{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,8,24]],"date-time":"2025-08-24T00:08:29Z","timestamp":1755994109105,"version":"3.44.0"},"publisher-location":"New York, NY, USA","reference-count":37,"publisher":"ACM","license":[{"start":{"date-parts":[[2023,11,19]],"date-time":"2023-11-19T00:00:00Z","timestamp":1700352000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"name":"National Nature Science Foundation of China","award":["62202303"],"award-info":[{"award-number":["62202303"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2023,11,19]]},"DOI":"10.1145\/3689217.3690622","type":"proceedings-article","created":{"date-parts":[[2024,11,19]],"date-time":"2024-11-19T18:22:01Z","timestamp":1732040521000},"page":"25-34","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":0,"title":["How to Efficiently Manage Critical Infrastructure Vulnerabilities? Toward Large Code-graph Models"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0009-0008-2496-1865","authenticated-orcid":false,"given":"Hongying","family":"Zhang","sequence":"first","affiliation":[{"name":"Shanghai Jiao Tong University, Shanghai Shi, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-3913-5001","authenticated-orcid":false,"given":"Gaolei","family":"Li","sequence":"additional","affiliation":[{"name":"Shanghai Jiao Tong University, Shanghai Shi, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-0767-2307","authenticated-orcid":false,"given":"Shenghong","family":"Li","sequence":"additional","affiliation":[{"name":"Shanghai Jiao Tong University, Shanghai Shi, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-3543-9916","authenticated-orcid":false,"given":"Hongfu","family":"Liu","sequence":"additional","affiliation":[{"name":"Shanghai Jiao Tong University, Shanghai Shi, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-8938-2364","authenticated-orcid":false,"given":"Shuo","family":"Wang","sequence":"additional","affiliation":[{"name":"Shanghai Jiao Tong University, Shanghai Shi, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-6831-3973","authenticated-orcid":false,"given":"Jianhua","family":"Li","sequence":"additional","affiliation":[{"name":"Shanghai JiaoTong University, Shanghai Shi, China"}]}],"member":"320","published-online":{"date-parts":[[2024,11,19]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"crossref","unstructured":"Lackoff Andrew et al. 2020. The vulnerability of vital systems: how?critical infrastructure?became a security problem. In Securing?the Homeland?. Routledge 17--39.","DOI":"10.4324\/9780203926529-2"},{"key":"e_1_3_2_1_2_1","volume-title":"Generative Artificial Intelligence for Software Security Analysis: Fundamentals, Applications, and Challenges","author":"Ao Ding","year":"2024","unstructured":"Ding Ao, Li Gaolei, Yi Xiaoyu, Lin Xi, Li Jianhua, and Zhang Chaofeng. 2024. Generative Artificial Intelligence for Software Security Analysis: Fundamentals, Applications, and Challenges. IEEE Software PP (2024), 1--9."},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"crossref","unstructured":"Islem Bouzenia Premkumar Devanbu and Michael Pradel. 2024. RepairAgent: An Autonomous LLM-Based Agent for Program Repair. arXiv:2403.17134 [cs.SE]","DOI":"10.1109\/ICSE55347.2025.00157"},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2021.3087402"},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1145\/3607199.3607242"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2022.3147265"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/3655103"},{"key":"e_1_3_2_1_8_1","volume-title":"Label-free node classification on graphs with large language models (llms). arXiv preprint arXiv:2310.04668","author":"Chen Zhikai","year":"2023","unstructured":"Zhikai Chen, Haitao Mao, Hongzhi Wen, Haoyu Han, Wei Jin, Haiyang Zhang, Hui Liu, and Jiliang Tang. 2023. Label-free node classification on graphs with large language models (llms). arXiv preprint arXiv:2310.04668 (2023)."},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2022"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1145\/3597926.3598067"},{"key":"e_1_3_2_1_11_1","volume-title":"Chenyuan Yang, Shizhuo Dylan Zhang, Shujing Yang, and Lingming Zhang.","author":"Deng Yinlin","year":"2024","unstructured":"Yinlin Deng, Chunqiu Steven Xia, Chenyuan Yang, Shizhuo Dylan Zhang, Shujing Yang, and Lingming Zhang. 2024. Large language models are edge-case generators: Crafting unusual programs for fuzzing deep learning libraries. In IEEE ICSE. 1--13."},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2023.3305244"},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/3540250.3549098"},{"key":"e_1_3_2_1_14_1","volume-title":"Vulberta: Simplified source code pretraining for vulnerability detection. In 2022 International joint conference on neural networks (IJCNN)","author":"Hanif Hazim","year":"2022","unstructured":"Hazim Hanif and Sergio Maffeis. 2022. Vulberta: Simplified source code pretraining for vulnerability detection. In 2022 International joint conference on neural networks (IJCNN). IEEE, 1--8."},{"key":"e_1_3_2_1_15_1","volume-title":"Proceedings of the 31st ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering. 2082--2086","author":"Happe Andreas","year":"2023","unstructured":"Andreas Happe and J\u00fcrgen Cito. 2023. Getting pwnd by ai: Penetration testing with large language models. In Proceedings of the 31st ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering. 2082--2086."},{"key":"e_1_3_2_1_16_1","volume-title":"International conference on machine learning. PMLR, 2790--2799","author":"Houlsby Neil","year":"2019","unstructured":"Neil Houlsby, Andrei Giurgiu, Stanislaw Jastrzebski, Bruna Morrone, Quentin De Laroussilhe, Andrea Gesmundo, Mona Attariyan, and Sylvain Gelly. 2019. Parameter-efficient transfer learning for NLP. In International conference on machine learning. PMLR, 2790--2799."},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/3605764.3623915"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1145\/3611643.3613892"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1609\/aaai.v37i4.25642"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE48619.2023.00194"},{"key":"e_1_3_2_1_21_1","unstructured":"Jan Keller and Jan Nowakowski. 2024. AI-powered patching: the future of automated vulnerability fixes. Technical Report."},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1109\/TII.2022.3173996"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1145\/3597503.3639218"},{"key":"e_1_3_2_1_24_1","volume-title":"YuyaoWang, and Lingming Zhang.","author":"Liu Jiawei","year":"2024","unstructured":"Jiawei Liu, Chunqiu Steven Xia, YuyaoWang, and Lingming Zhang. 2024. Is your code generated by chatgpt really correct? rigorous evaluation of large language models for code generation. Advances in Neural Information Processing Systems 36 (2024)."},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.18653\/v1\/2023.findings-acl.229"},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1109\/TKDE.2021.3095196"},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP46215.2023.10179420"},{"key":"e_1_3_2_1_28_1","volume-title":"2021 20th IEEE International Conference on Machine Learning and Applications (ICMLA). 1600--1607","author":"Mustafizur","year":"2021","unstructured":"Mustafizur R. Shahid and Herv\u00e9 Debar. 2021. CVSS-BERT: Explainable Natural Language Processing to Determine the Severity of a Computer Security Vulnerability from its Description. In 2021 20th IEEE International Conference on Machine Learning and Applications (ICMLA). 1600--1607. https:\/\/doi.org\/10.1109\/ ICMLA52953.2021.00256"},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1145\/3640333"},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1145\/2786805.2786812"},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.48550\/arXiv.2310.13023"},{"key":"e_1_3_2_1_32_1","volume-title":"REEF: A Framework for Collecting Real- World Vulnerabilities and Fixes. In 2023 38th IEEE\/ACM International Conference on Automated Software Engineering (ASE). 1952--1962","author":"Li Zongjie","year":"2023","unstructured":"ChaozhengWang, Zongjie Li, Yun Pena, Shuzheng Gao, Sirong Chen, ShuaiWang, Cuiyun Gao, and Michael R. Lyu. 2023. REEF: A Framework for Collecting Real- World Vulnerabilities and Fixes. In 2023 38th IEEE\/ACM International Conference on Automated Software Engineering (ASE). 1952--1962. https:\/\/doi.org\/10.1109\/ ASE56229.2023.00199"},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE48619.2023.00191"},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1145\/3597503.3639121"},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1109\/JIOT.2024.3433535"},{"key":"e_1_3_2_1_36_1","volume-title":"Large Language Model for Vulnerability Detection: Emerging Results and Future Directions. ICSE NIER track(2024)","author":"Zhou Xin","year":"2024","unstructured":"Xin Zhou, Ting Zhang, and David Lo. 2024. Large Language Model for Vulnerability Detection: Emerging Results and Future Directions. ICSE NIER track(2024) (2024)."},{"key":"e_1_3_2_1_37_1","volume-title":"Devign: Effective vulnerability identification by learning comprehensive program semantics via graph neural networks. Advances in neural information processing systems 32","author":"Zhou Yaqin","year":"2019","unstructured":"Yaqin Zhou, Shangqing Liu, Jingkai Siow, Xiaoning Du, and Yang Liu. 2019. Devign: Effective vulnerability identification by learning comprehensive program semantics via graph neural networks. Advances in neural information processing systems 32 (2019)."}],"event":{"name":"CCS '24: ACM SIGSAC Conference on Computer and Communications Security","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"],"location":"Salt Lake City UT USA","acronym":"CCS '24"},"container-title":["Proceedings of the 1st ACM Workshop on Large AI Systems and Models with Privacy and Safety Analysis"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3689217.3690622","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3689217.3690622","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,8,23]],"date-time":"2025-08-23T18:13:05Z","timestamp":1755972785000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3689217.3690622"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,11,19]]},"references-count":37,"alternative-id":["10.1145\/3689217.3690622","10.1145\/3689217"],"URL":"https:\/\/doi.org\/10.1145\/3689217.3690622","relation":{},"subject":[],"published":{"date-parts":[[2023,11,19]]},"assertion":[{"value":"2024-11-19","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}