{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,26]],"date-time":"2026-03-26T06:53:40Z","timestamp":1774508020782,"version":"3.50.1"},"reference-count":73,"publisher":"Association for Computing Machinery (ACM)","issue":"4","license":[{"start":{"date-parts":[[2024,4,20]],"date-time":"2024-04-20T00:00:00Z","timestamp":1713571200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/501100001809","name":"National Nature Science Foundation of China","doi-asserted-by":"crossref","award":["62202303, U21B2019, U20B2048"],"award-info":[{"award-number":["62202303, U21B2019, U20B2048"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"crossref"}]},{"name":"Shanghai Sailing Program","award":["21YF1421700"],"award-info":[{"award-number":["21YF1421700"]}]},{"name":"Defence Industrial Technology Development Program","award":["JCKY2020604B004"],"award-info":[{"award-number":["JCKY2020604B004"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Trans. Softw. Eng. Methodol."],"published-print":{"date-parts":[[2024,5,31]]},"abstract":"<jats:p>To detect software vulnerabilities with better performance, deep neural networks (DNNs) have received extensive attention recently. However, these vulnerability detection DNN models trained with code representations are vulnerable to specific perturbations on code representations. This motivates us to rethink the bane of software vulnerability detection and find function-agnostic features during code representation which we name as semantic redundant features. This paper first identifies a tight correlation between function-agnostic triggers and semantic redundant feature space (where the redundant features reside) in these DNN models. For correlation identification, we propose a novel Backdoor-based Semantic Redundancy Exploration (BSemRE) framework. In BSemRE, the sensitivity of the trained models to function-agnostic triggers is observed to verify the existence of semantic redundancy in various code representations. Specifically, acting as the typical manifestations of semantic redundancy, naming conventions, ternary operators and identically-true conditions are exploited to generate function-agnostic triggers. Extensive comparative experiments on 1,613,823 samples of eight representative vulnerability datasets and state-of-the-art code representation techniques and vulnerability detection models demonstrate that the existence of semantic redundancy determines the upper trustworthiness limit of DNN-based software vulnerability detection. To the best of our knowledge, this is the first work exploring the bane of software vulnerability detection using backdoor triggers.<\/jats:p>","DOI":"10.1145\/3640333","type":"journal-article","created":{"date-parts":[[2024,1,24]],"date-time":"2024-01-24T12:17:03Z","timestamp":1706098623000},"page":"1-28","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":15,"title":["Exploring Semantic Redundancy using Backdoor Triggers: A Complementary Insight into the Challenges Facing DNN-based Software Vulnerability Detection"],"prefix":"10.1145","volume":"33","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-2363-1812","authenticated-orcid":false,"given":"Changjie","family":"Shao","sequence":"first","affiliation":[{"name":"Shanghai Jiao Tong University, Shanghai, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-3913-5001","authenticated-orcid":false,"given":"Gaolei","family":"Li","sequence":"additional","affiliation":[{"name":"Shanghai Jiao Tong University, Shanghai, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-2483-6980","authenticated-orcid":false,"given":"Jun","family":"Wu","sequence":"additional","affiliation":[{"name":"Waseda University, Fukuoka, Japan"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-2572-2355","authenticated-orcid":false,"given":"Xi","family":"Zheng","sequence":"additional","affiliation":[{"name":"Macquarie University, Sydney, Australia and University of California, Los Angeles, CA, USA"}]}],"member":"320","published-online":{"date-parts":[[2024,4,20]]},"reference":[{"key":"e_1_3_2_2_2","unstructured":"2014. Rough Audit Tool for Security. https:\/\/code.google.com\/archive\/p\/rough-auditing-tool-for-security\/"},{"key":"e_1_3_2_3_2","unstructured":"2018. Checkmarx. https:\/\/www.checkmarx.com\/"},{"key":"e_1_3_2_4_2","unstructured":"2018. FlawFinder. http:\/\/dwheeler.com\/flawfinder\/"},{"key":"e_1_3_2_5_2","unstructured":"2022. The European Cyber Resilience Act (CRA). https:\/\/www.european-cyber-resilience-act.com\/"},{"key":"e_1_3_2_6_2","unstructured":"2022. Software Assurance Reference Dataset - NIST. https:\/\/samate.nist.gov\/SRD\/index.php"},{"key":"e_1_3_2_7_2","unstructured":"2023. About OpenAI. https:\/\/openai.com\/about"},{"key":"e_1_3_2_8_2","unstructured":"2023. GitHub. https:\/\/github.com\/"},{"key":"e_1_3_2_9_2","unstructured":"2023. Security Technical Implementation Guides (STIGs). https:\/\/public.cyber.mil\/stigs\/"},{"key":"e_1_3_2_10_2","first-page":"1615","volume-title":"27th USENIX Security Symposium (USENIX Security 18)","author":"Adi Yossi","year":"2018","unstructured":"Yossi Adi, Carsten Baum, Moustapha Cisse, Benny Pinkas, and Joseph Keshet. 2018. Turning your weakness into a strength: Watermarking deep neural networks by backdooring. In 27th USENIX Security Symposium (USENIX Security 18). 1615\u20131631."},{"key":"e_1_3_2_11_2","first-page":"1","volume-title":"2020 12th Annual Undergraduate Research Conference on Applied Computing (URC)","author":"Alsuwaidi Aamna","year":"2020","unstructured":"Aamna Alsuwaidi, Amna Hassan, Fatema Alkhatri, Hana Ali, Qbea\u2019H Mohammad, and Saed Alrabaee. 2020. Security vulnerabilities detected in medical devices. In 2020 12th Annual Undergraduate Research Conference on Applied Computing (URC). IEEE, 1\u20136."},{"key":"e_1_3_2_12_2","doi-asserted-by":"crossref","first-page":"266","DOI":"10.1145\/3529836.3529926","volume-title":"2022 14th International Conference on Machine Learning and Computing (ICMLC)","author":"Aumpansub Amy","year":"2022","unstructured":"Amy Aumpansub and Zhen Huang. 2022. Learning-based vulnerability detection in binary code. In 2022 14th International Conference on Machine Learning and Computing (ICMLC). 266\u2013271."},{"key":"e_1_3_2_13_2","first-page":"1877","article-title":"Language models are few-shot learners","volume":"33","author":"Brown Tom","year":"2020","unstructured":"Tom Brown, Benjamin Mann, Nick Ryder, Melanie Subbiah, Jared D. Kaplan, Prafulla Dhariwal, Arvind Neelakantan, Pranav Shyam, Girish Sastry, Amanda Askell, Sandhini Agarwal, Ariel Herbert-Voss, Gretchen Krueger, Tom Henighan, Rewon Child, Aditya Ramesh, Daniel M. Ziegler, Jeffrey Wu, Clemens Winter, Christopher Hesse, Mark Chen, Eric Sigler, Mateusz Litwin, Scott Gray, Benjamin Chess, Jack Clark, Christopher Berner, Sam McCandlish, Alec Radford, Ilya Sutskever, and Dario Amodei. 2020. Language models are few-shot learners. Advances in Neural Information Processing Systems 33 (2020), 1877\u20131901.","journal-title":"Advances in Neural Information Processing Systems"},{"key":"e_1_3_2_14_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.infsof.2021.106576"},{"key":"e_1_3_2_15_2","first-page":"1456","volume-title":"Proceedings of the 44th International Conference on Software Engineering","author":"Cao Sicong","year":"2022","unstructured":"Sicong Cao, Xiaobing Sun, Lili Bo, Rongxin Wu, Bin Li, and Chuanqi Tao. 2022. MVD: Memory-related vulnerability detection based on flow-sensitive graph neural networks. In Proceedings of the 44th International Conference on Software Engineering. 1456\u20131468."},{"key":"e_1_3_2_16_2","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2021.3087402"},{"key":"e_1_3_2_17_2","article-title":"Empirical evaluation of gated recurrent neural networks on sequence modeling","author":"Chung Junyoung","year":"2014","unstructured":"Junyoung Chung, Caglar Gulcehre, KyungHyun Cho, and Yoshua Bengio. 2014. Empirical evaluation of gated recurrent neural networks on sequence modeling. arXiv preprint arXiv:1412.3555 (2014).","journal-title":"arXiv preprint arXiv:1412.3555"},{"key":"e_1_3_2_18_2","doi-asserted-by":"publisher","DOI":"10.1109\/TCYB.2019.2940940"},{"key":"e_1_3_2_19_2","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2019.2941376"},{"key":"e_1_3_2_20_2","first-page":"4171","volume-title":"Proceedings of the Conference of the North American Chapter of the Association for Computational Linguistics: Human Language Technologies","author":"Devlin Jacob","year":"2019","unstructured":"Jacob Devlin, Ming-Wei Chang, Kenton Lee, and Kristina Toutanova. 2019. BERT: Pre-training of deep bidirectional transformers for language understanding. In Proceedings of the Conference of the North American Chapter of the Association for Computational Linguistics: Human Language Technologies. 4171\u20134186."},{"key":"e_1_3_2_21_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.dcan.2020.04.007"},{"key":"e_1_3_2_22_2","doi-asserted-by":"publisher","DOI":"10.1109\/DSN-W58399.2023.00025"},{"key":"e_1_3_2_23_2","series-title":"MSR \u201920","first-page":"508","volume-title":"Proceedings of the 17th International Conference on Mining Software Repositories","author":"Fan Jiahao","year":"2020","unstructured":"Jiahao Fan, Yi Li, Shaohua Wang, and Tien N. Nguyen. 2020. A C\/C++ Code vulnerability dataset with code changes and CVE summaries. In Proceedings of the 17th International Conference on Mining Software Repositories (Seoul, Republic of Korea) (MSR \u201920). Association for Computing Machinery, New York, NY, USA, 508\u2013512. DOI:10.1145\/3379597.3387501"},{"key":"e_1_3_2_24_2","doi-asserted-by":"publisher","DOI":"10.18653\/v1\/2020.findings-emnlp.139"},{"key":"e_1_3_2_25_2","doi-asserted-by":"publisher","DOI":"10.1145\/3524842.3528452"},{"key":"e_1_3_2_26_2","article-title":"Explaining and harnessing adversarial examples","author":"Goodfellow Ian J.","year":"2014","unstructured":"Ian J. Goodfellow, Jonathon Shlens, and Christian Szegedy. 2014. Explaining and harnessing adversarial examples. arXiv preprint arXiv:1412.6572 (2014).","journal-title":"arXiv preprint arXiv:1412.6572"},{"issue":"5","key":"e_1_3_2_27_2","doi-asserted-by":"crossref","first-page":"602","DOI":"10.1016\/j.neunet.2005.06.042","article-title":"Framewise phoneme classification with bidirectional LSTM and other neural network architectures","volume":"18","author":"Graves Alex","year":"2005","unstructured":"Alex Graves and J\u00fcrgen Schmidhuber. 2005. Framewise phoneme classification with bidirectional LSTM and other neural network architectures. Neural Networks 18, 5-6 (2005), 602\u2013610.","journal-title":"Neural Networks"},{"key":"e_1_3_2_28_2","doi-asserted-by":"crossref","first-page":"85","DOI":"10.1145\/2857705.2857720","volume-title":"Proceedings of the Sixth ACM Conference on Data and Application Security and Privacy","author":"Grieco Gustavo","year":"2016","unstructured":"Gustavo Grieco, Guillermo Luis Grinblat, Lucas Uzal, Sanjay Rawat, Josselin Feist, and Laurent Mounier. 2016. Toward large-scale vulnerability discovery using machine learning. In Proceedings of the Sixth ACM Conference on Data and Application Security and Privacy. 85\u201396."},{"key":"e_1_3_2_29_2","article-title":"BadNets: Identifying vulnerabilities in the machine learning model supply chain","author":"Gu Tianyu","year":"2017","unstructured":"Tianyu Gu, Brendan Dolan-Gavitt, and Siddharth Garg. 2017. BadNets: Identifying vulnerabilities in the machine learning model supply chain. arXiv preprint arXiv:1708.06733 (2017).","journal-title":"arXiv preprint arXiv:1708.06733"},{"key":"e_1_3_2_30_2","first-page":"3","volume-title":"IEEE\/ACM International Conference on Software Engineering (ICSE)","author":"Guo Jin","year":"2017","unstructured":"Jin Guo, Jinghui Cheng, and Jane Cleland-Huang. 2017. Semantically enhanced software traceability using deep learning techniques. In IEEE\/ACM International Conference on Software Engineering (ICSE). IEEE, 3\u201314."},{"key":"e_1_3_2_31_2","doi-asserted-by":"publisher","DOI":"10.1609\/aaai.v31i1.10742"},{"key":"e_1_3_2_32_2","article-title":"LineVD: Statement-level vulnerability detection using graph neural networks","author":"Hin David","year":"2022","unstructured":"David Hin, Andrey Kan, Huaming Chen, and M. Ali Babar. 2022. LineVD: Statement-level vulnerability detection using graph neural networks. arXiv preprint arXiv:2203.05181 (2022).","journal-title":"arXiv preprint arXiv:2203.05181"},{"key":"e_1_3_2_33_2","first-page":"595","volume-title":"IEEE Symposium on Security and Privacy (SP)","author":"Kim Seulbae","year":"2017","unstructured":"Seulbae Kim, Seunghoon Woo, Heejo Lee, and Hakjoo Oh. 2017. VUDDY: A scalable approach for vulnerable code clone discovery. In IEEE Symposium on Security and Privacy (SP). 595\u2013614."},{"key":"e_1_3_2_34_2","article-title":"Semi-supervised classification with graph convolutional networks","author":"Kipf Thomas N.","year":"2016","unstructured":"Thomas N. Kipf and Max Welling. 2016. Semi-supervised classification with graph convolutional networks. arXiv preprint arXiv:1609.02907 (2016).","journal-title":"arXiv preprint arXiv:1609.02907"},{"key":"e_1_3_2_35_2","volume-title":"Advances in Neural Information Processing Systems (NeurIPS)","author":"Krogh Anders","year":"1994","unstructured":"Anders Krogh and Jesper Vedelsby. 1994. Neural network ensembles, cross validation, and active learning. In Advances in Neural Information Processing Systems (NeurIPS), G. Tesauro, D. Touretzky, and T. Leen (Eds.), Vol. 7. MIT Press. https:\/\/proceedings.neurips.cc\/paper\/1994\/file\/b8c37e33defde51cf91e1e03e51657da-Paper.pdf"},{"key":"e_1_3_2_36_2","article-title":"Weight poisoning attacks on pre-trained models","author":"Kurita Keita","year":"2020","unstructured":"Keita Kurita, Paul Michel, and Graham Neubig. 2020. Weight poisoning attacks on pre-trained models. arXiv preprint arXiv:2004.06660 (2020).","journal-title":"arXiv preprint arXiv:2004.06660"},{"key":"e_1_3_2_37_2","series-title":"Proceedings of Machine Learning Research","first-page":"1188","volume-title":"Proceedings of the 31st International Conference on Machine Learning","volume":"32","author":"Le Quoc","year":"2014","unstructured":"Quoc Le and Tomas Mikolov. 2014. Distributed representations of sentences and documents. In Proceedings of the 31st International Conference on Machine Learning(Proceedings of Machine Learning Research, Vol. 32), Eric P. Xing and Tony Jebara (Eds.). PMLR, Bejing, China, 1188\u20131196. https:\/\/proceedings.mlr.press\/v32\/le14.html"},{"key":"e_1_3_2_38_2","doi-asserted-by":"crossref","first-page":"475","DOI":"10.1145\/3238147.3238176","volume-title":"Proceedings of the ACM\/IEEE International Conference on Automated Software Engineering","author":"Lemieux Caroline","year":"2018","unstructured":"Caroline Lemieux and Koushik Sen. 2018. FairFuzz: A targeted mutation strategy for increasing greybox fuzz testing coverage. In Proceedings of the ACM\/IEEE International Conference on Automated Software Engineering. 475\u2013485."},{"issue":"2","key":"e_1_3_2_39_2","first-page":"7597","article-title":"Multi-tentacle federated learning over software-defined industrial internet of things against adaptive poisoning attacks","volume":"19","author":"Li Gaolei","year":"2023","unstructured":"Gaolei Li, Jun Wu, Shenghong Li, Wu Yang, and Changlian Li. 2023. Multi-tentacle federated learning over software-defined industrial internet of things against adaptive poisoning attacks. IEEE Transactions on Industrial Informatics 19, 2 (2023), 7597\u20137607.","journal-title":"IEEE Transactions on Industrial Informatics"},{"key":"e_1_3_2_40_2","first-page":"201","volume-title":"Proceedings of the Annual Conference on Computer Security Applications","author":"Li Zhen","year":"2016","unstructured":"Zhen Li, Deqing Zou, Shouhuai Xu, Hai Jin, Hanchao Qi, and Jie Hu. 2016. VulPecker: An automated vulnerability detection system based on code similarity analysis. In Proceedings of the Annual Conference on Computer Security Applications. 201\u2013213."},{"key":"e_1_3_2_41_2","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2021.3051525"},{"key":"e_1_3_2_42_2","first-page":"1","article-title":"VulDeePecker: A deep learning-based system for vulnerability detection","author":"Li Zhen","year":"2018","unstructured":"Zhen Li, Deqing Zou, Shouhuai Xu, Xinyu Ou, Hai Jin, Sujuan Wang, Zhijun Deng, and Yuyi Zhong. 2018. VulDeePecker: A deep learning-based system for vulnerability detection. Proceedings of the Annual Network and Distributed System Security Symposium (2018), 1\u201315.","journal-title":"Proceedings of the Annual Network and Distributed System Security Symposium"},{"key":"e_1_3_2_43_2","article-title":"Backdoor embedding in convolutional neural network models via invisible perturbation","author":"Liao Cong","year":"2018","unstructured":"Cong Liao, Haoti Zhong, Anna Squicciarini, Sencun Zhu, and David Miller. 2018. Backdoor embedding in convolutional neural network models via invisible perturbation. arXiv preprint arXiv:1808.10307 (2018).","journal-title":"arXiv preprint arXiv:1808.10307"},{"issue":"10","key":"e_1_3_2_44_2","doi-asserted-by":"crossref","first-page":"1825","DOI":"10.1109\/JPROC.2020.2993293","article-title":"Software vulnerability detection using deep neural networks: A survey","volume":"108","author":"Lin Guanjun","year":"2020","unstructured":"Guanjun Lin, Sheng Wen, Qing-Long Han, Jun Zhang, and Yang Xiang. 2020. Software vulnerability detection using deep neural networks: A survey. Proc. IEEE 108, 10 (2020), 1825\u20131848.","journal-title":"Proc. IEEE"},{"key":"e_1_3_2_45_2","first-page":"2539","volume-title":"Proceedings of the ACM SIGSAC Conference on Computer and Communications Security","author":"Lin Guanjun","year":"2017","unstructured":"Guanjun Lin, Jun Zhang, Wei Luo, Lei Pan, and Yang Xiang. 2017. POSTER: Vulnerability discovery with function representation learning from unlabeled projects. In Proceedings of the ACM SIGSAC Conference on Computer and Communications Security. 2539\u20132541."},{"key":"e_1_3_2_46_2","doi-asserted-by":"crossref","first-page":"1027","DOI":"10.1145\/3447548.3467213","volume-title":"Proceedings of the 27th ACM SIGKDD Conference on Knowledge Discovery & Data Mining","author":"Lin Yi-Shan","year":"2021","unstructured":"Yi-Shan Lin, Wen-Chuan Lee, and Z. Berkay Celik. 2021. What do you see? Evaluation of explainable artificial intelligence (XAI) interpretability through neural backdoors. In Proceedings of the 27th ACM SIGKDD Conference on Knowledge Discovery & Data Mining. 1027\u20131035."},{"key":"e_1_3_2_47_2","article-title":"Efficient estimation of word representations in vector space","author":"Mikolov Tomas","year":"2013","unstructured":"Tomas Mikolov, Kai Chen, Greg Corrado, and Jeffrey Dean. 2013. Efficient estimation of word representations in vector space. arXiv preprint arXiv:1301.3781 (2013).","journal-title":"arXiv preprint arXiv:1301.3781"},{"key":"e_1_3_2_48_2","first-page":"25","volume-title":"ICSE Workshop on Software Engineering for Secure Systems","author":"Monga Mattia","year":"2009","unstructured":"Mattia Monga, Roberto Paleari, and Emanuele Passerini. 2009. A hybrid analysis framework for detecting web application vulnerabilities. In ICSE Workshop on Software Engineering for Secure Systems. 25\u201332."},{"key":"e_1_3_2_49_2","first-page":"3","volume-title":"Proceedings of the Annual Network and Distributed System Security Symposium (NDSS)","volume":"5","author":"Newsome James","year":"2005","unstructured":"James Newsome and Dawn Xiaodong Song. 2005. Dynamic taint analysis for automatic detection, analysis, and signaturegeneration of exploits on commodity software. In Proceedings of the Annual Network and Distributed System Security Symposium (NDSS), Vol. 5. 3\u20134."},{"key":"e_1_3_2_50_2","unstructured":"NIST. 2017. Juliet Test Suite for C\/C++ v1.3. https:\/\/samate.nist.gov\/SRD\/testsuite.php"},{"key":"e_1_3_2_51_2","unstructured":"NIST. 2018. NVD - National Vulnerability Database. https:\/\/nvd.nist.gov\/"},{"key":"e_1_3_2_52_2","doi-asserted-by":"publisher","DOI":"10.3115\/v1\/D14-1162"},{"key":"e_1_3_2_53_2","doi-asserted-by":"publisher","DOI":"10.18653\/v1\/N18-1202"},{"key":"e_1_3_2_54_2","first-page":"443","volume-title":"Proceedings of the Annual Meeting of the Association for Computational Linguistics and the International Joint Conference on Natural Language Processing","author":"Qi Fanchao","year":"2021","unstructured":"Fanchao Qi, Mukai Li, Yangyi Chen, Zhengyan Zhang, Zhiyuan Liu, Yasheng Wang, and Maosong Sun. 2021. Hidden killer: Invisible textual backdoor attacks with syntactic trigger. In Proceedings of the Annual Meeting of the Association for Computational Linguistics and the International Joint Conference on Natural Language Processing. 443\u2013453."},{"key":"e_1_3_2_55_2","doi-asserted-by":"publisher","DOI":"10.1109\/ICMLA.2018.00120"},{"key":"e_1_3_2_56_2","doi-asserted-by":"publisher","DOI":"10.1609\/aaai.v34i07.6871"},{"key":"e_1_3_2_57_2","first-page":"1527","volume-title":"2020 IEEE Symposium on Security and Privacy (SP)","author":"She Dongdong","year":"2020","unstructured":"Dongdong She, Yizheng Chen, Abhishek Shah, Baishakhi Ray, and Suman Jana. 2020. Neutaint: Efficient dynamic taint analysis with neural networks. In 2020 IEEE Symposium on Security and Privacy (SP). IEEE, 1527\u20131543."},{"key":"e_1_3_2_58_2","first-page":"611","volume-title":"USENIX Security Symposium (USENIX Security)","author":"Shin Eui Chul Richard","year":"2015","unstructured":"Eui Chul Richard Shin, Dawn Song, and Reza Moazzezi. 2015. Recognizing functions in binaries with neural networks. In USENIX Security Symposium (USENIX Security). 611\u2013626."},{"key":"e_1_3_2_59_2","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2018.2885561"},{"key":"e_1_3_2_60_2","article-title":"Learning sparse neural networks via sensitivity-driven regularization","volume":"31","author":"Tartaglione Enzo","year":"2018","unstructured":"Enzo Tartaglione, Skjalg Leps\u00f8y, Attilio Fiandrotti, and Gianluca Francini. 2018. Learning sparse neural networks via sensitivity-driven regularization. Advances in Neural Information Processing Systems (NeurIPS) 31 (2018).","journal-title":"Advances in Neural Information Processing Systems (NeurIPS)"},{"key":"e_1_3_2_61_2","doi-asserted-by":"crossref","first-page":"100","DOI":"10.1007\/978-3-030-64330-0_7","volume-title":"Computer Security","author":"Thomas Richard J.","year":"2020","unstructured":"Richard J. Thomas and Tom Chothia. 2020. Learning from vulnerabilities-categorising, understanding and detecting weaknesses in industrial control systems. In Computer Security. Springer, 100\u2013116."},{"key":"e_1_3_2_62_2","doi-asserted-by":"crossref","first-page":"106289","DOI":"10.1016\/j.infsof.2020.106289","article-title":"BVDetector: A program slice-based binary code vulnerability intelligent detection system","volume":"123","author":"Tian Junfeng","year":"2020","unstructured":"Junfeng Tian, Wenjing Xing, and Zhen Li. 2020. BVDetector: A program slice-based binary code vulnerability intelligent detection system. Information and Software Technology 123 (2020), 106289.","journal-title":"Information and Software Technology"},{"key":"e_1_3_2_63_2","volume-title":"International Conference on Learning Representations","author":"Veli\u010dkovi\u0107 Petar","year":"2018","unstructured":"Petar Veli\u010dkovi\u0107, Guillem Cucurull, Arantxa Casanova, Adriana Romero, Pietro Li\u00f2, and Yoshua Bengio. 2018. Graph attention networks. In International Conference on Learning Representations."},{"key":"e_1_3_2_64_2","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2020.3044773"},{"key":"e_1_3_2_65_2","first-page":"297","volume-title":"IEEE\/ACM 38th International Conference on Software Engineering (ICSE)","author":"Wang Song","year":"2016","unstructured":"Song Wang, Taiyue Liu, and Lin Tan. 2016. Automatically learning semantic features for defect prediction. In IEEE\/ACM 38th International Conference on Software Engineering (ICSE). IEEE, 297\u2013308."},{"key":"e_1_3_2_66_2","volume-title":"Proceedings of the Annual Network and Distributed System Security Symposium (NDSS)","author":"Wang Tielei","year":"2009","unstructured":"Tielei Wang, Tao Wei, Zhiqiang Lin, and Wei Zou. 2009. IntScope: Automatically detecting integer overflow vulnerability in X86 binary using symbolic execution. In Proceedings of the Annual Network and Distributed System Security Symposium (NDSS)."},{"key":"e_1_3_2_67_2","doi-asserted-by":"publisher","DOI":"10.1109\/TIP.2010.2045169"},{"key":"e_1_3_2_68_2","first-page":"7597","volume-title":"Proceedings of the IEEE\/CVF International Conference on Computer Vision","author":"Xiang Zhen","year":"2021","unstructured":"Zhen Xiang, David J. Miller, Siheng Chen, Xi Li, and George Kesidis. 2021. A backdoor attack against 3D point cloud classifiers. In Proceedings of the IEEE\/CVF International Conference on Computer Vision. 7597\u20137607."},{"key":"e_1_3_2_69_2","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2021.3116431"},{"key":"e_1_3_2_70_2","first-page":"111","volume-title":"Proceedings of the ACM International Conference on Parallel Architectures and Compilation Techniques","author":"Ye Guixin","year":"2020","unstructured":"Guixin Ye, Zhanyong Tang, Huanting Wang, Dingyi Fang, Jianbin Fang, Songfang Huang, and Zheng Wang. 2020. Deep program structure modeling through multi-relational graph-based learning. In Proceedings of the ACM International Conference on Parallel Architectures and Compilation Techniques. 111\u2013123."},{"key":"e_1_3_2_71_2","doi-asserted-by":"publisher","DOI":"10.1109\/TNSE.2022.3199990"},{"key":"e_1_3_2_72_2","article-title":"Siren\u2019s song in the AI ocean: A survey on hallucination in large language models","author":"Zhang Yue","year":"2023","unstructured":"Yue Zhang, Yafu Li, Leyang Cui, Deng Cai, Lemao Liu, Tingchen Fu, Xinting Huang, Enbo Zhao, Yu Zhang, Yulong Chen, Longyue Wang, Anh Tuan Luu, Wei Bi, Freda Shi, and Shuming Shi. 2023. Siren\u2019s song in the AI ocean: A survey on hallucination in large language models. arXiv preprint arXiv:2309.01219 (2023).","journal-title":"arXiv preprint arXiv:2309.01219"},{"key":"e_1_3_2_73_2","doi-asserted-by":"publisher","DOI":"10.1109\/CVPR42600.2020.01445"},{"key":"e_1_3_2_74_2","article-title":"Devign: Effective vulnerability identification by learning comprehensive program semantics via graph neural networks","volume":"32","author":"Zhou Yaqin","year":"2019","unstructured":"Yaqin Zhou, Shangqing Liu, Jingkai Siow, Xiaoning Du, and Yang Liu. 2019. Devign: Effective vulnerability identification by learning comprehensive program semantics via graph neural networks. Advances in Neural Information Processing systems (NeurIPS) 32 (2019).","journal-title":"Advances in Neural Information Processing systems (NeurIPS)"}],"container-title":["ACM Transactions on Software Engineering and Methodology"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3640333","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3640333","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T22:50:26Z","timestamp":1750287026000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3640333"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,4,20]]},"references-count":73,"journal-issue":{"issue":"4","published-print":{"date-parts":[[2024,5,31]]}},"alternative-id":["10.1145\/3640333"],"URL":"https:\/\/doi.org\/10.1145\/3640333","relation":{},"ISSN":["1049-331X","1557-7392"],"issn-type":[{"value":"1049-331X","type":"print"},{"value":"1557-7392","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024,4,20]]},"assertion":[{"value":"2023-01-28","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2023-12-06","order":1,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2024-04-20","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}