{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,11]],"date-time":"2026-04-11T21:00:18Z","timestamp":1775941218115,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":67,"publisher":"ACM","license":[{"start":{"date-parts":[[2022,4,25]],"date-time":"2022-04-25T00:00:00Z","timestamp":1650844800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"Institute of Information & communications Technology Planning & Evaluation (IITP)","award":["2020-0-00153"],"award-info":[{"award-number":["2020-0-00153"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2022,4,25]]},"DOI":"10.1145\/3485447.3512235","type":"proceedings-article","created":{"date-parts":[[2022,4,25]],"date-time":"2022-04-25T05:11:23Z","timestamp":1650863483000},"page":"755-766","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":16,"title":["HiddenCPG: Large-Scale Vulnerable Clone Detection Using Subgraph Isomorphism of Code Property Graphs"],"prefix":"10.1145","author":[{"given":"Seongil","family":"Wi","sequence":"first","affiliation":[{"name":"School of Computing, Korea Advanced Institute of Science and Technology, Republic of Korea"}]},{"given":"Sijae","family":"Woo","sequence":"additional","affiliation":[{"name":"School of Computing, Korea Advanced Institute of Science and Technology, Republic of Korea"}]},{"given":"Joyce Jiyoung","family":"Whang","sequence":"additional","affiliation":[{"name":"School of Computing, Korea Advanced Institute of Science and Technology, Republic of Korea"}]},{"given":"Sooel","family":"Son","sequence":"additional","affiliation":[{"name":"School of Computing, Korea Advanced Institute of Science and Technology, Republic of Korea"}]}],"member":"320","published-online":{"date-parts":[[2022,4,25]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"[n. d.]. Common Vulnerability Enumeration (CVE). https:\/\/cve.mitre.org."},{"key":"e_1_3_2_1_2_1","unstructured":"[n. d.]. GitHub. https:\/\/github.com."},{"key":"e_1_3_2_1_3_1","unstructured":"[n. d.]. Github PHP project. https:\/\/github.com\/topics\/php?o=desc&s=stars."},{"key":"e_1_3_2_1_4_1","unstructured":"[n. d.]. GitHub REST API. https:\/\/docs.github.com\/en\/rest."},{"key":"e_1_3_2_1_5_1","unstructured":"[n. d.]. GitHut: a small place to discover languages in GitHub. https:\/\/githut.info\/."},{"key":"e_1_3_2_1_6_1","unstructured":"[n. d.]. Joern. https:\/\/github.com\/ShiftLeftSecurity\/joern."},{"key":"e_1_3_2_1_7_1","unstructured":"[n. d.]. Usage of server-side programming languages for websites. https:\/\/w3techs.com\/technologies\/overview\/programming_language\/all."},{"key":"e_1_3_2_1_8_1","unstructured":"[n. d.]. VF2 Implement a (Sub)Graph Isomorphism Algorithm for Matching Large Graphs. https:\/\/github.com\/yaolili\/VF2."},{"key":"e_1_3_2_1_9_1","unstructured":"[n. d.]. Wikitten. https:\/\/github.com\/devaneando\/Wikitten."},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978380"},{"key":"e_1_3_2_1_11_1","volume-title":"Proceedings of the USENIX Security Symposium. 377\u2013392","author":"Alhuzali Abeer","year":"2018","unstructured":"Abeer Alhuzali, Rigel Gjomemo, Birhanu Eshete, and VN Venkatakrishnan. 2018. NAVEX: precise and scalable exploit generation for dynamic web applications. In Proceedings of the USENIX Security Symposium. 377\u2013392."},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1109\/EuroSP.2017.14"},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2008.22"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSM.1998.738528"},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2007.70725"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/2950290.2950350"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1109\/TPAMI.2004.75"},{"key":"e_1_3_2_1_18_1","volume-title":"Seminar Work (Seminer \u00c7alismasi)","author":"Dahse Johannes","unstructured":"Johannes Dahse and J\u00f6rg Schwenk. 2010. RIPS-A static source code analyser for vulnerabilities in PHP scripts. In Seminar Work (Seminer \u00c7alismasi). Horst G\u00f6rtz Institute Ruhr-University Bochum."},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2016.23185"},{"key":"e_1_3_2_1_20_1","volume-title":"Proceedings of the ACM Conference on Computer and Communications Security. 1899\u20131913","author":"Fass Aurore","year":"2001","unstructured":"Aurore Fass, Michael Backes, and Ben Stock. 2001. HideNoSeek: Camouflaging malicious javascript in benign asts. In Proceedings of the ACM Conference on Computer and Communications Security. 1899\u20131913."},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1145\/3460120.3484745"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978370"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1109\/DSN.2019.00064"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.13"},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE.2007.30"},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSTW.2011.32"},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2006.29"},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2002.1019480"},{"key":"e_1_3_2_1_29_1","volume-title":"Proceedings of the USENIX Security Symposium. 637\u2013652","author":"Kapravelos Alexandros","year":"2013","unstructured":"Alexandros Kapravelos, Yan Shoshitaishvili, Marco Cova, Christopher Kruegel, and Giovanni Vigna. 2013. Revolver: An automated approach to the detection of evasive web-based malware. In Proceedings of the USENIX Security Symposium. 637\u2013652."},{"key":"e_1_3_2_1_30_1","volume-title":"Proceedings of the USENIX Security Symposium.","author":"Khodayari Soheil","year":"2021","unstructured":"Soheil Khodayari and Giancarlo Pellegrino. 2021. JAW: Studying Client-side CSRF with Hybrid Property Graphs and Declarative Traversals. In Proceedings of the USENIX Security Symposium."},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1145\/1081706.1081737"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2018.02.007"},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2017.62"},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1007\/3-540-47764-0_3"},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1145\/2508859.2516703"},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE.2012.6227183"},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1145\/3442381.3449826"},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.1145\/3442381.3450002"},{"key":"e_1_3_2_1_39_1","volume-title":"Proceedings of the USENIX Security Symposium.","author":"Li Song","year":"2022","unstructured":"Song Li, Mingqing Kang, Jianwei Hou, and Yinzhi Cao. 2022. Mining Node.js Vulnerabilities via Object Dependence Graph and Query. In Proceedings of the USENIX Security Symposium."},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2006.28"},{"key":"e_1_3_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.1145\/2991079.2991102"},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2018.23158"},{"key":"e_1_3_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.1145\/1542476.1542485"},{"key":"e_1_3_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.5220\/0010537000002998"},{"key":"e_1_3_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSM.1996.565012"},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSME.2017.33"},{"key":"e_1_3_2_1_47_1","doi-asserted-by":"publisher","DOI":"10.1109\/TR.2018.2839339"},{"key":"e_1_3_2_1_48_1","doi-asserted-by":"publisher","DOI":"10.1145\/1858996.1859089"},{"key":"e_1_3_2_1_49_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.infsof.2013.01.008"},{"key":"e_1_3_2_1_50_1","volume-title":"A survey on software clone detection research. Queen\u2019s School of Computing TR 541, 115","author":"Roy Chanchal\u00a0Kumar","year":"2007","unstructured":"Chanchal\u00a0Kumar Roy and James\u00a0R Cordy. 2007. A survey on software clone detection research. Queen\u2019s School of Computing TR 541, 115 (2007), 64\u201368."},{"key":"e_1_3_2_1_51_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICPC.2008.41"},{"key":"e_1_3_2_1_52_1","volume-title":"Comparison and evaluation of code clone detection techniques and tools: A qualitative approach. Science of computer programming 74, 7","author":"Roy K","year":"2009","unstructured":"Chanchal\u00a0K Roy, James\u00a0R Cordy, and Rainer Koschke. 2009. Comparison and evaluation of code clone detection techniques and tools: A qualitative approach. Science of computer programming 74, 7 (2009), 470\u2013495."},{"key":"e_1_3_2_1_53_1","doi-asserted-by":"publisher","DOI":"10.14778\/1453856.1453899"},{"key":"e_1_3_2_1_54_1","doi-asserted-by":"publisher","DOI":"10.1145\/2166956.2166964"},{"key":"e_1_3_2_1_55_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2014.23351"},{"key":"e_1_3_2_1_56_1","doi-asserted-by":"publisher","DOI":"10.1109\/APSEC.2002.1183002"},{"key":"e_1_3_2_1_57_1","doi-asserted-by":"publisher","DOI":"10.1145\/321921.321925"},{"key":"e_1_3_2_1_58_1","doi-asserted-by":"publisher","DOI":"10.1145\/2414456.2414462"},{"key":"e_1_3_2_1_59_1","doi-asserted-by":"publisher","DOI":"10.1145\/3180155.3180179"},{"key":"e_1_3_2_1_60_1","doi-asserted-by":"publisher","DOI":"10.1145\/1250734.1250739"},{"key":"e_1_3_2_1_61_1","volume-title":"Proceedings of the USENIX Security Symposium. 1165\u20131182","author":"Xiao Yang","year":"2020","unstructured":"Yang Xiao, Bihuan Chen, Chendong Yu, Zhengzi Xu, Zimu Yuan, Feng Li, Binghong Liu, Yang Liu, Wei Huo, Wei Zou, 2020. MVP: Detecting Vulnerabilities using Patch-Enhanced Vulnerability Signatures. In Proceedings of the USENIX Security Symposium. 1165\u20131182."},{"key":"e_1_3_2_1_62_1","volume-title":"Proceedings of the USENIX Security Symposium. 179\u2013192","author":"Xie Yichen","year":"2006","unstructured":"Yichen Xie and Alex Aiken. 2006. Static Detection of Security Vulnerabilities in Scripting Languages. In Proceedings of the USENIX Security Symposium. 179\u2013192."},{"key":"e_1_3_2_1_63_1","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3134018"},{"key":"e_1_3_2_1_64_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2014.44"},{"key":"e_1_3_2_1_65_1","doi-asserted-by":"publisher","DOI":"10.1137\/1.9781611972733.15"},{"key":"e_1_3_2_1_66_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2021.3065872"},{"key":"e_1_3_2_1_67_1","doi-asserted-by":"publisher","DOI":"10.1145\/2660267.2660359"}],"event":{"name":"WWW '22: The ACM Web Conference 2022","location":"Virtual Event, Lyon France","acronym":"WWW '22","sponsor":["SIGWEB ACM Special Interest Group on Hypertext, Hypermedia, and Web"]},"container-title":["Proceedings of the ACM Web Conference 2022"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3485447.3512235","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3485447.3512235","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T19:30:13Z","timestamp":1750188613000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3485447.3512235"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,4,25]]},"references-count":67,"alternative-id":["10.1145\/3485447.3512235","10.1145\/3485447"],"URL":"https:\/\/doi.org\/10.1145\/3485447.3512235","relation":{},"subject":[],"published":{"date-parts":[[2022,4,25]]},"assertion":[{"value":"2022-04-25","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}