{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,8,23]],"date-time":"2025-08-23T00:08:44Z","timestamp":1755907724623,"version":"3.44.0"},"publisher-location":"New York, NY, USA","reference-count":84,"publisher":"ACM","license":[{"start":{"date-parts":[[2024,6,19]],"date-time":"2024-06-19T00:00:00Z","timestamp":1718755200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2024,6,19]]},"DOI":"10.1145\/3626232.3653256","type":"proceedings-article","created":{"date-parts":[[2024,6,10]],"date-time":"2024-06-10T18:20:25Z","timestamp":1718043625000},"page":"337-347","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":0,"title":["CrashTalk: Automated Generation of Precise, Human Readable, Descriptions of Software Security Bugs"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0009-0006-4810-1945","authenticated-orcid":false,"given":"Kedrian","family":"James","sequence":"first","affiliation":[{"name":"University of North Carolina at Chapel Hill, Chapel Hill, NC, USA"}]},{"ORCID":"https:\/\/orcid.org\/0009-0006-6565-3856","authenticated-orcid":false,"given":"Kevin","family":"Valakuzhy","sequence":"additional","affiliation":[{"name":"Georgia Institute of Technology, Atlanta, GA, USA"}]},{"ORCID":"https:\/\/orcid.org\/0009-0007-3666-9880","authenticated-orcid":false,"given":"Kevin","family":"Snow","sequence":"additional","affiliation":[{"name":"Zeropoint Dynamics, Chapel Hill, NC, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9805-2217","authenticated-orcid":false,"given":"Fabian","family":"Monrose","sequence":"additional","affiliation":[{"name":"Georgia Institute of Technology, Atlanta, GA, USA"}]}],"member":"320","published-online":{"date-parts":[[2024,6,19]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1109\/ASE.2009.25"},{"key":"e_1_3_2_1_2_1","volume-title":"Conference of the center for advanced studies on collaborative research: meeting of minds. 304--318","author":"Antoniol Giuliano","year":"2008","unstructured":"Giuliano Antoniol, Kamel Ayari, Massimiliano Di Penta, Foutse Khomh, and Yann-Ga\u00ebl Gu\u00e9h\u00e9neuc. 2008. Is it a bug or an enhancement? A text-based approach to classify change requests. In Conference of the center for advanced studies on collaborative research: meeting of minds. 304--318."},{"key":"e_1_3_2_1_3_1","article-title":"Cleaning the NVD: Comprehensive quality assessment, improvements, and analyses","volume":"19","author":"Anwar Afsah","year":"2021","unstructured":"Afsah Anwar, Ahmed Abusnaina, Songqing Chen, Frank Li, and David Mohaisen. 2021. Cleaning the NVD: Comprehensive quality assessment, improvements, and analyses. IEEE Transactions on Dependable and Secure Computing, Vol. 19, 6 (2021).","journal-title":"IEEE Transactions on Dependable and Secure Computing"},{"key":"e_1_3_2_1_4_1","unstructured":"K. Arjun. 2012. Key factors impacting on response time of software vendors in releasing patches for software vulnerabilities."},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.infoecopol.2009.10.002"},{"key":"e_1_3_2_1_6_1","unstructured":"Avaya. 2019. H.323.Deskphone and IP Conference Phone DHCP security update (CVE-2011-0997 and CVE-2009-0692)."},{"key":"e_1_3_2_1_7_1","unstructured":"Fabrice Bellard. 2019. QEMU Tiny Code Generator. https:\/\/github.com\/qemu\/qemu\/tree\/v4.2.0\/tcg"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1145\/1453101.1453146"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","unstructured":"Paul Black. 2018. Juliet 1.3 Test Suite: Changes From 1.2. https:\/\/doi.org\/10.6028\/NIST.TN.1995","DOI":"10.6028\/NIST.TN.1995"},{"key":"e_1_3_2_1_10_1","volume-title":"USENIX Security Symposium.","author":"Blazytko Tim","year":"2020","unstructured":"Tim Blazytko, Moritz Schl\u00f6gel, Cornelius Aschermann, Ali Abbasi, Joel Frank, Simon W\u00f6rner, and Thorsten Holz. 2020. $$AURORA$$: Statistical Crash Analysis for Automated Root Cause Explanation. In USENIX Security Symposium."},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"crossref","unstructured":"Marcel B\u00f6hme Ezekiel O Soremekun Sudipta Chattopadhyay Emamurho Ugherughe and Andreas Zeller. 2017. Where is the bug and how is it fixed? an experiment with practitioners. In Foundations of Software Engineering.","DOI":"10.1145\/3106237.3106255"},{"key":"e_1_3_2_1_12_1","unstructured":"Irena Bojanova. 2021. The Bugs Framework (BF). https:\/\/usnistgov.github.io\/BF"},{"key":"e_1_3_2_1_13_1","volume-title":"IEEE International Conference on Software Quality, Reliability and Security. IEEE, 175--182","author":"Bojanova Irena","year":"2021","unstructured":"Irena Bojanova, Paul E Black, Yaacov Yesha, and Yan Wu. 2021a. The bugs framework (BF): A Structured Approach to Express Bugs. In IEEE International Conference on Software Quality, Reliability and Security. IEEE, 175--182."},{"volume-title":"Classifying Memory Bugs Using Bugs Framework Approach","author":"Bojanova Irena","key":"e_1_3_2_1_14_1","unstructured":"Irena Bojanova and Carlos Eduardo Galhardo. 2021. Classifying Memory Bugs Using Bugs Framework Approach. In IEEE Annual Computers, Software, and Applications Conference. 1157--1164."},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1109\/ISSREW53611.2021.00052"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1109\/SIN56466.2022.9970537"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1109\/SANER53432.2022.00050"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2022.3171202"},{"key":"e_1_3_2_1_19_1","volume-title":"REPT: Reverse Debugging of Failures in Deployed Software. In USENIX Symposium on Operating Systems Design and Implementation.","author":"Cui Weidong","year":"2018","unstructured":"Weidong Cui, Xinyang Ge, Baris Kasikci, Ben Niu, Upamanyu Sharma, Ruoyu Wang, and Insu Yun. 2018. REPT: Reverse Debugging of Failures in Deployed Software. In USENIX Symposium on Operating Systems Design and Implementation."},{"key":"e_1_3_2_1_20_1","volume-title":"International Conference on Software Engineering.","author":"Cui Weidong","year":"2016","unstructured":"Weidong Cui, Marcus Peinado, Sang Kil Cha, Yanick Fratantonio, and Vasileios P Kemerlis. 2016. Retracer: Triaging Crashes by Reverse Execution From Partial Memory Dumps. In International Conference on Software Engineering."},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.6028\/NIST.SP.500-326"},{"key":"e_1_3_2_1_22_1","volume-title":"Approaches, Tools and Practices. Information Software Technology","author":"Dissanayake Nesara","year":"2020","unstructured":"Nesara Dissanayake, Asangi Jayatilaka, Mansooreh Zahedi, and Muhammad Ali Babar. 2020. Software Security Patch Management - A Systematic Literature Review of Challenges, Approaches, Tools and Practices. Information Software Technology (2020)."},{"key":"e_1_3_2_1_23_1","volume-title":"My hairiest bug war stories. Commun. ACM","author":"Eisenstadt Marc","year":"1997","unstructured":"Marc Eisenstadt. 1997. My hairiest bug war stories. Commun. ACM (1997), 30--37."},{"key":"e_1_3_2_1_24_1","volume-title":"Aron Laszka, and Jens Grossklags.","author":"Farhang Sadegh","year":"2019","unstructured":"Sadegh Farhang, Mehmet Bahadir Kirdan, Aron Laszka, and Jens Grossklags. 2019. Hey Google, What Exactly Do Your Security Patches Tell Us? A Large-Scale Empirical Study on Android Patched Vulnerabilities. ArXiv (2019)."},{"key":"e_1_3_2_1_25_1","unstructured":"Ed FIRST. 2015a. Common Vulnerability Scoring System v3. 0: Specification Document."},{"key":"e_1_3_2_1_26_1","unstructured":"Ed FIRST. 2015b. Common Vulnerability Scoring System v3.1: User Guide. https:\/\/www.first.org\/cvss\/v3.1\/user-guide"},{"key":"e_1_3_2_1_27_1","unstructured":"Jonathan Foote. 2015. Exploitable crash analyzer version 1.6. https:\/\/github.com\/jfoote\/exploitable."},{"key":"e_1_3_2_1_28_1","unstructured":"Recorded Future. 2018. Threat Actors Remember the Vulnerabilities We Forget."},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1145\/3427228.3427257"},{"key":"e_1_3_2_1_30_1","volume-title":"Heinze","author":"Gentsch Christoph","year":"2021","unstructured":"Christoph Gentsch, Rohan Krishnamurthy, and Thomas S. Heinze. 2021. Benchmarking Open-Source Static Analyzers for Security Testing for C. In Leveraging Applications of Formal Methods, Verification and Validation: Tools and Trends."},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICECCS.2019.00011"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSME.2017.52"},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1109\/SER-IP52554.2021.00014"},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"crossref","unstructured":"Gaeul Jeong Sunghun Kim and Thomas Zimmermann. 2009. Improving Bug Triage With Bug Tossing Graphs. In ACM Foundations of Software Engineering. 111--120.","DOI":"10.1145\/1595696.1595715"},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1145\/3548606.3560575"},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1145\/2151024.2151042"},{"key":"e_1_3_2_1_37_1","volume-title":"Richard L Rogers, and Brad S Chissom.","author":"Kincaid J Peter","year":"1975","unstructured":"J Peter Kincaid, Robert P Fishburne Jr, Richard L Rogers, and Brad S Chissom. 1975. Derivation of new readability formulas (automated readability index, fog count and flesch reading ease formula) for navy enlisted personnel. Technical Report. Naval Research Branch."},{"key":"e_1_3_2_1_38_1","volume-title":"Evaluating Fuzz Testing. In ACM Conference on Computer and Communications Security.","author":"Klees George","year":"2018","unstructured":"George Klees, Andrew Ruef, Benji Cooper, Shiyi Wei, and Michael Hicks. 2018. Evaluating Fuzz Testing. In ACM Conference on Computer and Communications Security."},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1145\/2931037.2931051"},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1145\/2597073.2597088"},{"key":"e_1_3_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3134072"},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE43902.2021.00067"},{"key":"e_1_3_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.1145\/3533767.3534380"},{"key":"e_1_3_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.1145\/800174.809754"},{"key":"e_1_3_2_1_45_1","unstructured":"MITRE. 1999. Common Vulnerabilities and Exposures (CVE). https:\/\/cve.mitre.org\/"},{"key":"e_1_3_2_1_46_1","unstructured":"Mitre. 2000. CWE Mapping Guide. https:\/\/cwe.mitre.org\/documents\/cwe_usage\/quick_tips.html"},{"key":"e_1_3_2_1_47_1","volume-title":"POMP: Facilitating Postmortem Program Diagnosis with Value-set Analysis","author":"Mu Dongliang","year":"2019","unstructured":"Dongliang Mu, Yunlan Du, Jianhao Xu, Jun Xu, Xinyu Xing, Bing Mao, and Peng Liu. 2019a. POMP: Facilitating Postmortem Program Diagnosis with Value-set Analysis. IEEE Transactions on Software Engineering (2019)."},{"key":"e_1_3_2_1_48_1","doi-asserted-by":"publisher","DOI":"10.1109\/ASE.2019.00090"},{"key":"e_1_3_2_1_49_1","volume-title":"Analysis: Assessing Correlation between CVSS Scores in Vulnerability Disclosures and Patching. Biomedical instrumentation & technology","author":"Murthy Vidya","year":"2020","unstructured":"Vidya Murthy. 2020. Analysis: Assessing Correlation between CVSS Scores in Vulnerability Disclosures and Patching. Biomedical instrumentation & technology (2020), 44--46."},{"key":"e_1_3_2_1_50_1","volume-title":"Hua Jie Lee, and Kotagiri Ramamohanarao","author":"Naish Lee","year":"2011","unstructured":"Lee Naish, Hua Jie Lee, and Kotagiri Ramamohanarao. 2011. A model for spectra-based software diagnosis. Transactions on software engineering and methodology (2011), 1--32."},{"key":"e_1_3_2_1_51_1","unstructured":"NIST. 2000. NVD CWE Slice. https:\/\/nvd.nist.gov\/vuln\/categories"},{"key":"e_1_3_2_1_52_1","unstructured":"NIST. 2023. CVEs and the NVD Process. https:\/\/nvd.nist.gov\/general\/cve-process"},{"key":"e_1_3_2_1_53_1","doi-asserted-by":"publisher","DOI":"10.1145\/3243127.3243130"},{"key":"e_1_3_2_1_54_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICPC52881.2021.00014"},{"key":"e_1_3_2_1_55_1","doi-asserted-by":"publisher","DOI":"10.1109\/ASE.2003.1240292"},{"key":"e_1_3_2_1_56_1","doi-asserted-by":"publisher","DOI":"10.1109\/QRS.2016.28"},{"key":"e_1_3_2_1_57_1","volume-title":"AddressSanitizer: A Fast Address Sanity Checker. In USENIX Annual Technical Conference. 309--318","author":"Serebryany Konstantin","year":"2012","unstructured":"Konstantin Serebryany, Derek Bruening, Alexander Potapenko, and Dmitry Vyukov. 2012. AddressSanitizer: A Fast Address Sanity Checker. In USENIX Annual Technical Conference. 309--318."},{"key":"e_1_3_2_1_58_1","volume-title":"International Conference on Software Engineering","author":"Shahzad Muhammad","year":"2012","unstructured":"Muhammad Shahzad, Muhammad Zubair Shafiq, and Alex X. Liu. 2012. A large scale exploratory analysis of software vulnerability life cycles. International Conference on Software Engineering (2012)."},{"key":"e_1_3_2_1_59_1","volume-title":"Localizing Vulnerabilities Statistically From One Exploit. In ACM Asia Conference on Computer and Communications Security. bibinfonumpages13 pages.","author":"Shen Shiqi","year":"2021","unstructured":"Shiqi Shen, Aashish Kolluri, Zhen Dong, Prateek Saxena, and Abhik Roychoudhury. 2021. Localizing Vulnerabilities Statistically From One Exploit. In ACM Asia Conference on Computer and Communications Security. bibinfonumpages13 pages."},{"key":"e_1_3_2_1_60_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2018.2810116"},{"key":"e_1_3_2_1_61_1","doi-asserted-by":"publisher","DOI":"10.1145\/3092703.3092717"},{"key":"e_1_3_2_1_62_1","volume-title":"Annie Ibrahim Rana, and Giovani Estrada","author":"Sol\u00e9 Marc","year":"2017","unstructured":"Marc Sol\u00e9, Victor Munt\u00e9s-Mulero, Annie Ibrahim Rana, and Giovani Estrada. 2017. Survey on models and techniques for root-cause analysis. arXiv preprint arXiv:1701.08546 (2017)."},{"key":"e_1_3_2_1_63_1","volume-title":"The significance of bug report elements. Empirical Software Engineering","author":"Soltani Mozhan","year":"2020","unstructured":"Mozhan Soltani, Felienne Hermans, and Thomas B\u00e4ck. 2020. The significance of bug report elements. Empirical Software Engineering (2020), 5255--5294."},{"key":"e_1_3_2_1_64_1","doi-asserted-by":"publisher","DOI":"10.1145\/3139367.3139390"},{"key":"e_1_3_2_1_65_1","volume-title":"Writing Acceptable Patches: An Empirical Study of Open Source Project Patches. IEEE International Conference on Software Maintenance and Evolution","author":"Tao Yida","year":"2014","unstructured":"Yida Tao, DongGyun Han, and Sunghun Kim. 2014. Writing Acceptable Patches: An Empirical Study of Open Source Project Patches. IEEE International Conference on Software Maintenance and Evolution (2014), 271--280."},{"key":"e_1_3_2_1_66_1","volume-title":"Automated prediction of bug report priority using multi-factor analysis. Empirical Software Engineering","author":"Tian Yuan","year":"2014","unstructured":"Yuan Tian, D. Lo, Xin Xia, and Chengnian Sun. 2014. Automated prediction of bug report priority using multi-factor analysis. Empirical Software Engineering (2014), 1354--1383."},{"key":"e_1_3_2_1_67_1","doi-asserted-by":"publisher","DOI":"10.1109\/APSEC.2017.30"},{"key":"e_1_3_2_1_68_1","volume-title":"A survey on bug prioritization. Artificial Intelligence Review","author":"Uddin Jamal","year":"2016","unstructured":"Jamal Uddin, R. Ghazali, M. M. Deris, Rashid Naseem, and Habib Shah. 2016. A survey on bug prioritization. Artificial Intelligence Review (2016), 145--180."},{"key":"e_1_3_2_1_69_1","first-page":"38","volume-title":"Gall","author":"Vassallo Carmine","year":"2018","unstructured":"Carmine Vassallo, Sebastiano Panichella, Fabio Palomba, Sebastian Proksch, Andy Zaidman, and Harald C. Gall. 2018. Context is king: The developer perspective on the usage of static analysis tools. , bibinfonumpages38--49 pages."},{"key":"e_1_3_2_1_70_1","volume-title":"Lincoln S. Rocha, Jo ao Paulo P. Gomes, and Matheus Henrique Esteves Paix ao.","author":"Vieira Renan","year":"2022","unstructured":"Renan Vieira, C\u00e9sar Lincoln Cavalcante Mattos, Lincoln S. Rocha, Jo ao Paulo P. Gomes, and Matheus Henrique Esteves Paix ao. 2022a. The role of bug report evolution in reliable fixing estimation. Empirical Software Engineering, Vol. 27 (2022)."},{"key":"e_1_3_2_1_71_1","volume-title":"C\u00e9sar Lincoln Mattos","author":"Vieira Renan","year":"2022","unstructured":"Renan Vieira, Diego Mesquita, C\u00e9sar Lincoln Mattos, Ricardo Britto, Lincoln Rocha, and Jo ao Gomes. 2022b. Bayesian Analysis of Bug-Fixing Time Using Report Data. In ACM\/IEEE International Symposium on Empirical Software Engineering and Measurement. 57--68."},{"key":"e_1_3_2_1_72_1","volume-title":"Testers: A Comparison of Software Vulnerability Discovery Processes. IEEE Symposium on Security & Privacy","author":"Votipka Daniel","year":"2018","unstructured":"Daniel Votipka, Rock Stevens, Elissa M. Redmiles, Jeremy Hu, and Michelle L. Mazurek. 2018. Hackers vs. Testers: A Comparison of Software Vulnerability Discovery Processes. IEEE Symposium on Security & Privacy (2018), 374--391."},{"key":"e_1_3_2_1_73_1","doi-asserted-by":"publisher","DOI":"10.5220\/0005032902440252"},{"key":"e_1_3_2_1_74_1","doi-asserted-by":"crossref","unstructured":"E. Winter D. Bowes S. Counsell T. Hall S. Haraldsson V. Nowack and J. Woodward. 2023. How do Developers Really Feel About Bug Fixing? Directions for Automatic Program Repair. IEEE Transactions on Software Engineering (2023) 1823--1841.","DOI":"10.1109\/TSE.2022.3194188"},{"key":"e_1_3_2_1_75_1","volume-title":"CrossTalk","volume":"45","author":"Wu Yan","year":"2015","unstructured":"Yan Wu, Irena Bojanova, and Yaacov Yesha. 2015. They know your weaknesses--do you?: Reintroducing common weakness enumeration. CrossTalk, Vol. 45 (2015)."},{"key":"e_1_3_2_1_76_1","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978340"},{"key":"e_1_3_2_1_77_1","volume-title":"POMP: Postmortem Program Analysis with Hardware-enhanced Post-crash Artifacts. In USENIX Security Symposium","author":"Xu Jun","year":"2017","unstructured":"Jun Xu, Dongliang Mu, Xinyu Xing, Peng Liu, Ping Chen, and Bing Mao. 2017a. POMP: Postmortem Program Analysis with Hardware-enhanced Post-crash Artifacts. In USENIX Security Symposium (Vancouver, BC, Canada). 17--32."},{"key":"e_1_3_2_1_78_1","volume-title":"USENIX Security Symposium. 17--32","author":"Xu Jun","year":"2017","unstructured":"Jun Xu, Dongliang Mu, Xinyu Xing, Peng Liu, Ping Chen, and Bing Mao. 2017b. Postmortem program analysis with hardware-enhanced post-crash artifacts. In USENIX Security Symposium. 17--32."},{"key":"e_1_3_2_1_79_1","volume-title":"Automated Bug Hunting With Data-Driven Symbolic Root Cause Analysis. In ACM Conference on Computer and Communications Security. bibinfonumpages17 pages.","author":"Yagemann Carter","year":"2021","unstructured":"Carter Yagemann, Simon P. Chung, Brendan Saltaformaggio, and Wenke Lee. 2021a. Automated Bug Hunting With Data-Driven Symbolic Root Cause Analysis. In ACM Conference on Computer and Communications Security. bibinfonumpages17 pages."},{"key":"e_1_3_2_1_80_1","volume-title":"ARCUS: Symbolic Root Cause Analysis of Exploits in Production Systems. In USENIX Security Symposium.","author":"Yagemann Carter","year":"2021","unstructured":"Carter Yagemann, Matthew Pruett, Simon P. Chung, Kennon Bittick, Brendan Saltaformaggio, and Wenke Lee. 2021b. ARCUS: Symbolic Root Cause Analysis of Exploits in Production Systems. In USENIX Security Symposium."},{"key":"e_1_3_2_1_81_1","volume-title":"Isolating cause-effect chains from computer programs. ACM Software Engineering Notes","author":"Zeller Andreas","year":"2002","unstructured":"Andreas Zeller. 2002. Isolating cause-effect chains from computer programs. ACM Software Engineering Notes (2002), 1--10."},{"key":"e_1_3_2_1_82_1","volume-title":"Bertscore: Evaluating text generation with bert. arXiv preprint arXiv:1904.09675","author":"Zhang Tianyi","year":"2019","unstructured":"Tianyi Zhang, Varsha Kishore, Felix Wu, Kilian Q Weinberger, and Yoav Artzi. 2019a. Bertscore: Evaluating text generation with bert. arXiv preprint arXiv:1904.09675 (2019)."},{"key":"e_1_3_2_1_83_1","doi-asserted-by":"publisher","DOI":"10.1109\/SANER.2019.8668002"},{"key":"e_1_3_2_1_84_1","volume-title":"What makes a good bug report? IEEE Transactions on Software Engineering","author":"Zimmermann Thomas","year":"2010","unstructured":"Thomas Zimmermann, Rahul Premraj, Nicolas Bettenburg, Sascha Just, Adrian Schroter, and Cathrin Weiss. 2010. What makes a good bug report? IEEE Transactions on Software Engineering (2010), 618--643. endthebibl"}],"event":{"name":"CODASPY '24: Fourteenth ACM Conference on Data and Application Security and Privacy","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"],"location":"Porto Portugal","acronym":"CODASPY '24"},"container-title":["Proceedings of the Fourteenth ACM Conference on Data and Application Security and Privacy"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3626232.3653256","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3626232.3653256","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,8,22]],"date-time":"2025-08-22T19:49:19Z","timestamp":1755892159000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3626232.3653256"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,6,19]]},"references-count":84,"alternative-id":["10.1145\/3626232.3653256","10.1145\/3626232"],"URL":"https:\/\/doi.org\/10.1145\/3626232.3653256","relation":{},"subject":[],"published":{"date-parts":[[2024,6,19]]},"assertion":[{"value":"2024-06-19","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}