{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,19]],"date-time":"2026-04-19T20:38:08Z","timestamp":1776631088562,"version":"3.51.2"},"publisher-location":"New York, NY, USA","reference-count":70,"publisher":"ACM","license":[{"start":{"date-parts":[[2023,11,30]],"date-time":"2023-11-30T00:00:00Z","timestamp":1701302400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"name":"Ministry of Education, Singapore under its Academic Research Fund Tier 3","award":["MOET32020-0004"],"award-info":[{"award-number":["MOET32020-0004"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2023,11,30]]},"DOI":"10.1145\/3611643.3616351","type":"proceedings-article","created":{"date-parts":[[2023,11,30]],"date-time":"2023-11-30T23:14:38Z","timestamp":1701386078000},"page":"1371-1383","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":13,"title":["Learning Program Semantics for Vulnerability Detection via Vulnerability-Specific Inter-procedural Slicing"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-0360-2248","authenticated-orcid":false,"given":"Bozhi","family":"Wu","sequence":"first","affiliation":[{"name":"Singapore Management University, Singapore, Singapore"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-5598-4006","authenticated-orcid":false,"given":"Shangqing","family":"Liu","sequence":"additional","affiliation":[{"name":"Nanyang Technological University, Singapore, Singapore"}]},{"ORCID":"https:\/\/orcid.org\/0009-0005-8009-2252","authenticated-orcid":false,"given":"Yang","family":"Xiao","sequence":"additional","affiliation":[{"name":"Institute of Information Engineering, CAS, Beijing, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-3453-5698","authenticated-orcid":false,"given":"Zhiming","family":"Li","sequence":"additional","affiliation":[{"name":"Nanyang Technological University, Singapore, Singapore"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-3545-1392","authenticated-orcid":false,"given":"Jun","family":"Sun","sequence":"additional","affiliation":[{"name":"Singapore Management University, Singapore, Singapore"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9726-3434","authenticated-orcid":false,"given":"Shang-Wei","family":"Lin","sequence":"additional","affiliation":[{"name":"Nanyang Technological University, Singapore, Singapore"}]}],"member":"320","published-online":{"date-parts":[[2023,11,30]]},"reference":[{"key":"e_1_3_2_2_1_1","unstructured":"2022. joern. https:\/\/joern.io\/"},{"key":"e_1_3_2_2_2_1","unstructured":"2022. Juliet. https:\/\/samate.nist.gov\/SARD"},{"key":"e_1_3_2_2_3_1","doi-asserted-by":"publisher","DOI":"10.1145\/3385412.3385997"},{"key":"e_1_3_2_2_4_1","first-page":"27865","article-title":"Self-supervised bug detection and repair","volume":"34","author":"Allamanis Miltiadis","year":"2021","unstructured":"Miltiadis Allamanis, Henry Jackson-Flux, and Marc Brockschmidt. 2021. Self-supervised bug detection and repair. Advances in Neural Information Processing Systems, 34 (2021), 27865\u201327876.","journal-title":"Advances in Neural Information Processing Systems"},{"key":"e_1_3_2_2_5_1","doi-asserted-by":"publisher","DOI":"10.1145\/360018.360025"},{"key":"e_1_3_2_2_6_1","unstructured":"Authors. 2023. Learning Precise Program Semantics for Vulnerability Detection via Type-specific Inter-procedural Slicing. https:\/\/sites.google.com\/view\/snapvuln"},{"key":"e_1_3_2_2_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/2001420.2001423"},{"key":"e_1_3_2_2_8_1","first-page":"8626","article-title":"Learning to execute programs with instruction pointer attention graph neural networks","volume":"33","author":"Bieber David","year":"2020","unstructured":"David Bieber, Charles Sutton, Hugo Larochelle, and Daniel Tarlow. 2020. Learning to execute programs with instruction pointer attention graph neural networks. Advances in Neural Information Processing Systems, 33 (2020), 8626\u20138637.","journal-title":"Advances in Neural Information Processing Systems"},{"key":"e_1_3_2_2_9_1","doi-asserted-by":"publisher","DOI":"10.1109\/32.666825"},{"key":"e_1_3_2_2_10_1","doi-asserted-by":"publisher","DOI":"10.1109\/32.310673"},{"key":"e_1_3_2_2_11_1","first-page":"1","article-title":"Precise executable interprocedural slices","volume":"2","author":"Binkley David","year":"1993","unstructured":"David Binkley. 1993. Precise executable interprocedural slices. ACM Letters on Programming Languages and Systems (LOPLAS), 2, 1-4 (1993), 31\u201345.","journal-title":"ACM Letters on Programming Languages and Systems (LOPLAS)"},{"key":"e_1_3_2_2_12_1","unstructured":"David Binkley. 1993. Slicing in the presence of parameter aliasing. In Software Engineering Research Forum. 261\u2013268."},{"key":"e_1_3_2_2_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/390016.808445"},{"key":"e_1_3_2_2_14_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2015.50"},{"key":"e_1_3_2_2_15_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2021.3087402"},{"key":"e_1_3_2_2_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/1455770.1455778"},{"key":"e_1_3_2_2_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/3436877"},{"key":"e_1_3_2_2_18_1","doi-asserted-by":"publisher","DOI":"10.1145\/3533767.3534371"},{"key":"e_1_3_2_2_19_1","volume-title":"Caglar Gulcehre, Dzmitry Bahdanau, Fethi Bougares, Holger Schwenk, and Yoshua Bengio.","author":"Cho Kyunghyun","year":"2014","unstructured":"Kyunghyun Cho, Bart Van Merri\u00ebnboer, Caglar Gulcehre, Dzmitry Bahdanau, Fethi Bougares, Holger Schwenk, and Yoshua Bengio. 2014. Learning phrase representations using RNN encoder-decoder for statistical machine translation. arXiv preprint arXiv:1406.1078."},{"key":"e_1_3_2_2_20_1","doi-asserted-by":"publisher","DOI":"10.1145\/3379597.3387501"},{"key":"e_1_3_2_2_21_1","volume-title":"Codebert: A pre-trained model for programming and natural languages. arXiv preprint arXiv:2002.08155.","author":"Feng Zhangyin","year":"2020","unstructured":"Zhangyin Feng, Daya Guo, Duyu Tang, Nan Duan, Xiaocheng Feng, Ming Gong, Linjun Shou, Bing Qin, Ting Liu, and Daxin Jiang. 2020. Codebert: A pre-trained model for programming and natural languages. arXiv preprint arXiv:2002.08155."},{"key":"e_1_3_2_2_22_1","unstructured":"Patrick Fernandes Miltiadis Allamanis and Marc Brockschmidt. 2018. Structured neural summarization. arXiv preprint arXiv:1811.01824."},{"key":"e_1_3_2_2_23_1","doi-asserted-by":"publisher","DOI":"10.1145\/356674.356676"},{"key":"e_1_3_2_2_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/161494.161498"},{"key":"e_1_3_2_2_25_1","volume-title":"Graphcodebert: Pre-training code representations with data flow. arXiv preprint arXiv:2009.08366.","author":"Guo Daya","year":"2020","unstructured":"Daya Guo, Shuo Ren, Shuai Lu, Zhangyin Feng, Duyu Tang, Shujie Liu, Long Zhou, Nan Duan, Alexey Svyatkovskiy, and Shengyu Fu. 2020. Graphcodebert: Pre-training code representations with data flow. arXiv preprint arXiv:2009.08366."},{"key":"e_1_3_2_2_26_1","unstructured":"Dixie Hisley Matt Bridges and Lori Pollock. 2002. Static interprocedural slicing of shared memory parallel programs."},{"key":"e_1_3_2_2_27_1","doi-asserted-by":"publisher","DOI":"10.1145\/77606.77608"},{"key":"e_1_3_2_2_28_1","volume-title":"Chopping: A generalization of slicing. CARNEGIE-MELLON UNIV PITTSBURGH PA DEPT OF COMPUTER SCIENCE.","author":"Jackson Daniel","year":"1994","unstructured":"Daniel Jackson and Eugene J Rollins. 1994. Chopping: A generalization of slicing. CARNEGIE-MELLON UNIV PITTSBURGH PA DEPT OF COMPUTER SCIENCE."},{"key":"e_1_3_2_2_29_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2019.00017"},{"key":"e_1_3_2_2_30_1","volume-title":"Proceedings of 20th International Computer Software and Applications Conference: COMPSAC\u201996","author":"Kang Byung-Kyoo","year":"1996","unstructured":"Byung-Kyoo Kang and James M Bieman. 1996. Design-level cohesion measures: Derivation, comparison, and applications. In Proceedings of 20th International Computer Software and Applications Conference: COMPSAC\u201996. 92\u201397."},{"key":"e_1_3_2_2_31_1","volume-title":"AoM\/IAoM 17th International Conference on Computer Science. 242\u2013247","author":"Kim Taeho","year":"1999","unstructured":"Taeho Kim, Yeong-Tae Song, Lawrence Chung, and Dung T Huynh. 1999. Software architecture analysis using dynamic slicing. In AoM\/IAoM 17th International Conference on Computer Science. 242\u2013247."},{"key":"e_1_3_2_2_32_1","doi-asserted-by":"publisher","DOI":"10.5555\/543107.543111"},{"key":"e_1_3_2_2_33_1","volume-title":"Proceedings. Twenty-Third Annual International Computer Software and Applications Conference (Cat. No. 99CB37032)","author":"Kim Taeho","year":"1999","unstructured":"Taeho Kim, Yeong-Tae Song, Lawrence Chung, and DT Hyunh. 1999. Dynamic software architecture slicing. In Proceedings. Twenty-Third Annual International Computer Software and Applications Conference (Cat. No. 99CB37032). 61\u201366."},{"key":"e_1_3_2_2_34_1","doi-asserted-by":"publisher","DOI":"10.1109\/SCAM.2003.1238038"},{"key":"e_1_3_2_2_35_1","volume-title":"Improved interprocedural slicing algorithm. Report CACS TR-92-5-8","author":"Lakhotia Arun","unstructured":"Arun Lakhotia. 1992. Improved interprocedural slicing algorithm. Report CACS TR-92-5-8, University of Southwestern Louisiana."},{"key":"e_1_3_2_2_36_1","doi-asserted-by":"publisher","DOI":"10.1145\/3387904.3389268"},{"key":"e_1_3_2_2_37_1","doi-asserted-by":"publisher","DOI":"10.1145\/3360588"},{"key":"e_1_3_2_2_38_1","article-title":"Vuldeelocator: a deep learning-based fine-grained vulnerability detector","author":"Li Zhen","year":"2021","unstructured":"Zhen Li, Deqing Zou, Shouhuai Xu, Zhaoxuan Chen, Yawei Zhu, and Hai Jin. 2021. Vuldeelocator: a deep learning-based fine-grained vulnerability detector. IEEE Transactions on Dependable and Secure Computing.","journal-title":"IEEE Transactions on Dependable and Secure Computing."},{"key":"e_1_3_2_2_39_1","article-title":"Sysevr: A framework for using deep learning to detect software vulnerabilities","author":"Li Zhen","year":"2021","unstructured":"Zhen Li, Deqing Zou, Shouhuai Xu, Hai Jin, Yawei Zhu, and Zhaoxuan Chen. 2021. Sysevr: A framework for using deep learning to detect software vulnerabilities. IEEE Transactions on Dependable and Secure Computing.","journal-title":"IEEE Transactions on Dependable and Secure Computing."},{"key":"e_1_3_2_2_40_1","volume-title":"Vuldeepecker: A deep learning-based system for vulnerability detection. arXiv preprint arXiv:1801.01681.","author":"Li Zhen","year":"2018","unstructured":"Zhen Li, Deqing Zou, Shouhuai Xu, Xinyu Ou, Hai Jin, Sujuan Wang, Zhijun Deng, and Yuyi Zhong. 2018. Vuldeepecker: A deep learning-based system for vulnerability detection. arXiv preprint arXiv:1801.01681."},{"key":"e_1_3_2_2_41_1","volume-title":"International Conference on Learning Representations.","author":"Liu Shangqing","year":"2020","unstructured":"Shangqing Liu, Yu Chen, Xiaofei Xie, Jing Kai Siow, and Yang Liu. 2020. Retrieval-Augmented Generation for Code Summarization via Hybrid GNN. In International Conference on Learning Representations."},{"key":"e_1_3_2_2_42_1","first-page":"2034","article-title":"Indigo: Gnn-based inductive knowledge graph completion using pair-wise encoding","volume":"34","author":"Liu Shuwen","year":"2021","unstructured":"Shuwen Liu, Bernardo Grau, Ian Horrocks, and Egor Kostylev. 2021. Indigo: Gnn-based inductive knowledge graph completion using pair-wise encoding. Advances in Neural Information Processing Systems, 34 (2021), 2034\u20132045.","journal-title":"Advances in Neural Information Processing Systems"},{"key":"e_1_3_2_2_43_1","volume-title":"Graphsearchnet: Enhancing gnns via capturing global dependency for semantic code search. arXiv preprint arXiv:2111.02671.","author":"Liu Shangqing","year":"2021","unstructured":"Shangqing Liu, Xiaofei Xie, Lei Ma, Jingkai Siow, and Yang Liu. 2021. Graphsearchnet: Enhancing gnns via capturing global dependency for semantic code search. arXiv preprint arXiv:2111.02671."},{"key":"e_1_3_2_2_44_1","doi-asserted-by":"publisher","DOI":"10.1109\/CMPSAC.1993.404249"},{"key":"e_1_3_2_2_45_1","doi-asserted-by":"publisher","DOI":"10.1002\/smr.4360070303"},{"key":"e_1_3_2_2_46_1","unstructured":"Wai Weng Lo Siamak Layeghy Mohanad Sarhan Marcus Gallagher and Marius Portmann. 2022. GNN-based Android Malware Detection with Jumping Knowledge. arXiv preprint arXiv:2201.07537."},{"key":"e_1_3_2_2_47_1","volume-title":"Proceedings 2nd international conference on computers and applications. 877\u2013883","author":"Lyle R","year":"1987","unstructured":"R Lyle. 1987. Automatic program bug location by program slicing. In Proceedings 2nd international conference on computers and applications. 877\u2013883."},{"key":"e_1_3_2_2_48_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSR52588.2021.00063"},{"key":"e_1_3_2_2_49_1","volume-title":"Hybrid fuzz testing: Discovering software bugs via fuzzing and symbolic execution","author":"Pak Brian S","unstructured":"Brian S Pak. 2012. Hybrid fuzz testing: Discovering software bugs via fuzzing and symbolic execution. School of Computer Science Carnegie Mellon University."},{"key":"e_1_3_2_2_50_1","doi-asserted-by":"publisher","DOI":"10.1145\/222124.222138"},{"key":"e_1_3_2_2_51_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICMLA.2018.00120"},{"key":"e_1_3_2_2_52_1","volume-title":"Algorithmic program debugging","author":"Shapiro Ehud Yehuda","unstructured":"Ehud Yehuda Shapiro. 1982. Algorithmic program debugging. Yale University."},{"key":"e_1_3_2_2_53_1","first-page":"1","article-title":"Driller: Augmenting Fuzzing Through Selective Symbolic Execution","volume":"16","author":"Stephens Nick","year":"2016","unstructured":"Nick Stephens, John Grosen, Christopher Salls, Andrew Dutcher, Ruoyu Wang, Jacopo Corbetta, Yan Shoshitaishvili, Christopher Kruegel, and Giovanni Vigna. 2016. Driller: Augmenting Fuzzing Through Selective Symbolic Execution.. In NDSS. 16, 1\u201316.","journal-title":"NDSS."},{"key":"e_1_3_2_2_54_1","volume-title":"\u0141 ukasz Kaiser, and Illia Polosukhin","author":"Vaswani Ashish","year":"2017","unstructured":"Ashish Vaswani, Noam Shazeer, Niki Parmar, Jakob Uszkoreit, Llion Jones, Aidan N Gomez, \u0141 ukasz Kaiser, and Illia Polosukhin. 2017. Attention is all you need. Advances in neural information processing systems, 30 (2017)."},{"key":"e_1_3_2_2_55_1","volume-title":"Graph Attention Networks. In International Conference on Learning Representations.","author":"Veli\u010dkovi\u0107 Petar","year":"2018","unstructured":"Petar Veli\u010dkovi\u0107, Guillem Cucurull, Arantxa Casanova, Adriana Romero, Pietro Li\u00f2, and Yoshua Bengio. 2018. Graph Attention Networks. In International Conference on Learning Representations."},{"key":"e_1_3_2_2_56_1","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2020.3044773"},{"key":"e_1_3_2_2_57_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE.2019.00081"},{"key":"e_1_3_2_2_58_1","doi-asserted-by":"publisher","DOI":"10.1109\/SANER48275.2020.9054857"},{"key":"e_1_3_2_2_59_1","doi-asserted-by":"publisher","DOI":"10.1145\/3428205"},{"key":"e_1_3_2_2_60_1","volume-title":"Lambdanet: Probabilistic type inference using graph neural networks. arXiv preprint arXiv:2005.02161.","author":"Wei Jiayi","year":"2020","unstructured":"Jiayi Wei, Maruth Goyal, Greg Durrett, and Isil Dillig. 2020. Lambdanet: Probabilistic type inference using graph neural networks. arXiv preprint arXiv:2005.02161."},{"key":"e_1_3_2_2_61_1","volume-title":"Program slices: formal, psychological, and practical investigations of an automatic program abstraction method","author":"Weiser Mark David","unstructured":"Mark David Weiser. 1979. Program slices: formal, psychological, and practical investigations of an automatic program abstraction method. University of Michigan."},{"key":"e_1_3_2_2_62_1","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2022.3192631"},{"key":"e_1_3_2_2_63_1","first-page":"1","article-title":"A brief survey of program slicing","volume":"30","author":"Xu Baowen","year":"2005","unstructured":"Baowen Xu, Ju Qian, Xiaofang Zhang, Zhongqiang Wu, and Lin Chen. 2005. A brief survey of program slicing. ACM SIGSOFT Software Engineering Notes, 30, 2 (2005), 1\u201336.","journal-title":"ACM SIGSOFT Software Engineering Notes"},{"key":"e_1_3_2_2_64_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2014.44"},{"key":"e_1_3_2_2_65_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICECCS.1998.706659"},{"key":"e_1_3_2_2_66_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE-SEIP52600.2021.00020"},{"key":"e_1_3_2_2_67_1","doi-asserted-by":"publisher","DOI":"10.1109\/ASE51524.2021.9678720"},{"key":"e_1_3_2_2_68_1","volume-title":"Devign: Effective vulnerability identification by learning comprehensive program semantics via graph neural networks. Advances in neural information processing systems, 32","author":"Zhou Yaqin","year":"2019","unstructured":"Yaqin Zhou, Shangqing Liu, Jingkai Siow, Xiaoning Du, and Yang Liu. 2019. Devign: Effective vulnerability identification by learning comprehensive program semantics via graph neural networks. Advances in neural information processing systems, 32 (2019)."},{"key":"e_1_3_2_2_69_1","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/3468854","article-title":"Spi: Automated identification of security patches via commits","volume":"31","author":"Zhou Yaqin","year":"2021","unstructured":"Yaqin Zhou, Jing Kai Siow, Chenyu Wang, Shangqing Liu, and Yang Liu. 2021. Spi: Automated identification of security patches via commits. ACM Transactions on Software Engineering and Methodology (TOSEM), 31, 1 (2021), 1\u201327.","journal-title":"ACM Transactions on Software Engineering and Methodology (TOSEM)"},{"key":"e_1_3_2_2_70_1","first-page":"2224","article-title":"\u03bc VulDeePecker: A Deep Learning-Based System for Multiclass Vulnerability Detection","volume":"18","author":"Zou Deqing","year":"2019","unstructured":"Deqing Zou, Sujuan Wang, Shouhuai Xu, Zhen Li, and Hai Jin. 2019. \u03bc VulDeePecker: A Deep Learning-Based System for Multiclass Vulnerability Detection. IEEE Transactions on Dependable and Secure Computing, 18, 5 (2019), 2224\u20132236.","journal-title":"IEEE Transactions on Dependable and Secure Computing"}],"event":{"name":"ESEC\/FSE '23: 31st ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering","location":"San Francisco CA USA","acronym":"ESEC\/FSE '23","sponsor":["SIGSOFT ACM Special Interest Group on Software Engineering"]},"container-title":["Proceedings of the 31st ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3611643.3616351","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3611643.3616351","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T16:36:11Z","timestamp":1750178171000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3611643.3616351"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,11,30]]},"references-count":70,"alternative-id":["10.1145\/3611643.3616351","10.1145\/3611643"],"URL":"https:\/\/doi.org\/10.1145\/3611643.3616351","relation":{},"subject":[],"published":{"date-parts":[[2023,11,30]]},"assertion":[{"value":"2023-11-30","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}