title":"Proceedings of the 17th IEEE International Conference on Machine Learning and Applications. IEEE, 757\u2013762","year":"2018","author":"Russell R.","key":"e_1_3_2_1_23_1"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_24_1","DOI":"10.1109\/SP.2010.26"},{"volume-title":"Proceedings of the 10th conference on USENIX Security Symposium. USENIX Association. https:\/\/www.usenix.org\/legacy\/publications\/library\/proceedings\/sec01\/shankar.html 10","author":"Shankar U.","key":"e_1_3_2_1_25_1"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_26_1","DOI":"10.1016\/j.scico.2012.02.002"},{"unstructured":"S. Suneja Y. Zheng Y. Zhuang J. Laredo and A. Morari. 2020. Learning to map source code to software vulnerability using code-as-a-graph. arxiv:2006.08614  S. Suneja Y. Zheng Y. Zhuang J. Laredo and A. Morari. 2020. Learning to map source code to software vulnerability using code-as-a-graph. arxiv:2006.08614","key":"e_1_3_2_1_27_1"},{"unstructured":"Synopsis Inc.2019. The Heartbleed Bug. Retrieved 2019-11-04 from http:\/\/heartbleed.com\/  Synopsis Inc.2019. The Heartbleed Bug. Retrieved 2019-11-04 from http:\/\/heartbleed.com\/","key":"e_1_3_2_1_28_1"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_29_1","DOI":"10.5555\/1106275.1106307"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_30_1","DOI":"10.1016\/j.scico.2013.11.010"},{"doi-asserted-by":"crossref","unstructured":"R. Vallee-rai P. Co E. Gagnon L. Hendren P. Lam and V. Sundaresan. 2010. Soot \u2013 a Java Bytecode Optimization Framework. In CASCON First Decade High Impact Papers. IBM Corp. 214\u2013224. https:\/\/doi.org\/10.1145\/1925805.1925818 10.1145\/1925805.1925818  R. Vallee-rai P. Co E. Gagnon L. Hendren P. Lam and V. Sundaresan. 2010. Soot \u2013 a Java Bytecode Optimization Framework. In CASCON First Decade High Impact Papers. IBM Corp. 214\u2013224. https:\/\/doi.org\/10.1145\/1925805.1925818 10.1145\/1925805.1925818","key":"e_1_3_2_1_31_1","DOI":"10.1145\/1925805.1925818"},{"volume-title":"Jimple: Simplifying Java Bytecode for Analyses and Transformations. Technical Report 1998-4","year":"1998","author":"Hendren R.","key":"e_1_3_2_1_32_1"},{"volume-title":"Towards Practical Reactive Security Audit Using Extended Static Checkers. In 2013 IEEE Symposium on Security and Privacy. IEEE, 33\u201347","year":"2013","author":"Vanegue J.","key":"e_1_3_2_1_33_1"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_34_1","DOI":"10.1109\/ICAIT.2018.8686548"},{"volume-title":"Modeling and Discovering Vulnerabilities with Code Property Graphs. In 2014 IEEE Symposium on Security and Privacy. IEEE, 590\u2013604","year":"2014","author":"Yamaguchi F.","key":"e_1_3_2_1_35_1"},{"volume-title":"Proceedings of the 28th Annual Computer Security Applications Conference. ACM, 359\u2013368","year":"2095","author":"Yamaguchi F.","key":"e_1_3_2_1_36_1"},{"volume-title":"Automatic Inference of Search Patterns for Taint-Style Vulnerabilities. In 2015 IEEE Symposium on Security and Privacy. IEEE, 797\u2013812","year":"2015","author":"Yamaguchi F.","key":"e_1_3_2_1_37_1"},{"volume-title":"Proceedings of the International Symposium on Theoretical Aspects of Software Engineering. IEEE, 39\u201346","year":"2015","author":"Zhang T.","key":"e_1_3_2_1_38_1"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_39_1","DOI":"10.1007\/BF03160273"},{"unstructured":"P. Zhao. 2016. Case Studies of a Machine Learning Process for Improving the Accuracy of Static Analysis Tools. Master\u2019s thesis. University of Waterloo Waterloo ON Canada. https:\/\/uwspace.uwaterloo.ca\/handle\/10012\/11004  P. Zhao. 2016. Case Studies of a Machine Learning Process for Improving the Accuracy of Static Analysis Tools. Master\u2019s thesis. University of Waterloo Waterloo ON Canada. https:\/\/uwspace.uwaterloo.ca\/handle\/10012\/11004","key":"e_1_3_2_1_40_1"},{"volume-title":"Static Code Analysis for Software Security Verification: Problems and Approaches. In 2014 IEEE 38th International Computer Software and Applications Conference Workshops. IEEE, 102\u2013109","year":"2014","author":"Zhioua Z.","key":"e_1_3_2_1_41_1"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_42_1","DOI":"10.1145\/1041685.1029911"}],"event":{"acronym":"SAICSIT '20","name":"SAICSIT '20: Conference of the South African Institute of Computer Scientists and Information Technologists 2020","location":"Cape Town South Africa"},"container-title":["Conference of the South African Institute of Computer Scientists and Information Technologists 2020"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3410886.3410901","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3410886.3410901","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T21:31:55Z","timestamp":1750195915000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3410886.3410901"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,9,14]]},"references-count":42,"alternative-id":["10.1145\/3410886.3410901","10.1145\/3410886"],"URL":"https:\/\/doi.org\/10.1145\/3410886.3410901","relation":{},"subject":[],"published":{"date-parts":[[2020,9,14]]},"assertion":[{"value":"2020-09-14","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}