{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,8]],"date-time":"2026-02-08T22:25:24Z","timestamp":1770589524192,"version":"3.49.0"},"publisher-location":"New York, NY, USA","reference-count":18,"publisher":"ACM","license":[{"start":{"date-parts":[[2023,11,30]],"date-time":"2023-11-30T00:00:00Z","timestamp":1701302400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by-nc-sa\/4.0\/"}],"funder":[{"DOI":"10.13039\/100000001","name":"NSF (National Science Foundation)","doi-asserted-by":"publisher","award":["1815186,1815336, 1955853"],"award-info":[{"award-number":["1815186,1815336, 1955853"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]},{"name":"Coastal Virginia Center for Cyber Innovation and the Commonwealth Cyber Initiative","award":[""],"award-info":[{"award-number":[""]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2023,11,30]]},"DOI":"10.1145\/3611643.3613099","type":"proceedings-article","created":{"date-parts":[[2023,11,30]],"date-time":"2023-11-30T23:14:38Z","timestamp":1701386078000},"page":"2162-2166","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":3,"title":["MASC: A Tool for Mutation-Based Evaluation of Static Crypto-API Misuse Detectors"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-9455-2230","authenticated-orcid":false,"given":"Amit Seal","family":"Ami","sequence":"first","affiliation":[{"name":"William & Mary, Williamsburg, USA"}]},{"ORCID":"https:\/\/orcid.org\/0009-0002-3229-1386","authenticated-orcid":false,"given":"Syed Yusuf","family":"Ahmed","sequence":"additional","affiliation":[{"name":"University of Dhaka, Dhaka, Bangladesh"}]},{"ORCID":"https:\/\/orcid.org\/0009-0002-8014-8023","authenticated-orcid":false,"given":"Radowan Mahmud","family":"Redoy","sequence":"additional","affiliation":[{"name":"University of Dhaka, Dhaka, Bangladesh"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-2498-705X","authenticated-orcid":false,"given":"Nathan","family":"Cooper","sequence":"additional","affiliation":[{"name":"William & Mary, Williamsburg, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-1917-7677","authenticated-orcid":false,"given":"Kaushal","family":"Kafle","sequence":"additional","affiliation":[{"name":"William & Mary, Williamsburg, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-9683-5616","authenticated-orcid":false,"given":"Kevin","family":"Moran","sequence":"additional","affiliation":[{"name":"University of Central Florida, Orlando, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-5626-7586","authenticated-orcid":false,"given":"Denys","family":"Poshyvanyk","sequence":"additional","affiliation":[{"name":"William & Mary, Williamsburg, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-6866-4565","authenticated-orcid":false,"given":"Adwait","family":"Nadkarni","sequence":"additional","affiliation":[{"name":"William & Mary, Williamsburg, USA"}]}],"member":"320","published-online":{"date-parts":[[2023,11,30]]},"reference":[{"key":"e_1_3_2_2_1_1","unstructured":"2022. MASC Artifact. https:\/\/github.com\/Secure-Platforms-Lab-W-M\/MASC-Artifact"},{"key":"e_1_3_2_2_2_1","unstructured":"2023. MASC. https:\/\/github.com\/Secure-Platforms-Lab-W-M\/MASC"},{"key":"e_1_3_2_2_3_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP46214.2022.9833582"},{"key":"e_1_3_2_2_4_1","volume-title":"Proceedings of the 43rd IEEE\/ACM International Conference on Software Engineering (ICSE\u201921)","author":"Ami Amit Seal","year":"2021","unstructured":"Amit Seal Ami, Kaushal Kafle, Kevin Moran, Adwait Nadkarni, and Denys Poshyvanyk. 2021. Demo: Mutation-based Evaluation of Security-focused Static Analysis Tools for Android. In Proceedings of the 43rd IEEE\/ACM International Conference on Software Engineering (ICSE\u201921), Formal Tool Demonstration, Virtual (originally Madrid, Spain), May 25th - 28th, 2021."},{"key":"e_1_3_2_2_5_1","doi-asserted-by":"publisher","DOI":"10.1145\/3439802"},{"key":"e_1_3_2_2_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/1646353.1646374"},{"key":"e_1_3_2_2_7_1","volume-title":"27th USENIX Security Symposium (USENIX Security 18)","author":"Bonett Richard","year":"2018","unstructured":"Richard Bonett, Kaushal Kafle, Kevin Moran, Adwait Nadkarni, and Denys Poshyvanyk. 2018. Discovering Flaws in Security-Focused Static Analysis Tools for Android using Systematic Mutation. In 27th USENIX Security Symposium (USENIX Security 18). USENIX Association, Baltimore, MD. 1263\u20131280. isbn:978-1-939133-04-5 https:\/\/www.usenix.org\/conference\/usenixsecurity18\/presentation\/bonett"},{"key":"e_1_3_2_2_8_1","volume-title":"CogniCrypt - Secure Integration of Cryptographic Software | CogniCrypt. https:\/\/www.eclipse.org\/cognicrypt\/ Accessed","year":"2020","unstructured":"CogniCrypt. 2020. CogniCrypt - Secure Integration of Cryptographic Software | CogniCrypt. https:\/\/www.eclipse.org\/cognicrypt\/ Accessed June, 2020"},{"key":"e_1_3_2_2_9_1","volume-title":"Oracle - Industrial Experience of Finding Cryptographic Vulnerabilities in Large-scale Codebases. https:\/\/labs.oracle.com\/pls\/apex\/f?p=94065:40150:0::::P40150_PUBLICATION_ID:6629 Accessed","year":"2020","unstructured":"CryptoGuard. 2020. Oracle - Industrial Experience of Finding Cryptographic Vulnerabilities in Large-scale Codebases. https:\/\/labs.oracle.com\/pls\/apex\/f?p=94065:40150:0::::P40150_PUBLICATION_ID:6629 Accessed July, 2020"},{"key":"e_1_3_2_2_10_1","unstructured":"GitHub. 2020. Announcing third-party code scanning tools: static analysis & developer security training - The GitHub Blog. https:\/\/github.blog\/2020-10-05-announcing-third-party-code-scanning-tools-static-analysis-and-developer-security-training\/ Accessed Nov 2020"},{"key":"e_1_3_2_2_11_1","unstructured":"\"Java\". 2020. Java Cryptography Architecture (JCA) Reference Guide. https:\/\/docs.oracle.com\/en\/java\/javase\/11\/security\/java-cryptography-architecture-jca-reference-guide.html#GUID-815542FE-CF3D-407A-9673-CAE9840F6231"},{"key":"e_1_3_2_2_12_1","volume-title":"LGTM - Continuous Security Analysis. https:\/\/lgtm.com\/ Accessed","year":"2020","unstructured":"lgtm. 2020. LGTM - Continuous Security Analysis. https:\/\/lgtm.com\/ Accessed Nov, 2020"},{"key":"e_1_3_2_2_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/3106237.3106275"},{"key":"e_1_3_2_2_14_1","doi-asserted-by":"publisher","DOI":"10.1145\/3183440.3183492"},{"key":"e_1_3_2_2_15_1","volume-title":"The Static Analysis Results Interchange Format (SARIF). https:\/\/sarifweb.azurewebsites.net\/ Accessed","author":"OASIS.","year":"2021","unstructured":"OASIS. 2021. The Static Analysis Results Interchange Format (SARIF). https:\/\/sarifweb.azurewebsites.net\/ Accessed Jul, 2021"},{"key":"e_1_3_2_2_16_1","volume-title":"Test Cases for Risky or Broken Cryptographic Algorithm Erroneously Labeled as Not Vulnerable \u22c5 Issue #92 \u22c5 OWASP\/Benchmark. https:\/\/github.com\/OWASP\/Benchmark\/issues\/92 Accessed","year":"2020","unstructured":"owasp. 2020. Test Cases for Risky or Broken Cryptographic Algorithm Erroneously Labeled as Not Vulnerable \u22c5 Issue #92 \u22c5 OWASP\/Benchmark. https:\/\/github.com\/OWASP\/Benchmark\/issues\/92 Accessed Nov, 2020"},{"key":"e_1_3_2_2_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/3319535.3345659"},{"key":"e_1_3_2_2_18_1","volume-title":"Xanitizer by RIGS IT - Because Security Matters. https:\/\/www.rigs-it.com\/xanitizer\/ Accessed","year":"2020","unstructured":"Xanitizer. 2020. Xanitizer by RIGS IT - Because Security Matters. https:\/\/www.rigs-it.com\/xanitizer\/ Accessed May, 2020"}],"event":{"name":"ESEC\/FSE '23: 31st ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering","location":"San Francisco CA USA","acronym":"ESEC\/FSE '23","sponsor":["SIGSOFT ACM Special Interest Group on Software Engineering"]},"container-title":["Proceedings of the 31st ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3611643.3613099","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3611643.3613099","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T16:37:10Z","timestamp":1750178230000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3611643.3613099"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,11,30]]},"references-count":18,"alternative-id":["10.1145\/3611643.3613099","10.1145\/3611643"],"URL":"https:\/\/doi.org\/10.1145\/3611643.3613099","relation":{},"subject":[],"published":{"date-parts":[[2023,11,30]]},"assertion":[{"value":"2023-11-30","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}