{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,24]],"date-time":"2025-06-24T06:29:51Z","timestamp":1750746591067,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":43,"publisher":"ACM","license":[{"start":{"date-parts":[[2023,4,24]],"date-time":"2023-04-24T00:00:00Z","timestamp":1682294400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"name":"German Federal Ministry of Education and Research (BMBF)"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2023,4,24]]},"DOI":"10.1145\/3577923.3583657","type":"proceedings-article","created":{"date-parts":[[2023,4,20]],"date-time":"2023-04-20T10:57:59Z","timestamp":1681988279000},"page":"189-200","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":5,"title":["Detecting Backdoors in Collaboration Graphs of Software Repositories"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-4337-4390","authenticated-orcid":false,"given":"Tom","family":"Ganz","sequence":"first","affiliation":[{"name":"SAP SE, Karlsruhe, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-9841-3628","authenticated-orcid":false,"given":"Inaam","family":"Ashraf","sequence":"additional","affiliation":[{"name":"Bielefeld University, Bielefeld, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-8349-5912","authenticated-orcid":false,"given":"Martin","family":"H\u00e4rterich","sequence":"additional","affiliation":[{"name":"SAP SE, Karlsruhe, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-5054-8758","authenticated-orcid":false,"given":"Konrad","family":"Rieck","sequence":"additional","affiliation":[{"name":"Technische Universit\u00e4t Berlin, Berlin, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2023,4,24]]},"reference":[{"key":"e_1_3_2_1_1_1","volume-title":"31st USENIX Security Symposium (USENIX Security 22)","author":"Arp Daniel","year":"2022","unstructured":"Daniel Arp, Erwin Quiring, Feargus Pendlebury, Alexander Warnecke, Fabio Pierazzi, Christian Wressnegger, Lorenzo Cavallaro, and Konrad Rieck. 2022. Dos and Don'ts of Machine Learning in Computer Security. In 31st USENIX Security Symposium (USENIX Security 22). USENIX Association, Boston, MA. https:\/\/www.usenix.org\/conference\/usenixsecurity22\/presentation\/arp"},{"key":"e_1_3_2_1_2_1","unstructured":"Saikat Chakraborty Rahul Krishna Yangruibo Ding and Baishakhi Ray. 2020. Deep Learning based Vulnerability Detection: Are We There Yet? arXiv:2009.07235 [cs.SE]"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1145\/1541880.1541882"},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1109\/TechDebt.2019.00030"},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","unstructured":"Kaize Ding Jundong Li Rohit Bhanushali and Huan Liu. 2019. Deep Anomaly Detection on Attributed Networks. 594--602. https:\/\/doi.org\/10.1137\/1.9781611975673. 67","DOI":"10.1137\/1.9781611975673"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","unstructured":"Jinhao Dong. 2022. Reproducible Package of FIRA: Fine-Grained Graph-Based Code Change Representation for Automated Commit Message Generation. Zenodo. https:\/\/doi.org\/10.5281\/zenodo.6053202","DOI":"10.5281\/zenodo.6053202"},{"key":"e_1_3_2_1_7_1","volume-title":"Proceedings of the 29th ACM International Conference on Information ?I&' Knowledge Management","author":"Dou Yingtong","year":"1903","unstructured":"Yingtong Dou, Zhiwei Liu, Li Sun, Yutong Deng, Hao Peng, and Philip S. Yu. 2020. Enhancing Graph Neural Network-Based Fraud Detectors against Camouflaged Fraudsters. In Proceedings of the 29th ACM International Conference on Information ?I&' Knowledge Management (Virtual Event, Ireland) (CIKM '20). Association for Computing Machinery, New York, NY, USA, 315 to 324. https:\/\/doi.org\/10.1145\/ 3340531.3411903"},{"volume-title":"9th USENIX Symposium on Operating Systems Design and Implementation (OSDI 10)","author":"Feldman Ariel J.","key":"e_1_3_2_1_8_1","unstructured":"Ariel J. Feldman, William P. Zeller, Michael J. Freedman, and Edward W. Felten. 2010. SPORC: Group Collaboration using Untrusted Cloud Resources. In 9th USENIX Symposium on Operating Systems Design and Implementation (OSDI 10). USENIX Association, Vancouver, BC. https:\/\/www.usenix.org\/conference\/osdi10\/ sporc-group-collaboration-using-untrusted-cloud-resources"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1145\/3196398.3196460"},{"key":"e_1_3_2_1_10_1","unstructured":"Gensim. 2022. Gensim Word2Vec. https:\/\/radimrehurek.com\/gensim\/models\/ word2vec.html"},{"key":"e_1_3_2_1_11_1","unstructured":"GitHub. 2022. GitHub Rest API. https:\/\/docs.github.com\/en\/rest"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"crossref","unstructured":"Danielle Gonzalez T. Zimmermann Patrice Godefroid and Maxine Schaefer. 2021. Anomalicious: Automated Detection of Anomalous and Potentially Malicious Commits on GitHub. 2021 IEEE\/ACM 43rd International Conference on Software Engineering: Software Engineering in Practice (ICSE-SEIP) (2021) 258--267.","DOI":"10.1109\/ICSE-SEIP52600.2021.00035"},{"key":"e_1_3_2_1_13_1","unstructured":"Dan Goodin. 2021. Hackers backdoor PHP source code after breaching internal git server. News Posts ArsTechnica."},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1002\/smr.1893"},{"key":"e_1_3_2_1_15_1","unstructured":"GraphRepo. 2021. GraphRepo. https:\/\/graphrepo.readthedocs.io\/en\/latest\/index. html"},{"key":"e_1_3_2_1_16_1","volume-title":"Proceedings of the 31st International Conference on Neural Information Processing Systems. 1025--1035","author":"Hamilton William L","year":"2017","unstructured":"William L Hamilton, Rex Ying, and Jure Leskovec. 2017. Inductive representation learning on large graphs. In Proceedings of the 31st International Conference on Neural Information Processing Systems. 1025--1035."},{"key":"e_1_3_2_1_17_1","volume-title":"Open Graph Benchmark: Datasets for Machine Learning on Graphs. arXiv preprint arXiv:2005.00687","author":"Hu Weihua","year":"2020","unstructured":"Weihua Hu, Matthias Fey, Marinka Zitnik, Yuxiao Dong, Hongyu Ren, Bowen Liu, Michele Catasta, and Jure Leskovec. 2020. Open Graph Benchmark: Datasets for Machine Learning on Graphs. arXiv preprint arXiv:2005.00687 (2020)."},{"key":"e_1_3_2_1_18_1","volume-title":"Kingma and Max Welling","author":"Diederik","year":"2019","unstructured":"Diederik P. Kingma and Max Welling. 2019. An Introduction to Variational Autoencoders. CoRR abs\/1906.02691 (2019)."},{"volume-title":"Semi-Supervised Classification with Graph Convolutional Networks. In International Conference on Learning Representations (ICLR).","author":"Thomas","key":"e_1_3_2_1_19_1","unstructured":"Thomas N. Kipf and Max Welling. 2017. Semi-Supervised Classification with Graph Convolutional Networks. In International Conference on Learning Representations (ICLR)."},{"key":"e_1_3_2_1_20_1","unstructured":"Guohao Li Chenxin Xiong Ali Thabet and Bernard Ghanem. 2020. DeeperGCN: All You Need to Train Deeper GCNs. arXiv:2006.07739 [cs.LG]"},{"key":"e_1_3_2_1_21_1","volume-title":"6th Symposium on Operating Systems Design & Implementation (OSDI 04)","author":"Li Jinyuan","year":"2004","unstructured":"Jinyuan Li, Maxwell Krohn, David Mazi\u00e8res, and Dennis Shasha. 2004. Secure Untrusted Data Repository (SUNDR). In 6th Symposium on Operating Systems Design & Implementation (OSDI 04). USENIX Association, San Francisco, CA. https:\/\/www.usenix.org\/conference\/osdi-04\/secure-untrusted-datarepository- sundr"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1145\/3397271.3401253"},{"volume-title":"Detection of Intrusions and Malware, and Vulnerability Assessment","author":"Ohm Marc","key":"e_1_3_2_1_23_1","unstructured":"Marc Ohm, Henrik Plate, Arnold Sykosch, and Michael Meier. 2020. Backstabber's Knife Collection: A Review of Open Source Software Supply Chain Attacks. In Detection of Intrusions and Malware, and Vulnerability Assessment. Springer International Publishing, Cham, 23--43."},{"key":"e_1_3_2_1_24_1","unstructured":"PyDriller. 2021. PyDriller. https:\/\/pydriller.readthedocs.io\/en\/latest"},{"key":"e_1_3_2_1_25_1","unstructured":"PyTorch Geometric. 2022. PyTorch Geometric. https:\/\/pytorch-geometric. readthedocs.io\/en\/latest\/"},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1090\/S0002-9947-1953-0053041-6"},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1145\/2594458"},{"key":"e_1_3_2_1_28_1","volume-title":"Deep Semi-Supervised Anomaly Detection. In International Conference on Learning Representations. https:\/\/openreview.net\/forum?id=HkgH0TEYwH","author":"Ruff Lukas","year":"2020","unstructured":"Lukas Ruff, Robert A. Vandermeulen, Nico G\u00f6rnitz, Alexander Binder, Emmanuel M\u00fcller, Klaus-Robert M\u00fcller, and Marius Kloft. 2020. Deep Semi-Supervised Anomaly Detection. In International Conference on Learning Representations. https:\/\/openreview.net\/forum?id=HkgH0TEYwH"},{"key":"e_1_3_2_1_29_1","volume-title":"Proceedings of the 35th International Conference on Machine Learning","volume":"80","author":"Ruff Lukas","year":"2018","unstructured":"Lukas Ruff, Robert A. Vandermeulen, Nico G\u00f6rnitz, Lucas Deecke, Shoaib A. Siddiqui, Alexander Binder, Emmanuel M\u00fcller, and Marius Kloft. 2018. Deep One-Class Classification. In Proceedings of the 35th International Conference on Machine Learning, Vol. 80. 4393--4402."},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICMLA.2018.00120"},{"key":"e_1_3_2_1_31_1","volume-title":"Predicting Continuous Integration Build Failures Using Evolutionary Search. Information and Software Technology 128 (08","author":"Saidani Islem","year":"2020","unstructured":"Islem Saidani, Ali Ouni, Moataz Chouchen, and Mohamed Wiem Mkaouer. 2020. Predicting Continuous Integration Build Failures Using Evolutionary Search. Information and Software Technology 128 (08 2020), 106392. https:\/\/doi.org\/10. 1016\/j.infsof.2020.106392"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1145\/2508859.2516716"},{"key":"e_1_3_2_1_33_1","volume-title":"GraphRepo: Fast Exploration in Software Repository Mining. CoRR abs\/2008.04884","author":"Serban Alex","year":"2020","unstructured":"Alex Serban, Magiel Bruntink, and Joost Visser. 2020. GraphRepo: Fast Exploration in Software Repository Mining. CoRR abs\/2008.04884 (2020). arXiv:2008.04884 https:\/\/arxiv.org\/abs\/2008.04884"},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1145\/3468264.3468551"},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2015.23294"},{"key":"e_1_3_2_1_36_1","volume-title":"Support vector data description. Machine learning 54, 1","author":"Tax David MJ","year":"2004","unstructured":"David MJ Tax and Robert PW Duin. 2004. Support vector data description. Machine learning 54, 1 (2004), 45--66."},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1007\/978--3-030-00470-"},{"key":"e_1_3_2_1_38_1","volume-title":"25th USENIX Security Symposium (USENIX Security 16)","author":"Torres-Arias Santiago","year":"2016","unstructured":"Santiago Torres-Arias, Anil Kumar Ammula, Reza Curtmola, and Justin Cappos. 2016. On Omitting Commits and Committing Omissions: Preventing Git Metadata Tampering That (Re)introduces Software Vulnerabilities. In 25th USENIX Security Symposium (USENIX Security 16). USENIX Association, Austin, TX, 379--395. https:\/\/www.usenix.org\/conference\/usenixsecurity16\/technicalsessions\/ presentation\/torres-arias"},{"key":"e_1_3_2_1_39_1","volume-title":"Graph Attention Networks. International Conference on Learning Representations","author":"Velikovi Petar","year":"2018","unstructured":"Petar Velikovi, Guillem Cucurull, Arantxa Casanova, Adriana Romero, Pietro Li\u00f2, and Yoshua Bengio. 2018. Graph Attention Networks. International Conference on Learning Representations (2018). https:\/\/openreview.net\/forum?id= rJXMpikCZ accepted as poster."},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1109\/EuroSP48549.2020.00018"},{"key":"e_1_3_2_1_42_1","volume-title":"Static Detection of Application Backdoors. Datenschutz und Datensicherheit - DuD 34 (01","author":"Wysopal Chris","year":"2007","unstructured":"Chris Wysopal and Chris Eng. 2007. Static Detection of Application Backdoors. Datenschutz und Datensicherheit - DuD 34 (01 2007). https:\/\/doi.org\/10.1007\/ s11623-010-0024--4"},{"key":"e_1_3_2_1_43_1","volume-title":"How powerful are graph neural networks? arXiv preprint arXiv:1810.00826","author":"Xu Keyulu","year":"2018","unstructured":"Keyulu Xu,Weihua Hu, Jure Leskovec, and Stefanie Jegelka. 2018. How powerful are graph neural networks? arXiv preprint arXiv:1810.00826 (2018)."},{"key":"e_1_3_2_1_44_1","volume-title":"Advances in Neural Information Processing Systems","volume":"32","author":"Zhou Yaqin","year":"2019","unstructured":"Yaqin Zhou, Shangqing Liu, Jingkai Siow, Xiaoning Du, and Yang Liu. 2019. Devign: Effective Vulnerability Identification by Learning Comprehensive Program Semantics via Graph Neural Networks. In Advances in Neural Information Processing Systems, Vol. 32."}],"event":{"name":"CODASPY '23: Thirteenth ACM Conference on Data and Application Security and Privacy","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"],"location":"Charlotte NC USA","acronym":"CODASPY '23"},"container-title":["Proceedings of the Thirteenth ACM Conference on Data and Application Security and Privacy"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3577923.3583657","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3577923.3583657","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T18:08:41Z","timestamp":1750183721000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3577923.3583657"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,4,24]]},"references-count":43,"alternative-id":["10.1145\/3577923.3583657","10.1145\/3577923"],"URL":"https:\/\/doi.org\/10.1145\/3577923.3583657","relation":{},"subject":[],"published":{"date-parts":[[2023,4,24]]},"assertion":[{"value":"2023-04-24","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}