{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,14]],"date-time":"2026-05-14T13:27:21Z","timestamp":1778765241912,"version":"3.51.4"},"publisher-location":"New York, NY, USA","reference-count":59,"publisher":"ACM","license":[{"start":{"date-parts":[[2023,12,4]],"date-time":"2023-12-04T00:00:00Z","timestamp":1701648000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"German Federal Ministry of Education and Research","award":["16KIS1165K"],"award-info":[{"award-number":["16KIS1165K"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2023,12,4]]},"DOI":"10.1145\/3627106.3627188","type":"proceedings-article","created":{"date-parts":[[2023,12,2]],"date-time":"2023-12-02T18:13:22Z","timestamp":1701540802000},"page":"704-717","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":3,"title":["PAVUDI: Patch-based Vulnerability Discovery using Machine Learning"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-4337-4390","authenticated-orcid":false,"given":"Tom","family":"Ganz","sequence":"first","affiliation":[{"name":"SAP SE, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0009-0003-2854-6419","authenticated-orcid":false,"given":"Erik","family":"Imgrund","sequence":"additional","affiliation":[{"name":"SAP SE, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-8349-5912","authenticated-orcid":false,"given":"Martin","family":"H\u00e4rterich","sequence":"additional","affiliation":[{"name":"SAP SE, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-5054-8758","authenticated-orcid":false,"given":"Konrad","family":"Rieck","sequence":"additional","affiliation":[{"name":"Technische Universit\u00e4t Berlin, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2023,12,4]]},"reference":[{"key":"e_1_3_2_1_1_1","volume-title":"Compilers: Principles, Techniques, and Tools","author":"Aho V.","year":"2006","unstructured":"Alfred\u00a0V. Aho, Monica\u00a0S. Lam, Ravi Sethi, and Jeffrey\u00a0D. Ullman. 2006. Compilers: Principles, Techniques, and Tools (2nd Edition). Addison-Wesley Longman Publishing Co., Inc., USA.","edition":"2"},{"key":"e_1_3_2_1_2_1","volume-title":"Learning to Represent Programs with Graphs. CoRR abs\/1711.00740","author":"Allamanis Miltiadis","year":"2017","unstructured":"Miltiadis Allamanis, Marc Brockschmidt, and Mahmoud Khademi. 2017. Learning to Represent Programs with Graphs. CoRR abs\/1711.00740 (2017). arxiv:1711.00740http:\/\/arxiv.org\/abs\/1711.00740"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","unstructured":"Roberto Amadini Graeme Gange Peter Schachte Harald S\u00f8ndergaard and Peter\u00a0J. Stuckey. 2020. Abstract Interpretation Symbolic Execution and Constraints. In Recent Developments in the Design and Implementation of Programming Languages(OpenAccess Series in Informatics (OASIcs) Vol.\u00a086) Frank\u00a0S. de\u00a0Boer and Jacopo Mauro (Eds.). Schloss Dagstuhl\u2013Leibniz-Zentrum f\u00fcr Informatik Dagstuhl Germany 7:1\u20137:19. https:\/\/doi.org\/10.4230\/OASIcs.Gabbrielli.7","DOI":"10.4230\/OASIcs.Gabbrielli.7"},{"key":"e_1_3_2_1_4_1","volume-title":"Dos and Don\u2019ts of Machine Learning in Computer Security. CoRR abs\/2010.09470","author":"Arp Daniel","year":"2020","unstructured":"Daniel Arp, Erwin Quiring, Feargus Pendlebury, Alexander Warnecke, Fabio Pierazzi, Christian Wressnegger, Lorenzo Cavallaro, and Konrad Rieck. 2020. Dos and Don\u2019ts of Machine Learning in Computer Security. CoRR abs\/2010.09470 (2020). arxiv:2010.09470https:\/\/arxiv.org\/abs\/2010.09470"},{"key":"e_1_3_2_1_5_1","unstructured":"Sindre Beba and Magnus\u00a0Melseth Karlsen. 2019. Implementation Analysis of Open-Source Static Analysis Tools for Detecting Security Vulnerabilities."},{"key":"e_1_3_2_1_6_1","volume-title":"Neural Code Comprehension: A Learnable Representation of Code Semantics. CoRR abs\/1806.07336","author":"Ben-Nun Tal","year":"2018","unstructured":"Tal Ben-Nun, Alice\u00a0Shoshana Jakobovits, and Torsten Hoefler. 2018. Neural Code Comprehension: A Learnable Representation of Code Semantics. CoRR abs\/1806.07336 (2018). arxiv:1806.07336http:\/\/arxiv.org\/abs\/1806.07336"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3134020"},{"key":"e_1_3_2_1_8_1","volume-title":"Quantifying Behavioral Differences Between C and C++ Programs. Journal of Programming Languages 2 (02","author":"Calder Brad","year":"1994","unstructured":"Brad Calder, Dirk Grunwald, and Benjamin Zorn. 1994. Quantifying Behavioral Differences Between C and C++ Programs. Journal of Programming Languages 2 (02 1994)."},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.infsof.2021.106576"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.infsof.2021.106576"},{"key":"e_1_3_2_1_11_1","volume-title":"Deep learning based vulnerability detection: Are we there yet","author":"Chakraborty Saikat","year":"2021","unstructured":"Saikat Chakraborty, Rahul Krishna, Yangruibo Ding, and Baishakhi Ray. 2021. Deep learning based vulnerability detection: Are we there yet. IEEE Transactions on Software Engineering (2021)."},{"key":"e_1_3_2_1_12_1","volume-title":"DiverseVul: A New Vulnerable Source Code Dataset for Deep Learning Based Vulnerability Detection. ArXiv abs\/2304.00409","author":"Chen Yizheng","year":"2023","unstructured":"Yizheng Chen, Zhoujie Ding, Xinyun Chen, and David\u00a0A. Wagner. 2023. DiverseVul: A New Vulnerable Source Code Dataset for Deep Learning Based Vulnerability Detection. ArXiv abs\/2304.00409 (2023)."},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/3436877"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1145\/3436877"},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1145\/3533767.3534371"},{"key":"e_1_3_2_1_16_1","volume-title":"14th USENIX Workshop on Offensive Technologies (WOOT 20)","author":"Fioraldi Andrea","year":"2020","unstructured":"Andrea Fioraldi, Dominik Maier, Heiko Ei\u00dffeldt, and Marc Heuse. 2020. AFL++: Combining Incremental Steps of Fuzzing Research. In 14th USENIX Workshop on Offensive Technologies (WOOT 20). USENIX Association."},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/3524842.3528452"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1145\/3577923.3583657"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1145\/3474369.3486866"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1109\/EuroSP57164.2023.00038"},{"key":"e_1_3_2_1_21_1","volume-title":"Deep anomaly detection using geometric transformations. arXiv preprint arXiv:1805.10917","author":"Golan Izhak","year":"2018","unstructured":"Izhak Golan and Ran El-Yaniv. 2018. Deep anomaly detection using geometric transformations. arXiv preprint arXiv:1805.10917 (2018)."},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"crossref","unstructured":"Danielle Gonzalez T. Zimmermann Patrice Godefroid and Maxine Schaefer. 2021. Anomalicious: Automated Detection of Anomalous and Potentially Malicious Commits on GitHub. 2021 IEEE\/ACM 43rd International Conference on Software Engineering: Software Engineering in Practice (ICSE-SEIP) (2021) 258\u2013267.","DOI":"10.1109\/ICSE-SEIP52600.2021.00035"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1145\/2857705.2857720"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/3243734.3243792"},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2017.62"},{"key":"e_1_3_2_1_26_1","volume-title":"Kipf and Max Welling","author":"N.","year":"2016","unstructured":"Thomas\u00a0N. Kipf and Max Welling. 2016. Semi-Supervised Classification with Graph Convolutional Networks. CoRR abs\/1609.02907 (2016). arxiv:1609.02907http:\/\/arxiv.org\/abs\/1609.02907"},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-85706-5_42"},{"key":"e_1_3_2_1_28_1","unstructured":"Yujia Li Daniel Tarlow Marc Brockschmidt and Richard Zemel. 2017. Gated Graph Sequence Neural Networks. arxiv:1511.05493\u00a0[cs.LG]"},{"key":"e_1_3_2_1_29_1","volume-title":"SySeVR: A Framework for Using Deep Learning to Detect Software Vulnerabilities. CoRR abs\/1807.06756","author":"Li Zhen","year":"2018","unstructured":"Zhen Li, Deqing Zou, Shouhuai Xu, Hai Jin, Yawei Zhu, Zhaoxuan Chen, Sujuan Wang, and Jialai Wang. 2018. SySeVR: A Framework for Using Deep Learning to Detect Software Vulnerabilities. CoRR abs\/1807.06756 (2018). arXiv:1807.06756http:\/\/arxiv.org\/abs\/1807.06756"},{"key":"e_1_3_2_1_30_1","volume-title":"VulDeePecker: A Deep Learning-Based System for Vulnerability Detection. CoRR abs\/1801.01681","author":"Li Zhen","year":"2018","unstructured":"Zhen Li, Deqing Zou, Shouhuai Xu, Xinyu Ou, Hai Jin, Sujuan Wang, Zhijun Deng, and Yuyi Zhong. 2018. VulDeePecker: A Deep Learning-Based System for Vulnerability Detection. CoRR abs\/1801.01681 (2018). arxiv:1801.01681http:\/\/arxiv.org\/abs\/1801.01681"},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1145\/1102351.1102430"},{"key":"e_1_3_2_1_32_1","volume-title":"Principles of Program Analysis","author":"Nielson Flemming","unstructured":"Flemming Nielson, Hanne\u00a0R. Nielson, and Chris Hankin. 2010. Principles of Program Analysis. Springer Publishing Company, Incorporated."},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1145\/3460319.3464840"},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1145\/2991079.2991103"},{"key":"e_1_3_2_1_35_1","volume-title":"Automated Vulnerability Detection in Source Code Using Deep Representation Learning. CoRR abs\/1807.04320","author":"Russell L.","year":"2018","unstructured":"Rebecca\u00a0L. Russell, Louis\u00a0Y. Kim, Lei\u00a0H. Hamilton, Tomo Lazovich, Jacob\u00a0A. Harer, Onur Ozdemir, Paul\u00a0M. Ellingwood, and Marc\u00a0W. McConley. 2018. Automated Vulnerability Detection in Source Code Using Deep Representation Learning. CoRR abs\/1807.04320 (2018). arxiv:1807.04320http:\/\/arxiv.org\/abs\/1807.04320"},{"key":"e_1_3_2_1_36_1","volume-title":"Advances in Neural Information Processing Systems, H.\u00a0Larochelle, M.\u00a0Ranzato, R.\u00a0Hadsell, M.\u00a0F. Balcan, and H.\u00a0Lin (Eds.). Vol.\u00a033. Curran Associates","author":"Sanchez-Lengeling Benjamin","year":"2020","unstructured":"Benjamin Sanchez-Lengeling, Jennifer Wei, Brian Lee, Emily Reif, Peter Wang, Wesley Qian, Kevin McCloskey, Lucy Colwell, and Alexander Wiltschko. 2020. Evaluating Attribution for Graph Neural Networks. In Advances in Neural Information Processing Systems, H.\u00a0Larochelle, M.\u00a0Ranzato, R.\u00a0Hadsell, M.\u00a0F. Balcan, and H.\u00a0Lin (Eds.). Vol.\u00a033. Curran Associates, Inc., 5898\u20135910. https:\/\/proceedings.neurips.cc\/paper\/2020\/file\/417fbbf2e9d5a28a855a11894b2e795a-Paper.pdf"},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2010.26"},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICCV.2017.74"},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1145\/3290361"},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1145\/3534678.3539366"},{"key":"e_1_3_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.1145\/3453483.3454026"},{"key":"e_1_3_2_1_42_1","volume-title":"Graph Attention Networks. International Conference on Learning Representations","author":"Veli\u010dkovi\u0107 Petar","year":"2018","unstructured":"Petar Veli\u010dkovi\u0107, Guillem Cucurull, Arantxa Casanova, Adriana Romero, Pietro Li\u00f2, and Yoshua Bengio. 2018. Graph Attention Networks. International Conference on Learning Representations (2018). https:\/\/openreview.net\/forum?id=rJXMpikCZ"},{"key":"e_1_3_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2020.3044773"},{"key":"e_1_3_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2020.3044773"},{"key":"e_1_3_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP46215.2023.00035"},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1109\/DSN48987.2021.00030"},{"key":"e_1_3_2_1_47_1","doi-asserted-by":"publisher","DOI":"10.1109\/MILCOM52596.2021.9652940"},{"key":"e_1_3_2_1_48_1","doi-asserted-by":"publisher","DOI":"10.1109\/MILCOM52596.2021.9652940"},{"key":"e_1_3_2_1_49_1","doi-asserted-by":"publisher","DOI":"10.1109\/EuroSP48549.2020.00018"},{"key":"e_1_3_2_1_50_1","doi-asserted-by":"publisher","DOI":"10.1145\/103135.103136"},{"key":"e_1_3_2_1_51_1","volume-title":"A Comprehensive Survey on Graph Neural Networks. CoRR abs\/1901.00596","author":"Wu Zonghan","year":"2019","unstructured":"Zonghan Wu, Shirui Pan, Fengwen Chen, Guodong Long, Chengqi Zhang, and Philip\u00a0S. Yu. 2019. A Comprehensive Survey on Graph Neural Networks. CoRR abs\/1901.00596 (2019). arxiv:1901.00596http:\/\/arxiv.org\/abs\/1901.00596"},{"key":"e_1_3_2_1_52_1","volume-title":"International Conference on Learning Representations. https:\/\/openreview.net\/forum?id=ryGs6iA5Km","author":"Xu Keyulu","year":"2019","unstructured":"Keyulu Xu, Weihua Hu, Jure Leskovec, and Stefanie Jegelka. 2019. How Powerful are Graph Neural Networks?. In International Conference on Learning Representations. https:\/\/openreview.net\/forum?id=ryGs6iA5Km"},{"key":"e_1_3_2_1_53_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2014.44"},{"key":"e_1_3_2_1_54_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2014.44"},{"key":"e_1_3_2_1_55_1","doi-asserted-by":"publisher","DOI":"10.1145\/1315245.1315261"},{"key":"e_1_3_2_1_56_1","doi-asserted-by":"publisher","DOI":"10.1145\/2025113.2025121"},{"key":"e_1_3_2_1_57_1","volume-title":"VulSPG: Vulnerability detection based on slice property graph representation learning. CoRR abs\/2109.02527","author":"Zheng Weining","year":"2021","unstructured":"Weining Zheng, Yuan Jiang, and Xiaohong Su. 2021. VulSPG: Vulnerability detection based on slice property graph representation learning. CoRR abs\/2109.02527 (2021). arXiv:2109.02527https:\/\/arxiv.org\/abs\/2109.02527"},{"key":"e_1_3_2_1_58_1","volume-title":"Devign: Effective Vulnerability Identification by Learning Comprehensive Program Semantics via Graph Neural Networks. CoRR abs\/1909.03496","author":"Zhou Yaqin","year":"2019","unstructured":"Yaqin Zhou, Shangqing Liu, Jing\u00a0Kai Siow, Xiaoning Du, and Yang Liu. 2019. Devign: Effective Vulnerability Identification by Learning Comprehensive Program Semantics via Graph Neural Networks. CoRR abs\/1909.03496 (2019). arxiv:1909.03496http:\/\/arxiv.org\/abs\/1909.03496"},{"key":"e_1_3_2_1_59_1","volume-title":"Devign: Effective Vulnerability Identification by Learning Comprehensive Program Semantics via Graph Neural Networks. CoRR abs\/1909.03496","author":"Zhou Yaqin","year":"2019","unstructured":"Yaqin Zhou, Shangqing Liu, Jing\u00a0Kai Siow, Xiaoning Du, and Yang Liu. 2019. Devign: Effective Vulnerability Identification by Learning Comprehensive Program Semantics via Graph Neural Networks. CoRR abs\/1909.03496 (2019). arXiv:1909.03496http:\/\/arxiv.org\/abs\/1909.03496"}],"event":{"name":"ACSAC '23: Annual Computer Security Applications Conference","location":"Austin TX USA","acronym":"ACSAC '23"},"container-title":["Annual Computer Security Applications Conference"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3627106.3627188","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3627106.3627188","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,8,22]],"date-time":"2025-08-22T17:40:22Z","timestamp":1755884422000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3627106.3627188"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,12,4]]},"references-count":59,"alternative-id":["10.1145\/3627106.3627188","10.1145\/3627106"],"URL":"https:\/\/doi.org\/10.1145\/3627106.3627188","relation":{},"subject":[],"published":{"date-parts":[[2023,12,4]]},"assertion":[{"value":"2023-12-04","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}