{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,23]],"date-time":"2025-06-23T05:22:39Z","timestamp":1750656159025,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":58,"publisher":"ACM","license":[{"start":{"date-parts":[[2024,10,27]],"date-time":"2024-10-27T00:00:00Z","timestamp":1729987200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["62372193"],"award-info":[{"award-number":["62372193"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2024,10,27]]},"DOI":"10.1145\/3691620.3695488","type":"proceedings-article","created":{"date-parts":[[2024,10,18]],"date-time":"2024-10-18T15:39:19Z","timestamp":1729265959000},"page":"1094-1106","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":2,"title":["Unveiling the Characteristics and Impact of Security Patch Evolution"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-3264-1684","authenticated-orcid":false,"given":"Zifan","family":"Xie","sequence":"first","affiliation":[{"name":"Huazhong University of Science and Technology, Wuhan, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-5588-9618","authenticated-orcid":false,"given":"Ming","family":"Wen","sequence":"additional","affiliation":[{"name":"Huazhong University of Science and Technology, Wuhan, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0009-0007-5718-3935","authenticated-orcid":false,"given":"Zichao","family":"Wei","sequence":"additional","affiliation":[{"name":"Huazhong University of Science and Technology, Wuhan, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-3934-7605","authenticated-orcid":false,"given":"Hai","family":"Jin","sequence":"additional","affiliation":[{"name":"Huazhong University of Science and Technology, Wuhan, China"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2024,10,27]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1145\/3485447.3512283"},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1145\/1882291.1882308"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1287\/mnsc.1060.0687"},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3134020"},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3134020"},{"key":"e_1_3_2_1_6_1","volume-title":"BScout: Direct Whole Patch Presence Test for Java Executables. In 29th USENIX Security Symposium, USENIX Security 2020","author":"Dai Jiarun","year":"2020","unstructured":"Jiarun Dai, Yuan Zhang, Zheyue Jiang, Yingtian Zhou, Junyan Chen, Xinyu Xing, Xiaohan Zhang, Xin Tan, Min Yang, and Zhemin Yang. 2020. BScout: Direct Whole Patch Presence Test for Java Executables. In 29th USENIX Security Symposium, USENIX Security 2020, August 12--14, 2020, Srdjan Capkun and Franziska Roesner (Eds.). USENIX Association, 1147--1164. https:\/\/www.usenix.org\/conference\/usenixsecurity20\/presentation\/dai"},{"key":"e_1_3_2_1_7_1","volume-title":"BScout: Direct Whole Patch Presence Test for Java Executables. In 29th USENIX Security Symposium, USENIX Security 2020","author":"Dai Jiarun","year":"2020","unstructured":"Jiarun Dai, Yuan Zhang, Zheyue Jiang, Yingtian Zhou, Junyan Chen, Xinyu Xing, Xiaohan Zhang, Xin Tan, Min Yang, and Zhemin Yang. 2020. BScout: Direct Whole Patch Presence Test for Java Executables. In 29th USENIX Security Symposium, USENIX Security 2020, August 12--14, 2020, Srdjan Capkun and Franziska Roesner (Eds.). USENIX Association, 1147--1164. https:\/\/www.usenix.org\/conference\/usenixsecurity20\/presentation\/dai"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2019.00003"},{"key":"e_1_3_2_1_9_1","volume-title":"Generalization-Enhanced Code Vulnerability Detection via Multi-Task Instruction Fine-Tuning. arXiv preprint arXiv:2406.03718","author":"Du Xiaohu","year":"2024","unstructured":"Xiaohu Du, Ming Wen, Jiahao Zhu, Zifan Xie, Bin Ji, Huijun Liu, Xuanhua Shi, and Hai Jin. 2024. Generalization-Enhanced Code Vulnerability Detection via Multi-Task Instruction Fine-Tuning. arXiv preprint arXiv:2406.03718 (2024)."},{"key":"e_1_3_2_1_10_1","volume-title":"Automating Patching of Vulnerable Open-Source Software Versions in Application Binaries. In 26th Annual Network and Distributed System Security Symposium, NDSS 2019","author":"Duan Ruian","year":"2019","unstructured":"Ruian Duan, Ashish Bijlani, Yang Ji, Omar Alrawi, Yiyuan Xiong, Moses Ike, Brendan Saltaformaggio, and Wenke Lee. 2019. Automating Patching of Vulnerable Open-Source Software Versions in Application Binaries. In 26th Annual Network and Distributed System Security Symposium, NDSS 2019, San Diego, California, USA, February 24--27, 2019. The Internet Society. https:\/\/www.ndss-symposium.org\/ndss-paper\/automating-patching-of-vulnerable-open-source-software-versions-in-application-binaries\/"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1145\/1162666.1162671"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1109\/Blockchain50366.2020.00011"},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/3372297.3417240"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1145\/3543507.3583503"},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1007\/s10664-019-09780-z"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1109\/IPCCC51483.2021.9679443"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3134072"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1145\/3510003.3510181"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2021.3051525"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1145\/3650212.3680381"},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1145\/3505247"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1145\/3377811.3380923"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2810122"},{"key":"e_1_3_2_1_24_1","volume-title":"How Machine Learning Is Solving the Binary Function Similarity Problem. In 31st USENIX Security Symposium, USENIX Security 2022","author":"Marcelli Andrea","year":"2022","unstructured":"Andrea Marcelli, Mariano Graziano, Xabier Ugarte-Pedrero, Yanick Fratantonio, Mohamad Mansouri, and Davide Balzarotti. 2022. How Machine Learning Is Solving the Binary Function Similarity Problem. In 31st USENIX Security Symposium, USENIX Security 2022, Boston, MA, USA, August 10--12, 2022, Kevin R. B. Butler and Kurt Thomas (Eds.). USENIX Association, 2099--2116. https:\/\/www.usenix.org\/conference\/usenixsecurity22\/presentation\/marcelli"},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-22038-9_15"},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1109\/ASE.2013.6693078"},{"key":"e_1_3_2_1_27_1","first-page":"2024","article-title":"https:\/\/nvd.nist.gov\/","author":"NVD.","year":"2024","unstructured":"NVD. 2024. https:\/\/nvd.nist.gov\/. Accessed: 2024-04.","journal-title":"Accessed"},{"key":"e_1_3_2_1_28_1","first-page":"2024","article-title":"https:\/\/github.com\/ariya\/phantomjs","year":"2024","unstructured":"phantomjs. 2024. https:\/\/github.com\/ariya\/phantomjs. Accessed: 2024-04.","journal-title":"Accessed"},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1145\/1985793.1985860"},{"key":"e_1_3_2_1_30_1","first-page":"2024","article-title":"https:\/\/github.com\/FFmpeg\/FFmpeg","author":"Repository Fmpeg","year":"2024","unstructured":"FFmpeg Repository. 2024. https:\/\/github.com\/FFmpeg\/FFmpeg. Accessed: 2024-04.","journal-title":"Accessed"},{"key":"e_1_3_2_1_31_1","first-page":"2024","article-title":"https:\/\/github.com\/torvalds\/linux","author":"Repository Linux","year":"2024","unstructured":"Linux Repository. 2024. https:\/\/github.com\/torvalds\/linux. Accessed: 2024-04.","journal-title":"Accessed"},{"key":"e_1_3_2_1_32_1","first-page":"2024","article-title":"https:\/\/github.com\/openssl\/openssl","author":"Repository SSL","year":"2024","unstructured":"OpenSSL Repository. 2024. https:\/\/github.com\/openssl\/openssl. Accessed: 2024-04.","journal-title":"Accessed"},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE.2012.6227141"},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1109\/TrustCom50675.2020.00049"},{"key":"e_1_3_2_1_35_1","first-page":"2024","article-title":"https:\/\/snyk.io\/reports\/open-source-security\/","author":"The","year":"2024","unstructured":"The state of open source security. 2024. https:\/\/snyk.io\/reports\/open-source-security\/. Accessed: 2024-04.","journal-title":"Accessed"},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1145\/3485447.3512236"},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2018.07.024"},{"key":"e_1_3_2_1_38_1","first-page":"2024","article-title":"https:\/\/github.com\/the-tcpdump-group\/tcpdump","year":"2024","unstructured":"tcpdump. 2024. https:\/\/github.com\/the-tcpdump-group\/tcpdump. Accessed: 2024-04.","journal-title":"Accessed"},{"key":"e_1_3_2_1_39_1","first-page":"2024","article-title":"https:\/\/clang.llvm.org\/get_started.html","author":"Tool Clang","year":"2024","unstructured":"Clang Tool. 2024. https:\/\/clang.llvm.org\/get_started.html. Accessed: 2024-04.","journal-title":"Accessed"},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1145\/3533767.3534367"},{"key":"e_1_3_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP46215.2023.10179479"},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1109\/SANER50967.2021.00033"},{"key":"e_1_3_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.1109\/DSN48987.2021.00030"},{"key":"e_1_3_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.1109\/CNS48642.2020.9162237"},{"key":"e_1_3_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1145\/3180155.3180233"},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1145\/3338906.3338962"},{"key":"e_1_3_2_1_47_1","volume-title":"USENIX Security Symposium. 1165--1182","author":"Xiao Yang","year":"2020","unstructured":"Yang Xiao, Bihuan Chen, Chendong Yu, Zhengzi Xu, Zimu Yuan, Feng Li, Binghong Liu, Yang Liu, Wei Huo, Wei Zou, et al. 2020. MVP: Detecting Vulnerabilities using Patch-Enhanced Vulnerability Signatures.. In USENIX Security Symposium. 1165--1182."},{"key":"e_1_3_2_1_48_1","doi-asserted-by":"publisher","DOI":"10.1145\/3597926.3598061"},{"key":"e_1_3_2_1_49_1","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3134018"},{"key":"e_1_3_2_1_50_1","doi-asserted-by":"publisher","DOI":"10.1145\/3395363.3397361"},{"key":"e_1_3_2_1_51_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2014.44"},{"key":"e_1_3_2_1_52_1","doi-asserted-by":"publisher","DOI":"10.1145\/3597926.3598102"},{"key":"e_1_3_2_1_53_1","doi-asserted-by":"publisher","DOI":"10.1145\/3576915.3623188"},{"key":"e_1_3_2_1_54_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE43902.2021.00150"},{"key":"e_1_3_2_1_55_1","volume-title":"Precise and Accurate Patch Presence Test for Binaries. In 27th USENIX Security Symposium, USENIX Security 2018","author":"Zhang Hang","year":"2018","unstructured":"Hang Zhang and Zhiyun Qian. 2018. Precise and Accurate Patch Presence Test for Binaries. In 27th USENIX Security Symposium, USENIX Security 2018, Baltimore, MD, USA, August 15--17, 2018, William Enck and Adrienne Porter Felt (Eds.). USENIX Association, 887--902. https:\/\/www.usenix.org\/conference\/usenixsecurity18\/presentation\/zhang-hang"},{"key":"e_1_3_2_1_56_1","volume-title":"An Investigation of the Android Kernel Patch Ecosystem. In 30th USENIX Security Symposium, USENIX Security 2021","author":"Zhang Zheng","year":"2021","unstructured":"Zheng Zhang, Hang Zhang, Zhiyun Qian, and Billy Lau. 2021. An Investigation of the Android Kernel Patch Ecosystem. In 30th USENIX Security Symposium, USENIX Security 2021, August 11--13, 2021, Michael Bailey and Rachel Greenstadt (Eds.). USENIX Association, 3649--3666. https:\/\/www.usenix.org\/conference\/usenixsecurity21\/presentation\/zhang-zheng"},{"key":"e_1_3_2_1_57_1","doi-asserted-by":"publisher","DOI":"10.1109\/SANER48275.2020.9054800"},{"key":"e_1_3_2_1_58_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-60876-1_15"}],"event":{"name":"ASE '24: 39th IEEE\/ACM International Conference on Automated Software Engineering","sponsor":["SIGAI ACM Special Interest Group on Artificial Intelligence","SIGSOFT ACM Special Interest Group on Software Engineering","IEEE CS"],"location":"Sacramento CA USA","acronym":"ASE '24"},"container-title":["Proceedings of the 39th IEEE\/ACM International Conference on Automated Software Engineering"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3691620.3695488","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3691620.3695488","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T00:06:19Z","timestamp":1750291579000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3691620.3695488"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,10,27]]},"references-count":58,"alternative-id":["10.1145\/3691620.3695488","10.1145\/3691620"],"URL":"https:\/\/doi.org\/10.1145\/3691620.3695488","relation":{},"subject":[],"published":{"date-parts":[[2024,10,27]]},"assertion":[{"value":"2024-10-27","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}