{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,21]],"date-time":"2026-03-21T21:44:35Z","timestamp":1774129475433,"version":"3.50.1"},"reference-count":211,"publisher":"Association for Computing Machinery (ACM)","issue":"8","license":[{"start":{"date-parts":[[2025,4,3]],"date-time":"2025-04-03T00:00:00Z","timestamp":1743638400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Comput. Surv."],"published-print":{"date-parts":[[2025,8,31]]},"abstract":"<jats:p>Machine learning techniques for cybersecurity-related software engineering tasks are becoming increasingly popular. The representation of source code is a key portion of the technique that can impact the way the model is able to learn the features of the source code. With an increasing number of these techniques being developed, it is valuable to see the current state of the field to better understand what exists and what is not there yet. This article presents a study of these existing machine learning based approaches and demonstrates what type of representations were used for different cybersecurity tasks and programming languages. Additionally, we study what types of models are used with different representations. We have found that graph-based representations are the most popular category of representation, and tokenizers and Abstract Syntax Trees (ASTs) are the two most popular representations overall (e.g., AST and tokenizers are the representations with the highest count of papers, whereas graph-based representations is the category with the highest count of papers). We also found that the most popular cybersecurity task is vulnerability detection, and the language that is covered by the most techniques is C. Finally, we found that sequence-based models are the most popular category of models, and Support Vector Machines are the most popular model overall.<\/jats:p>","DOI":"10.1145\/3721977","type":"journal-article","created":{"date-parts":[[2025,3,5]],"date-time":"2025-03-05T10:11:34Z","timestamp":1741169494000},"page":"1-41","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":12,"title":["A Survey of Source Code Representations for Machine Learning-Based Cybersecurity Tasks"],"prefix":"10.1145","volume":"57","author":[{"ORCID":"https:\/\/orcid.org\/0009-0001-0097-2120","authenticated-orcid":false,"given":"Beatrice","family":"Casey","sequence":"first","affiliation":[{"name":"University of Notre Dame, Notre Dame, United States"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-8743-2516","authenticated-orcid":false,"given":"Joanna C. S.","family":"Santos","sequence":"additional","affiliation":[{"name":"University of Notre Dame, Notre Dame, United States"}]},{"ORCID":"https:\/\/orcid.org\/0009-0002-8438-5210","authenticated-orcid":false,"given":"George","family":"Perry","sequence":"additional","affiliation":[{"name":"University of Notre Dame, Notre Dame, United States"}]}],"member":"320","published-online":{"date-parts":[[2025,4,3]]},"reference":[{"key":"e_1_3_3_2_2","volume-title":"Proceedings of the 2017 IEEE International Conference on Software Architecture Workshops (ICSAW \u201917)","author":"Santos J. C. S.","year":"2017","unstructured":"J. C. S. Santos, K. Tarrit, and M. Mirakhorli. 2017. A catalog of security architecture weaknesses. In Proceedings of the 2017 IEEE International Conference on Software Architecture Workshops (ICSAW \u201917)."},{"key":"e_1_3_3_3_2","doi-asserted-by":"publisher","DOI":"10.1109\/MS.2003.1159030"},{"key":"e_1_3_3_4_2","volume-title":"Proceedings of the 15th Annual Computer Security Applications Conference (ACSAC \u201999)","author":"McDermott J.","year":"1999","unstructured":"J. McDermott and C. Fox. 1999. Using abuse case models for security requirements analysis. In Proceedings of the 15th Annual Computer Security Applications Conference (ACSAC \u201999). DOI:10.1109\/CSAC.1999.816013"},{"key":"e_1_3_3_5_2","volume-title":"Threat Modeling Designing for Security","author":"Shostack A.","year":"2014","unstructured":"A. Shostack. 2014. Threat Modeling Designing for Security. Wiley."},{"key":"e_1_3_3_6_2","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2007.70240"},{"key":"e_1_3_3_7_2","volume-title":"Proceedings of the 2010 43rd Hawaii International Conference on System Sciences","author":"Ryoo J.","year":"2010","unstructured":"J. Ryoo, P. Laplante, and R. Kazman. 2010. A methodology for mining security tactics from security patterns. In Proceedings of the 2010 43rd Hawaii International Conference on System Sciences. DOI:10.1109\/HICSS.2010.18"},{"key":"e_1_3_3_8_2","volume-title":"Proceedings of the 2021 IEEE\/ACM 43rd International Conference on Software Engineering (ICSE \u201921)","author":"Braz L.","year":"2021","unstructured":"L. Braz, E. Fregnan, G. \u00c7alikli, and A. Bacchelli. 2021. Why don\u2019t developers detect improper input validation?\u2019; DROP TABLE papers;\u2013. In Proceedings of the 2021 IEEE\/ACM 43rd International Conference on Software Engineering (ICSE \u201921)."},{"key":"e_1_3_3_9_2","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2005.23"},{"key":"e_1_3_3_10_2","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2004.111"},{"key":"e_1_3_3_11_2","volume-title":"Proceedings of the 2010 23rd IEEE Computer Security Foundations Symposium","author":"Russo A.","year":"2010","unstructured":"A. Russo and A. Sabelfeld. 2010. Dynamic vs. static flow-sensitive security analysis. In Proceedings of the 2010 23rd IEEE Computer Security Foundations Symposium. DOI:10.1109\/CSF.2010.20"},{"key":"e_1_3_3_12_2","volume-title":"Information and Communications Security","author":"Lin G.","year":"2020","unstructured":"G. Lin, W. Xiao, J. Zhang, and Y. Xiang. 2020. Deep learning-based vulnerable function detection: A benchmark. In Information and Communications Security. Lecture Notes in Computer Science, Vol. 11999. Springer, 219\u2013232."},{"key":"e_1_3_3_13_2","volume-title":"Information Systems Security","author":"Renjith G.","year":"2021","unstructured":"G. Renjith and S. Aji. 2021. Vulnerability analysis and detection using graph neural networks for Android operating system. In Information Systems Security. Lecture Notes in Computer Science, Vol. 13146. Springer, 57\u201372."},{"key":"e_1_3_3_14_2","volume-title":"Information and Communications Security","author":"Guo N.","year":"2020","unstructured":"N. Guo, X. Li, H. Yin, and Y. Gao. 2020. VulHunter: An automated vulnerability detection system based on deep learning and bytecode. In Information and Communications Security. Lecture Notes in Computer Science, Vol. 11999. Springer, 199\u2013218."},{"key":"e_1_3_3_15_2","volume-title":"Dependable Software Engineering: Theories, Tools, and Applications","author":"Chen J.","year":"2021","unstructured":"J. Chen, B. Liu, S. Cai, W. Wang, and S. Wang. 2021. AIdetectorX: A vulnerability detector based on TCN and self-attention mechanism. In Dependable Software Engineering: Theories, Tools, and Applications. Lecture Notes in Computer Science, Vol. 13071. Springer, 161\u2013177."},{"key":"e_1_3_3_16_2","volume-title":"Computational Science and Its Applications\u2014ICCSA 2022 Workshops","author":"Mosolyg\u00f3 B.","year":"2022","unstructured":"B. Mosolyg\u00f3, N. V\u00e1ndor, P. Heged\u0171s, and R. Ferenc. 2022. A line-level explainable vulnerability detection approach for Java. In Computational Science and Its Applications\u2014ICCSA 2022 Workshops. Lecture Notes in Computer Science, Vol. 13380. Springer, 106\u2013122."},{"key":"e_1_3_3_17_2","doi-asserted-by":"publisher","DOI":"10.1109\/TII.2018.2821768"},{"key":"e_1_3_3_18_2","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2014.2355839"},{"key":"e_1_3_3_19_2","volume-title":"Proceedings of the 2016 International Joint Conference on Neural Networks (IJCNN \u201916)","author":"Narayanan A.","year":"2016","unstructured":"A. Narayanan, L. Yang, L. Chen, and L. Jinliang. 2016. Adaptive and scalable Android malware detection through online learning. In Proceedings of the 2016 International Joint Conference on Neural Networks (IJCNN \u201916). DOI:10.1109\/IJCNN.2016.7727508"},{"key":"e_1_3_3_20_2","unstructured":"A. Narayanan M. Chandramohan L. Chen and Y. Liu. 2017. Context-aware adaptive and scalable Android malware detection through online learning (extended version). arxiv:cs.CR\/1706.00947."},{"key":"e_1_3_3_21_2","doi-asserted-by":"crossref","unstructured":"E. Mariconti L. Onwuzurike P. Andriotis E. De Cristofaro G. Ross and G. Stringhini. 2017. MaMaDroid: Detecting Android malware by building Markov chains of behavioral models. arxiv:cs.CR\/1612.04433.","DOI":"10.14722\/ndss.2017.23353"},{"key":"e_1_3_3_22_2","volume-title":"Proceedings of the 11th International Conference on Security of Information and Networks (SIN \u201918)","author":"Zegzhda P.","year":"2018","unstructured":"P. Zegzhda, D. Zegzhda, E. Pavlenko, and G. Ignatev. 2018. Applying deep learning techniques for Android malware detection. In Proceedings of the 11th International Conference on Security of Information and Networks (SIN \u201918). Article 7. DOI:10.1145\/3264437.3264476"},{"key":"e_1_3_3_23_2","volume-title":"Proceedings of the 34th Annual Computer Security Applications Conference (ACSAC \u201918)","author":"Allen J.","year":"2018","unstructured":"J. Allen, M. Landen, S. Chaba, Y. Ji, S. P. H. Chung, and W. Lee. 2018. Improving accuracy of Android malware detection with lightweight contextual awareness. In Proceedings of the 34th Annual Computer Security Applications Conference (ACSAC \u201918). DOI:10.1145\/3274694.3274744"},{"key":"e_1_3_3_24_2","volume-title":"Proceedings of the 2018 Technologies for Smart-City Energy Security and Power (ICSESP \u201918)","author":"Koli J. D.","year":"2018","unstructured":"J. D. Koli. 2018. RanDroid: Android malware detection using random machine learning classifiers. In Proceedings of the 2018 Technologies for Smart-City Energy Security and Power (ICSESP \u201918). DOI:10.1109\/ICSESP.2018.8376705"},{"key":"e_1_3_3_25_2","volume-title":"Proceedings of the 2016 IEEE 37th Sarnoff Symposium","author":"Wang Z.","year":"2016","unstructured":"Z. Wang, J. Cai, S. Cheng, and W. Li. 2016. DroidDeepLearner: Identifying Android malware using deep learning. In Proceedings of the 2016 IEEE 37th Sarnoff Symposium. DOI:10.1109\/SARNOF.2016.7846747"},{"key":"e_1_3_3_26_2","volume-title":"Proceedings of the 2018 International Symposium on Theoretical Aspects of Software Engineering (TASE \u201918)","author":"Xie N.","year":"2018","unstructured":"N. Xie, F. Zeng, X. Qin, Y. Zhang, M. Zhou, and C. Lv. 2018. RepassDroid: Automatic detection of Android malware based on essential permissions and semantic features of sensitive APIs. In Proceedings of the 2018 International Symposium on Theoretical Aspects of Software Engineering (TASE \u201918). DOI:10.1109\/TASE.2018.00015"},{"key":"e_1_3_3_27_2","doi-asserted-by":"publisher","DOI":"10.1007\/s10664-017-9539-8"},{"key":"e_1_3_3_28_2","volume-title":"Computer Security\u2014ESORICS 2014","author":"Yang C.","year":"2014","unstructured":"C. Yang, Z. Xu, G. Gu, V. Yegneswaran, and P. Porras. 2014. DroidMiner: Automated mining and characterization of fine-grained malicious behaviors in Android applications. In Computer Security\u2014ESORICS 2014. Lecture Notes in Computer Science, Vol. 8712. Springer, 163\u2013182."},{"key":"e_1_3_3_29_2","volume-title":"Proceedings of the 44th International Conference on Software Engineering (ICSE \u201922)","author":"Braz L.","year":"2022","unstructured":"L. Braz, C. Aeberhard, G. \u00c7alikli, and A. Bacchelli. 2022. Less is more: Supporting developers in vulnerability detection during code review. In Proceedings of the 44th International Conference on Software Engineering (ICSE \u201922). DOI:10.1145\/3510003.3511560"},{"key":"e_1_3_3_30_2","volume-title":"Proceedings of the 2021 36th IEEE\/ACM International Conference on Automated Software Engineering (ASE \u201921)","author":"Vagavolu D.","year":"2021","unstructured":"D. Vagavolu, K. C. Swarna, and S. Chimalakonda. 2021. A mocktail of source code representations. In Proceedings of the 2021 36th IEEE\/ACM International Conference on Automated Software Engineering (ASE \u201921). DOI:10.1109\/ASE51524.2021.9678551"},{"key":"e_1_3_3_31_2","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2022.3156637"},{"key":"e_1_3_3_32_2","volume-title":"Proceedings of the 18th International Conference on Predictive Models and Data Analytics in Software Engineering (PROMISE \u201922)","author":"Debeyan F. Al","year":"2022","unstructured":"F. Al Debeyan, T. Hall, and D. Bowes. 2022. Improving the performance of code vulnerability prediction using abstract syntax tree information. In Proceedings of the 18th International Conference on Predictive Models and Data Analytics in Software Engineering (PROMISE \u201922). DOI:10.1145\/3558489.3559066"},{"key":"e_1_3_3_33_2","volume-title":"Proceedings of the 44th International Conference on Software Engineering","author":"Sejfia A.","year":"2022","unstructured":"A. Sejfia and M. Sch\u00e4fer. 2022. Practical automated detection of malicious npm packages. In Proceedings of the 44th International Conference on Software Engineering. DOI:10.1145\/3510003.3510104"},{"key":"e_1_3_3_34_2","volume-title":"Proceedings of the 2020 19th IEEE International Conference on Machine Learning and Applications (ICMLA \u201920)","author":"Rodrigues G. E. de P.","year":"2020","unstructured":"G. E. de P. Rodrigues, A. M. Braga, and R. Dahab. 2020. Using graph embeddings and machine learning to detect cryptography misuse in source code. In Proceedings of the 2020 19th IEEE International Conference on Machine Learning and Applications (ICMLA \u201920). DOI:10.1109\/ICMLA51294.2020.00171"},{"key":"e_1_3_3_35_2","volume-title":"Proceedings of the 2021 IEEE 45th Annual Computers, Software, and Applications Conference (COMPSAC \u201921)","author":"Partenza G.","year":"2021","unstructured":"G. Partenza, T. Amburgey, L. Deng, J. Dehlinger, and S. Chakraborty. 2021. Automatic identification of vulnerable code: Investigations with an AST-based neural network. In Proceedings of the 2021 IEEE 45th Annual Computers, Software, and Applications Conference (COMPSAC \u201921). DOI:10.1109\/COMPSAC51774.2021.00219"},{"key":"e_1_3_3_36_2","volume-title":"Advances and Trends in Artificial Intelligence. Theory and Practices in Artificial Intelligence","author":"Mester A.","year":"2022","unstructured":"A. Mester and Z. Bod\u00f3. 2022. Malware classification based on graph convolutional neural networks and static call graph features. In Advances and Trends in Artificial Intelligence. Theory and Practices in Artificial Intelligence. Lecture Notes in Computer Science, Vol. 13343. Springer, 528\u2013539."},{"key":"e_1_3_3_37_2","unstructured":"J. A. Harer L. Y. Kim R. L. Russell O. Ozdemir L. R. Kosta A. Rangamani L. H. Hamilton G. I. Centeno J. R. Key P. M. Ellingwood et\u00a0al. 2018. Automated software vulnerability detection with machine learning. arxiv:cs.SE\/1803.04497."},{"key":"e_1_3_3_38_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.infsof.2021.106576"},{"key":"e_1_3_3_39_2","volume-title":"Security in Computer and Information Sciences","author":"Kalouptsoglou I.","year":"2022","unstructured":"I. Kalouptsoglou, M. Siavvas, D. Kehagias, A. Chatzigeorgiou, and A. Ampatzoglou. 2022. An empirical evaluation of the usefulness of word embedding techniques in deep learning-based vulnerability prediction. In Security in Computer and Information Sciences. Communications in Computer and Information Science, Vol. 1596. Springer, 23\u201337."},{"key":"e_1_3_3_40_2","volume-title":"Proceedings of the 2022 IEEE\/ACM 44th International Conference on Software Engineering (ICSE \u201922)","author":"Feng R.","year":"2022","unstructured":"R. Feng, Z. Yan, S. Peng, and Y. Zhang. 2022. Automated detection of password leakage from public GitHub repositories. In Proceedings of the 2022 IEEE\/ACM 44th International Conference on Software Engineering (ICSE \u201922). DOI:10.1145\/3510003.3510150"},{"key":"e_1_3_3_41_2","volume-title":"Proceedings of the 2019 34th IEEE\/ACM International Conference on Automated Software Engineering Workshop (ASEW \u201919)","author":"Saccente N.","year":"2019","unstructured":"N. Saccente, J. Dehlinger, L. Deng, S. Chakraborty, and Y. Xiong. 2019. Project Achilles: A prototype tool for static method-level vulnerability detection of Java source code using a recurrent neural network. In Proceedings of the 2019 34th IEEE\/ACM International Conference on Automated Software Engineering Workshop (ASEW \u201919). DOI:10.1109\/ASEW.2019.00040"},{"key":"e_1_3_3_42_2","volume-title":"Proceedings of the 2018 Network and Distributed System Security Symposium","author":"Li Z.","year":"2018","unstructured":"Z. Li, D. Zou, S. Xu, X. Ou, H. Jin, S. Wang, Z. Deng, and Y. Zhong. 2018. VulDeePecker: A deep learning-based system for vulnerability detection. In Proceedings of the 2018 Network and Distributed System Security Symposium. DOI:10.14722\/ndss.2018.23158"},{"key":"e_1_3_3_43_2","volume-title":"Proceedings of the ACM\/IEEE 44th International Conference on Software Engineering: Companion Proceedings (ICSE \u201922)","author":"Nguyen V.-A.","year":"2022","unstructured":"V.-A. Nguyen, D. Q. Nguyen, V. Nguyen, T. Le, Q. H. Tran, and D. Phung. 2022. ReGVD: Revisiting graph neural networks for vulnerability detection. In Proceedings of the ACM\/IEEE 44th International Conference on Software Engineering: Companion Proceedings (ICSE \u201922). DOI:10.1145\/3510454.3516865"},{"key":"e_1_3_3_44_2","volume-title":"Proceedings of the 30th ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC\/FSE \u201922)","author":"Fu M.","year":"2022","unstructured":"M. Fu, C. Tantithamthavorn, T. Le, V. Nguyen, and D. Phung. 2022. VulRepair: A T5-based automated software vulnerability repair. In Proceedings of the 30th ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC\/FSE \u201922). DOI:10.1145\/3540250.3549098"},{"key":"e_1_3_3_45_2","volume-title":"Proceedings of the 31st ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA \u201922)","author":"Cheng X.","year":"2022","unstructured":"X. Cheng, G. Zhang, H. Wang, and Y. Sui. 2022. Path-sensitive code embedding via contrastive learning for software vulnerability detection. In Proceedings of the 31st ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA \u201922). DOI:10.1145\/3533767.3534371"},{"key":"e_1_3_3_46_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.ins.2020.11.053"},{"key":"e_1_3_3_47_2","volume-title":"Proceedings of the 29th International Joint Conference on Artificial Intelligence (IJCAI \u201920)","author":"Zhuang Y.","year":"2020","unstructured":"Y. Zhuang, Z. Liu, P. Qian, Q. Liu, X. Wang, and Q. He. 2020. Smart contract vulnerability detection using graph neural network. In Proceedings of the 29th International Joint Conference on Artificial Intelligence (IJCAI \u201920). DOI:10.24963\/ijcai.2020\/454"},{"key":"e_1_3_3_48_2","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2020.2969429"},{"key":"e_1_3_3_49_2","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2021.3076142"},{"key":"e_1_3_3_50_2","unstructured":"B. Kitchenham and S. Charters. 2007. Guidelines for Performing Systematic Literature Reviews in Software Engineering. Technical Report. EBSE."},{"key":"e_1_3_3_51_2","volume-title":"Proceedings of the 2003 25th International Conference on Software Engineering.","author":"Kemmerer R. A.","year":"2003","unstructured":"R. A. Kemmerer. 2003. Cybersecurity. In Proceedings of the 2003 25th International Conference on Software Engineering.DOI:10.1109\/ICSE.2003.1201257"},{"key":"e_1_3_3_52_2","volume-title":"Proceedings of the 2021 2nd International Conference on Electronics, Communications, and Information Technology (CECIT \u201921)","author":"Xia X.","year":"2021","unstructured":"X. Xia, Y. Wang, and Y. Yang. 2021. Source code vulnerability detection based on SAR-GIN. In Proceedings of the 2021 2nd International Conference on Electronics, Communications, and Information Technology (CECIT \u201921). DOI:10.1109\/CECIT53797.2021.00202"},{"key":"e_1_3_3_53_2","volume-title":"Proceedings of the 2014 IEEE Symposium on Security and Privacy","author":"Yamaguchi F.","year":"2014","unstructured":"F. Yamaguchi, N. Golde, D. Arp, and K. Rieck. 2014. Modeling and discovering vulnerabilities with code property graphs. In Proceedings of the 2014 IEEE Symposium on Security and Privacy. DOI:10.1109\/SP.2014.44"},{"key":"e_1_3_3_54_2","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2014.2340398"},{"key":"e_1_3_3_55_2","unstructured":"L. Buratti S. Pujar M. Bornea S. McCarley Y. Zheng G. Rossello A. Morari J. Laredo V. Thost Y. Zhuang et\u00a0al. 2020. Exploring software naturalness through neural language models. arxiv:cs.CL\/2006.12641."},{"key":"e_1_3_3_56_2","volume-title":"Artificial Neural Networks in Pattern Recognition","author":"Bernstein A.","year":"2014","unstructured":"A. Bernstein and A. Kuleshov. 2014. Low-dimensional data representation in data analysis. In Artificial Neural Networks in Pattern Recognition. Lecture Notes in Computer Science, Vol. 8774. Springer, 47\u201358."},{"key":"e_1_3_3_57_2","volume-title":"Proceedings of the 39th ACM SIGMOD-SIGACT-SIGAI Symposium on Principles of Database Systems (PODS \u201920)","author":"Grohe M.","year":"2020","unstructured":"M. Grohe. 2020. Word2vec, Node2vec, Graph2vec, X2vec: Towards a theory of vector embeddings of structured data. In Proceedings of the 39th ACM SIGMOD-SIGACT-SIGAI Symposium on Principles of Database Systems (PODS \u201920). DOI:10.1145\/3375395.3387641"},{"key":"e_1_3_3_58_2","unstructured":"T. Mikolov K. Chen G. Corrado and J. Dean. 2013. Efficient estimation of word representations in vector space. arxiv:cs.CL\/1301.3781."},{"key":"e_1_3_3_59_2","doi-asserted-by":"publisher","unstructured":"A. Narayanan M. Chandramohan R. Venkatesan L. Chen Y. Liu and S. Jaiswal. 2017. graph2vec: Learning distributed representations of graphs. arXiv:1707.05005 (cs). DOI:10.48550\/ARXIV.1707.05005","DOI":"10.48550\/ARXIV.1707.05005"},{"key":"e_1_3_3_60_2","doi-asserted-by":"publisher","DOI":"10.1145\/3290353"},{"key":"e_1_3_3_61_2","volume-title":"Proceedings of the 19th International Conference on Mining Software Repositories","author":"Ma W.","year":"2022","unstructured":"W. Ma, M. Zhao, E. Soremekun, Q. Hu, J. M. Zhang, M. Papadakis, M. Cordy, X. Xie, and Y. L. Traon. 2022. GraphCode2Vec: Generic code embedding via lexical and program dependence analyses. In Proceedings of the 19th International Conference on Mining Software Repositories. DOI:10.1145\/3524842.3528456"},{"key":"e_1_3_3_62_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-92624-7_1"},{"key":"e_1_3_3_63_2","doi-asserted-by":"publisher","DOI":"10.1109\/TR.2019.2892517"},{"key":"e_1_3_3_64_2","volume-title":"Proceedings of the 2022 IEEE 46th Annual Computers, Software, and Applications Conference (COMPSAC \u201922)","author":"Nazim M. T. Bin","year":"2022","unstructured":"M. T. Bin Nazim, M. J. H. Faruk, H. Shahriar, M. A. Khan, M. Masum, N. Sakib, and F. Wu. 2022. Systematic analysis of deep learning model for vulnerable code detection. In Proceedings of the 2022 IEEE 46th Annual Computers, Software, and Applications Conference (COMPSAC \u201922). DOI:10.1109\/COMPSAC54236.2022.00281"},{"key":"e_1_3_3_65_2","doi-asserted-by":"publisher","DOI":"10.1049\/sfw2.12064"},{"key":"e_1_3_3_66_2","unstructured":"Y. Yang X. Xia D. Lo and J. Grundy. 2020. A survey on deep learning for software engineering. arxiv:cs.SE\/2011.14597."},{"key":"e_1_3_3_67_2","unstructured":"F. Ferreira L. L. Silva and M. T. Valente. 2020. Software engineering meets deep learning: A mapping study. arxiv:cs.SE\/1909.11436."},{"key":"e_1_3_3_68_2","doi-asserted-by":"publisher","DOI":"10.1109\/JPROC.2020.2993293"},{"key":"e_1_3_3_69_2","doi-asserted-by":"crossref","unstructured":"T. Sonnekalb T. S Heinze and P. M\u00e4der. 2022. Deep security analysis of program code: A systematic literature review. Empirical Software Engineering 27 (2022) 1\u201339. https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10664-021-10029-x.pdf","DOI":"10.1007\/s10664-021-10029-x"},{"key":"e_1_3_3_70_2","doi-asserted-by":"publisher","DOI":"10.1049\/iet-sen.2020.0084"},{"key":"e_1_3_3_71_2","doi-asserted-by":"publisher","DOI":"10.1145\/3092566"},{"key":"e_1_3_3_72_2","unstructured":"J. Wu. 2021. Literature review on vulnerability detection using NLP technology. arxiv:cs.CR\/2104.11230."},{"key":"e_1_3_3_73_2","unstructured":"Z. Chen and M. Monperrus. 2019. A literature study of embeddings on source code. arxiv:cs.LG\/1904.03061."},{"key":"e_1_3_3_74_2","doi-asserted-by":"publisher","DOI":"10.1145\/3572905"},{"key":"e_1_3_3_75_2","volume-title":"Agile Processes in Software Engineering and Extreme Programming","author":"Lwakatare L. E.","year":"2019","unstructured":"L. E. Lwakatare, A. Raj, J. Bosch, H. H. Olsson, and I. Crnkovic. 2019. A taxonomy of software engineering challenges for machine learning systems: An empirical investigation. In Agile Processes in Software Engineering and Extreme Programming. Lecture Notes in Business Information Processing, Vol. 355. Springer, 227\u2013243."},{"key":"e_1_3_3_76_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.jnca.2021.103009"},{"key":"e_1_3_3_77_2","doi-asserted-by":"publisher","DOI":"10.1145\/3331174"},{"key":"e_1_3_3_78_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2022.109032"},{"key":"e_1_3_3_79_2","volume-title":"Proceedings of the 33rd International Conference on Neural Information Processing Systems","author":"Zhou Y.","year":"2019","unstructured":"Y. Zhou, S. Liu, J. Siow, X. Du, and Y. Liu. 2019. Devign: Effective vulnerability identification by learning comprehensive program semantics via graph neural networks. In Proceedings of the 33rd International Conference on Neural Information Processing Systems. https:\/\/proceedings.neurips.cc\/paper_files\/paper\/2019\/file\/49265d2447bc3bbfe9e76306ce40a31f-Paper.pdf"},{"key":"e_1_3_3_80_2","doi-asserted-by":"crossref","unstructured":"H. H. Nguyen N.-M. Nguyen C. Xie Z. Ahmadi D. Kudendo T.-N. Doan and L. Jiang. 2022. MANDO: Multi-level heterogeneous graph embeddings for fine-grained detection of smart contract vulnerabilities. arxiv:cs.SE\/2208.13252.","DOI":"10.1109\/DSAA54385.2022.10032337"},{"key":"e_1_3_3_81_2","unstructured":"Y. Zhuang S. Suneja V. Thost G. Domeniconi A. Morari and J. Laredo. 2021. Software vulnerability detection via deep learning over disaggregated code graph representation. arxiv:cs.AI\/2109.03341."},{"key":"e_1_3_3_82_2","volume-title":"Proceedings of the 2019 24th International Conference on Engineering of Complex Computer Systems (ICECCS \u201919)","author":"Cheng X.","year":"2019","unstructured":"X. Cheng, H. Wang, J. Hua, M. Zhang, G. Xu, L. Yi, and Y. Sui. 2019. Static detection of control-flow-related vulnerabilities using graph embedding. In Proceedings of the 2019 24th International Conference on Engineering of Complex Computer Systems (ICECCS \u201919). DOI:10.1109\/ICECCS.2019.00012"},{"key":"e_1_3_3_83_2","volume-title":"Proceedings of the 6th ACM Conference on Data and Application Security and Privacy (CODASPY \u201916)","author":"Grieco G.","year":"2016","unstructured":"G. Grieco, G. L. Grinblat, L. Uzal, S. Rawat, J. Feist, and L. Mounier. 2016. Toward large-scale vulnerability discovery using machine learning. In Proceedings of the 6th ACM Conference on Data and Application Security and Privacy (CODASPY \u201916). DOI:10.1145\/2857705.2857720"},{"key":"e_1_3_3_84_2","volume-title":"Proceedings of the 13th International Conference on Availability, Reliability, and Security","author":"Kronjee J.","year":"2018","unstructured":"J. Kronjee, A. Hommersom, and H. Vranken. 2018. Discovering software vulnerabilities using data-flow analysis and machine learning. In Proceedings of the 13th International Conference on Availability, Reliability, and Security(ARES \u201918). Article 6. DOI:10.1145\/3230833.3230856"},{"key":"e_1_3_3_85_2","volume-title":"Proceedings of the 2022 International Joint Conference on Neural Networks (IJCNN \u201922)","author":"Cheng K.","year":"2022","unstructured":"K. Cheng, G. Du, T. Wu, L. Chen, and G. Shi. 2022. Automated vulnerable codes mutation through deep learning for variability detection. In Proceedings of the 2022 International Joint Conference on Neural Networks (IJCNN \u201922). DOI:10.1109\/IJCNN55064.2022.9892444"},{"key":"e_1_3_3_86_2","volume-title":"Proceedings of the 2022 IEEE 25th International Conference on Computer Supported Cooperative Work in Design (CSCWD \u201922)","author":"Wu T.","year":"2022","unstructured":"T. Wu, L. Chen, G. Du, C. Zhu, N. Cui, and G. Shi. 2022. Inductive vulnerability detection via gated graph neural network. In Proceedings of the 2022 IEEE 25th International Conference on Computer Supported Cooperative Work in Design (CSCWD \u201922). DOI:10.1109\/CSCWD54268.2022.9776051"},{"key":"e_1_3_3_87_2","volume-title":"Proceedings of the 2022 IEEE Conference on Dependable and Secure Computing (DSC \u201922)","author":"Rabheru R.","year":"2022","unstructured":"R. Rabheru, H. Hanif, and S. Maffeis. 2022. A hybrid graph neural network approach for detecting PHP vulnerabilities. In Proceedings of the 2022 IEEE Conference on Dependable and Secure Computing (DSC \u201922). DOI:10.1109\/DSC54232.2022.9888816"},{"key":"e_1_3_3_88_2","volume-title":"Proceedings of the 44th International Conference on Software Engineering (ICSE \u201922)","author":"Wu Y.","year":"2022","unstructured":"Y. Wu, D. Zou, S. Dou, W. Yang, D. Xu, and H. Jin. 2022. VulCNN: An image-inspired scalable vulnerability detection system. In Proceedings of the 44th International Conference on Software Engineering (ICSE \u201922). DOI:10.1145\/3510003.3510229"},{"key":"e_1_3_3_89_2","volume-title":"Proceedings of the 29th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC\/FSE \u201921)","author":"Li Y.","year":"2021","unstructured":"Y. Li, S. Wang, and T. N. Nguyen. 2021. Vulnerability detection with fine-grained interpretations. In Proceedings of the 29th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC\/FSE \u201921). DOI:10.1145\/3468264.3468597"},{"key":"e_1_3_3_90_2","volume-title":"Proceedings of the 2020 IEEE International Conference on Parallel and Distributed Processing with Applications, Big Data, and Cloud Computing, Sustainable Computing and Communications, and Social Computing and Networking (ISPA\/BDCloud\/SocialCom\/SustainCom \u201920)","author":"An W.","year":"2020","unstructured":"W. An, L. Chen, J. Wang, G. Du, G. Shi, and D. Meng. 2020. AVDHRAM: Automated vulnerability detection based on hierarchical representation and attention mechanism. In Proceedings of the 2020 IEEE International Conference on Parallel and Distributed Processing with Applications, Big Data, and Cloud Computing, Sustainable Computing and Communications, and Social Computing and Networking (ISPA\/BDCloud\/SocialCom\/SustainCom \u201920). DOI:10.1109\/ISPA-BDCloud-SocialCom-SustainCom51426.2020.00068"},{"key":"e_1_3_3_91_2","volume-title":"Proceedings of the 2021 IEEE International Conference on Parallel and Distributed Processing with Applications, Big Data and Cloud Computing, Sustainable Computing and Communications, and Social Computing and Networking (ISPA\/BDCloud\/SocialCom\/SustainCom \u201921)","author":"Wu T.","year":"2021","unstructured":"T. Wu, L. Chen, G. Du, C. Zhu, and G. Shi. 2021. Self-attention based automated vulnerability detection with effective data representation. In Proceedings of the 2021 IEEE International Conference on Parallel and Distributed Processing with Applications, Big Data and Cloud Computing, Sustainable Computing and Communications, and Social Computing and Networking (ISPA\/BDCloud\/SocialCom\/SustainCom \u201921). DOI:10.1109\/ISPA-BDCloud-SocialCom-SustainCom52081.2021.00126"},{"key":"e_1_3_3_92_2","volume-title":"Proceedings of the 2020 IEEE 19th International Conference on Trust, Security, and Privacy in Computing and Communications (TrustCom \u201920)","author":"Zeng J.","year":"2020","unstructured":"J. Zeng, X. Nie, L. Chen, J. Li, G. Du, and G. Shi. 2020. An efficient vulnerability extrapolation using similarity of graph kernel of PDGs. In Proceedings of the 2020 IEEE 19th International Conference on Trust, Security, and Privacy in Computing and Communications (TrustCom \u201920). DOI:10.1109\/TrustCom50675.2020.00229"},{"key":"e_1_3_3_93_2","volume-title":"Proceedings of the 2022 IEEE Applied Imagery Pattern Recognition Workshop (AIPR \u201922)","author":"Watson A.","year":"2022","unstructured":"A. Watson, E. Ufuktepe, and K. Palaniappan. 2022. Detecting software code vulnerabilities using 2D convolutional neural networks with program slicing feature maps. In Proceedings of the 2022 IEEE Applied Imagery Pattern Recognition Workshop (AIPR \u201922). DOI:10.1109\/AIPR57179.2022.10092211"},{"key":"e_1_3_3_94_2","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2022.3199769"},{"key":"e_1_3_3_95_2","volume-title":"Proceedings of the 2013 35th International Conference on Software Engineering (ICSE \u201913)","author":"Shar L. K.","year":"2013","unstructured":"L. K. Shar, H. Beng Kuan Tan, and L. C. Briand. 2013. Mining SQL injection and cross site scripting vulnerabilities using hybrid program analysis. In Proceedings of the 2013 35th International Conference on Software Engineering (ICSE \u201913). DOI:10.1109\/ICSE.2013.6606610"},{"key":"e_1_3_3_96_2","volume-title":"Proceedings of the 2022 IEEE 46th Annual Computers, Software, and Applications Conference (COMPSAC \u201922)","author":"Yan G.","year":"2022","unstructured":"G. Yan, S. Chen, Y. Bail, and X. Li. 2022. Can deep learning models learn the vulnerable patterns for vulnerability detection? In Proceedings of the 2022 IEEE 46th Annual Computers, Software, and Applications Conference (COMPSAC \u201922). DOI:10.1109\/COMPSAC54236.2022.00142"},{"key":"e_1_3_3_97_2","doi-asserted-by":"publisher","unstructured":"S. Rasthofer S. Arzt and E. Bodden. 2014. A machine-learning approach for classifying and categorizing Android sources and sinks. In Proceedings of the Network and Distributed System Security Symposium (NDSS \u201914). DOI:10.14722\/ndss.2014.23039","DOI":"10.14722\/ndss.2014.23039"},{"key":"e_1_3_3_98_2","volume-title":"Proceedings of the 2021 IEEE 6th International Conference on Data Science in Cyberspace (DSC \u201921)","author":"Zhou L.","year":"2021","unstructured":"L. Zhou, M. Huang, Y. Li, Y. Nie, J. Li, and Y. Liu. 2021. GraphEye: A novel solution for detecting vulnerable functions based on graph attention network. In Proceedings of the 2021 IEEE 6th International Conference on Data Science in Cyberspace (DSC \u201921). DOI:10.1109\/DSC53577.2021.00060"},{"key":"e_1_3_3_99_2","unstructured":"S. Suneja Y. Zheng Y. Zhuang J. Laredo and A. Morari. 2020. Learning to map source code to software vulnerability using code-as-a-graph. arxiv:cs.SE\/2006.08614."},{"key":"e_1_3_3_100_2","volume-title":"Proceedings of the 2022 IEEE International Conference on Software Analysis, Evolution, and Reengineering (SANER \u201922)","author":"Ding Y.","year":"2022","unstructured":"Y. Ding, S. Suneja, Y. Zheng, J. Laredo, A. Morari, G. Kaiser, and B. Ray. 2022. VELVET: A noVel ensemble learning approach to automatically locate VulnErable sTatements. In Proceedings of the 2022 IEEE International Conference on Software Analysis, Evolution, and Reengineering (SANER \u201922). DOI:10.1109\/SANER53432.2022.00114"},{"key":"e_1_3_3_101_2","volume-title":"Proceedings of the 28th International Joint Conference on Artificial Intelligence (IJCAI \u201919)","author":"Duan X.","year":"2019","unstructured":"X. Duan, J. Wu, S. Ji, Z. Rui, T. Luo, M. Yang, and Y. Wu. 2019. VulSniper: Focus your attention to shoot fine-grained vulnerabilities. In Proceedings of the 28th International Joint Conference on Artificial Intelligence (IJCAI \u201919). DOI:10.24963\/ijcai.2019\/648"},{"key":"e_1_3_3_102_2","volume-title":"Proceedings of the 2021 IEEE 32nd International Symposium on Software Reliability Engineering (ISSRE \u201921)","author":"Wu H.","year":"2021","unstructured":"H. Wu, Z. Zhang, S. Wang, Y. Lei, B. Lin, Y. Qin, H. Zhang, and X. Mao. 2021. Peculiar: Smart contract vulnerability detection based on crucial data flow graph and pre-training techniques. In Proceedings of the 2021 IEEE 32nd International Symposium on Software Reliability Engineering (ISSRE \u201921). DOI:10.1109\/ISSRE52982.2021.00047"},{"key":"e_1_3_3_103_2","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2020.3044773"},{"key":"e_1_3_3_104_2","doi-asserted-by":"publisher","DOI":"10.1109\/TKDE.2021.3095196"},{"key":"e_1_3_3_105_2","volume-title":"Proceedings of the 37th IEEE\/ACM International Conference on Automated Software Engineering (ASE \u201922)","author":"Zhang Z.","year":"2023","unstructured":"Z. Zhang, Y. Lei, M. Yan, Y. Yu, J. Chen, S. Wang, and X. Mao. 2023. Reentrancy vulnerability detection and localization: A deep learning based two-phase approach. In Proceedings of the 37th IEEE\/ACM International Conference on Automated Software Engineering (ASE \u201922). Article 83. DOI:10.1145\/3551349.3560428"},{"key":"e_1_3_3_106_2","doi-asserted-by":"publisher","unstructured":"X. Cheng H. Wang J. Hua G. Xu and Y. Sui. 2021. DeepWukong: Statically detecting software vulnerabilities using deep graph neural network. ACM Transactions on Software Engineering and Methodology 30 3 (2021) Article 38 33 pages. DOI:10.1145\/3436877","DOI":"10.1145\/3436877"},{"key":"e_1_3_3_107_2","volume-title":"Proceedings of the 2022 IEEE International Conference on Trust, Security, and Privacy in Computing and Communications (TrustCom \u201922)","author":"Gear J.","year":"2022","unstructured":"J. Gear, Y. Xu, E. Foo, P. Gauravaram, Z. Jadidi, and L. Simpson. 2022. SCEVD: Semantic-enhanced code embedding for vulnerability discovery. In Proceedings of the 2022 IEEE International Conference on Trust, Security, and Privacy in Computing and Communications (TrustCom \u201922). DOI:10.1109\/TrustCom56396.2022.00217"},{"key":"e_1_3_3_108_2","volume-title":"Proceedings of the 2021 IEEE 11th Annual Computing and Communication Workshop and Conference (CCWC \u201921)","author":"Wu Y.","year":"2021","unstructured":"Y. Wu, J. Lu, Y. Zhang, and S. Jin. 2021. Vulnerability detection in C\/C++ source code with graph representation learning. In Proceedings of the 2021 IEEE 11th Annual Computing and Communication Workshop and Conference (CCWC \u201921). DOI:10.1109\/CCWC51732.2021.9376145"},{"key":"e_1_3_3_109_2","doi-asserted-by":"crossref","unstructured":"Z. Liu P. Qian X. Wang L. Zhu Q. He and S. Ji. 2021. Smart contract vulnerability detection: From pure neural network to interpretable graph feature and expert pattern fusion. arxiv:cs.LG\/2106.09282.","DOI":"10.24963\/ijcai.2021\/379"},{"key":"e_1_3_3_110_2","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2014.2373377"},{"key":"e_1_3_3_111_2","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2019.2942930"},{"key":"e_1_3_3_112_2","volume-title":"Proceedings of the 2021 IEEE 32nd International Symposium on Software Reliability Engineering (ISSRE \u201921)","author":"Zheng W.","year":"2021","unstructured":"W. Zheng, Y. Jiang, and X. Su. 2021. Vu1SPG: Vulnerability detection based on slice property graph representation learning. In Proceedings of the 2021 IEEE 32nd International Symposium on Software Reliability Engineering (ISSRE \u201921). DOI:10.1109\/ISSRE52982.2021.00054"},{"key":"e_1_3_3_113_2","volume-title":"Proceedings of the 2022 International Conference on Computer Network, Electronic, and Automation (ICCNEA \u201922)","author":"Xue Y.","year":"2022","unstructured":"Y. Xue, J. Guo, L. Zhang, and H. Song. 2022. Message passing graph neural networks for software security vulnerability detection. In Proceedings of the 2022 International Conference on Computer Network, Electronic, and Automation (ICCNEA \u201922). DOI:10.1109\/ICCNEA57056.2022.00041"},{"key":"e_1_3_3_114_2","volume-title":"Proceedings of the 2023 8th International Conference on Data Science in Cyberspace (DSC \u201923)","author":"Sarbakysh N.","year":"2023","unstructured":"N. Sarbakysh and Z. Wang. 2023. A1BERT: A language-agnostic graph neural network model for vulnerability detection. In Proceedings of the 2023 8th International Conference on Data Science in Cyberspace (DSC \u201923). DOI:10.1109\/DSC59305.2023.00038"},{"key":"e_1_3_3_115_2","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2022.3216395"},{"key":"e_1_3_3_116_2","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2022.3147265"},{"key":"e_1_3_3_117_2","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2019.2949275"},{"key":"e_1_3_3_118_2","volume-title":"Quality of Information and Communications Technology","author":"Bagheri A.","year":"2021","unstructured":"A. Bagheri and P. Heged\u0171s. 2021. A comparison of different source code representation methods for vulnerability prediction in Python. In Quality of Information and Communications Technology. Communications in Computer and Information Science, Vol. 1439. Springer, 267\u2013281."},{"key":"e_1_3_3_119_2","volume-title":"Proceedings of the 19th International Conference on Mining Software Repositories (MSR \u201922)","author":"Hin D.","year":"2022","unstructured":"D. Hin, A. Kan, H. Chen, and M. A. Babar. 2022. LineVD: Statement-level vulnerability detection using graph neural networks. In Proceedings of the 19th International Conference on Mining Software Repositories (MSR \u201922). DOI:10.1145\/3524842.3527949"},{"key":"e_1_3_3_120_2","volume-title":"Proceedings of the 2022 IEEE\/ACM 19th International Conference on Mining Software Repositories (MSR \u201922)","author":"Fu M.","year":"2022","unstructured":"M. Fu and C. Tantithamthavorn. 2022. LineVul: A transformer-based line-level vulnerability prediction. In Proceedings of the 2022 IEEE\/ACM 19th International Conference on Mining Software Repositories (MSR \u201922). DOI:10.1145\/3524842.3528452"},{"key":"e_1_3_3_121_2","volume-title":"Proceedings of the 2021 International Conference on Code Quality (ICCQ \u201921)","author":"Mosolyg\u00f3 B.","year":"2021","unstructured":"B. Mosolyg\u00f3, N. V\u00e1ndor, G. Antal, P. Heged\u0171s, and R. Ferenc. 2021. Towards a prototype based explainable JavaScript vulnerability prediction model. In Proceedings of the 2021 International Conference on Code Quality (ICCQ \u201921). DOI:10.1109\/ICCQ51190.2021.9392984"},{"key":"e_1_3_3_122_2","volume-title":"Proceedings of the 2021 IEEE\/ACM 29th International Conference on Program Comprehension (ICPC \u201921)","author":"Mazuera-Rozo A.","year":"2021","unstructured":"A. Mazuera-Rozo, A. Mojica-Hanke, M. Linares-V\u00e1squez, and G. Bavota. 2021. Shallow or deep? An empirical study on detecting vulnerabilities using deep learning. In Proceedings of the 2021 IEEE\/ACM 29th International Conference on Program Comprehension (ICPC \u201921). DOI:10.1109\/ICPC52881.2021.00034"},{"key":"e_1_3_3_123_2","volume-title":"Proceedings of the 2022 International Joint Conference on Neural Networks (IJCNN \u201922)","author":"Hanif H.","year":"2022","unstructured":"H. Hanif and S. Maffeis. 2022. VulBERTa: Simplified source code pre-training for vulnerability detection. In Proceedings of the 2022 International Joint Conference on Neural Networks (IJCNN \u201922). DOI:10.1109\/IJCNN55064.2022.9892280"},{"key":"e_1_3_3_124_2","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2018.2881961"},{"key":"e_1_3_3_125_2","volume-title":"Proceedings of the 36th IEEE\/ACM International Conference on Automated Software Engineering (ASE \u201921)","author":"Le T. H. M.","year":"2022","unstructured":"T. H. M. Le, D. Hin, R. Croft, and M. A. Babar. 2022. DeepCVA: Automated commit-level vulnerability assessment with deep multi-task learning. In Proceedings of the 36th IEEE\/ACM International Conference on Automated Software Engineering (ASE \u201921). DOI:10.1109\/ASE51524.2021.9678622"},{"key":"e_1_3_3_126_2","volume-title":"Proceedings of the 2019 IEEE\/ACM 16th International Conference on Mining Software Repositories (MSR \u201919)","author":"Le T. H. M.","year":"2019","unstructured":"T. H. M. Le, B. Sabir, and M. A. Babar. 2019. Automated software vulnerability assessment with concept drift. In Proceedings of the 2019 IEEE\/ACM 16th International Conference on Mining Software Repositories (MSR \u201919). DOI:10.1109\/MSR.2019.00063"},{"key":"e_1_3_3_127_2","doi-asserted-by":"publisher","DOI":"10.3390\/app10051692"},{"key":"e_1_3_3_128_2","volume-title":"Proceedings of the 2019 International Joint Conference on Neural Networks (IJCNN \u201919)","author":"Nguyen V.","year":"2019","unstructured":"V. Nguyen, T. Le, T. Le, K. Nguyen, O. DeVel, P. Montague, L. Qu, and D. Phung. 2019. Deep domain adaptation for vulnerable code function identification. In Proceedings of the 2019 International Joint Conference on Neural Networks (IJCNN \u201919). DOI:10.1109\/IJCNN.2019.8851923"},{"key":"e_1_3_3_129_2","doi-asserted-by":"crossref","unstructured":"M.-J. Choi S. Jeong H. Oh and J. Choo. 2017. End-to-end prediction of buffer overruns from raw source code via neural memory networks. arxiv:cs.SE\/1703.02458.","DOI":"10.24963\/ijcai.2017\/214"},{"key":"e_1_3_3_130_2","volume-title":"Proceedings of the 2021 36th IEEE\/ACM International Conference on Automated Software Engineering (ASE \u201921)","author":"Zhou J.","year":"2021","unstructured":"J. Zhou, M. Pacheco, Z. Wan, X. Xia, D. Lo, Y. Wang, and A. E. Hassan. 2021. Finding a needle in a haystack: Automated mining of silent vulnerability fixes. In Proceedings of the 2021 36th IEEE\/ACM International Conference on Automated Software Engineering (ASE \u201921). DOI:10.1109\/ASE51524.2021.9678720"},{"key":"e_1_3_3_131_2","volume-title":"Proceedings of the 2022 IEEE International Conference on Software Analysis, Evolution, and Reengineering (SANER \u201922)","author":"Nguyen-Truong G.","year":"2022","unstructured":"G. Nguyen-Truong, H. J. Kang, D. Lo, A. Sharma, A. E. Santosa, A. Sharma, and M. Y. Ang. 2022. HERMES: Using commit-issue linking to detect vulnerability-fixing commits. In Proceedings of the 2022 IEEE International Conference on Software Analysis, Evolution, and Reengineering (SANER \u201922). DOI:10.1109\/SANER53432.2022.00018"},{"key":"e_1_3_3_132_2","doi-asserted-by":"publisher","DOI":"10.1145\/3468854"},{"key":"e_1_3_3_133_2","volume-title":"Modelling, Analysis, and Simulation of Computer and Telecommunication Systems","author":"Filus K.","year":"2021","unstructured":"K. Filus, M. Siavvas, J. Doma\u0144ska, and E. Gelenbe. 2021. The random neural network as a bonding model for software vulnerability prediction. In Modelling, Analysis, and Simulation of Computer and Telecommunication Systems. Lecture Notes in Computer Science, Vol. 12527. Springer, 102\u2013116."},{"key":"e_1_3_3_134_2","volume-title":"Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security (CCS \u201915)","author":"Perl H.","year":"2015","unstructured":"H. Perl, S. Dechand, M. Smith, D. Arp, F. Yamaguchi, K. Rieck, S. Fahl, and Y. Acar. 2015. VCCFinder: Finding potential vulnerabilities in open-source projects to assist code audits. In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security (CCS \u201915). DOI:10.1145\/2810103.2813604"},{"key":"e_1_3_3_135_2","volume-title":"Proceedings of the 2018 5th International Conference on Systems and Informatics (ICSAI \u201918)","author":"Xu A.","year":"2018","unstructured":"A. Xu, T. Dai, H. Chen, Z. Ming, and W. Li. 2018. Vulnerability detection for source code using contextual LSTM. In Proceedings of the 2018 5th International Conference on Systems and Informatics (ICSAI \u201918). DOI:10.1109\/ICSAI.2018.8599360"},{"key":"e_1_3_3_136_2","volume-title":"Proceedings of the IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS \u201921)","author":"Ziems N.","year":"2021","unstructured":"N. Ziems and S. Wu. 2021. Security vulnerability detection using deep learning natural language processing. In Proceedings of the IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS \u201921). DOI:10.1109\/INFOCOMWKSHPS51825.2021.9484500"},{"key":"e_1_3_3_137_2","volume-title":"Proceedings of the 2020 IEEE 19th International Conference on Trust, Security, and Privacy in Computing and Communications (TrustCom \u201920)","author":"Cao D.","year":"2020","unstructured":"D. Cao, J. Huang, X. Zhang, and X. Liu. 2020. FTCLNet: Convolutional LSTM with Fourier transform for vulnerability detection. In Proceedings of the 2020 IEEE 19th International Conference on Trust, Security, and Privacy in Computing and Communications (TrustCom \u201920). DOI:10.1109\/TrustCom50675.2020.00078"},{"key":"e_1_3_3_138_2","volume-title":"Proceedings of the 2021 IEEE Military Communications Conference (MILCOM \u201921)","author":"Wang X.","year":"2021","unstructured":"X. Wang, S. Wang, P. Feng, K. Sun, S. Jajodia, S. Benchaaboun, and F. Geck. 2021. PatchRNN: A deep learning-based system for security patch identification. In Proceedings of the 2021 IEEE Military Communications Conference (MILCOM \u201921). DOI:10.1109\/MILCOM52596.2021.9652940"},{"key":"e_1_3_3_139_2","volume-title":"Proceedings of the 2022 IEEE 22nd International Conference on Software Quality, Reliability, and Security (QRS \u201922)","author":"Mamede C.","year":"2022","unstructured":"C. Mamede, E. Pinconschi, R. Abreu, and J. Campos. 2022. Exploring transformers for multi-label classification of Java vulnerabilities. In Proceedings of the 2022 IEEE 22nd International Conference on Software Quality, Reliability, and Security (QRS \u201922). DOI:10.1109\/QRS57517.2022.00015"},{"key":"e_1_3_3_140_2","volume-title":"Proceedings of the 2022 International Conference on Data Science and Intelligent Computing (ICDSIC \u201922)","author":"Abdulhamza F. R.","year":"2022","unstructured":"F. R. Abdulhamza and R. J. S. Al-Janabi. 2022. SQL injection detection using 2D-convolutional neural networks (2D-CNN). In Proceedings of the 2022 International Conference on Data Science and Intelligent Computing (ICDSIC \u201922). DOI:10.1109\/ICDSIC56987.2022.10075777"},{"key":"e_1_3_3_141_2","volume-title":"Proceedings of the 2018 International Joint Conference on Neural Networks (IJCNN \u201918)","author":"Ndichu S.","year":"2018","unstructured":"S. Ndichu, S. Ozawa, T. Misu, and K. Okada. 2018. A machine learning approach to malicious JavaScript detection using fixed length vector representation. In Proceedings of the 2018 International Joint Conference on Neural Networks (IJCNN \u201918). DOI:10.1109\/IJCNN.2018.8489414"},{"key":"e_1_3_3_142_2","volume-title":"Proceedings of the 2019 14th Asia Joint Conference on Information Security (AsiaJCIS \u201919)","author":"Mimura M.","year":"2019","unstructured":"M. Mimura and Y. Suga. 2019. Filtering malicious JavaScript code with Doc2Vec on an imbalanced dataset. In Proceedings of the 2019 14th Asia Joint Conference on Information Security (AsiaJCIS \u201919). DOI:10.1109\/AsiaJCIS.2019.000-9"},{"key":"e_1_3_3_143_2","volume-title":"Proceedings of the 2023 IEEE International Conference on Software Analysis, Evolution, and Reengineering (SANER \u201923)","author":"Zhou X.","year":"2023","unstructured":"X. Zhou, Y. Chen, H. Guo, X. Chen, and Y. Huang. 2023. Security code recommendations for smart contract. In Proceedings of the 2023 IEEE International Conference on Software Analysis, Evolution, and Reengineering (SANER \u201923). DOI:10.1109\/SANER56733.2023.00027"},{"key":"e_1_3_3_144_2","volume-title":"Proceedings of the 2023 8th International Conference on Data Science in Cyberspace (DSC \u201923)","author":"Liu Z.","year":"2023","unstructured":"Z. Liu, Q. Liao, W. Gu, and C. Gao. 2023. Software vulnerability detection with GPT and in-context learning. In Proceedings of the 2023 8th International Conference on Data Science in Cyberspace (DSC \u201923). DOI:10.1109\/DSC59305.2023.00041"},{"key":"e_1_3_3_145_2","doi-asserted-by":"publisher","DOI":"10.1186\/s13638-023-02242-7"},{"key":"e_1_3_3_146_2","unstructured":"Zeping Yu Wenxin Zheng Jiaqi Wang Qiyi Tang Sen Nie and Shi Wu. 2020. CodeCMR: Cross-modal retrieval for function-level binary source code matching. In Proceedings of the 34th Conference on Neural Information Processing Systems (NeurIPS \u201920). https:\/\/proceedings.neurips.cc\/paper_files\/paper\/2020\/file\/285f89b802bcb2651801455c86d78f2a-Paper.pdf"},{"key":"e_1_3_3_147_2","volume-title":"Proceedings of the 2019 IEEE\/ACM 7th International Workshop on Realizing Artificial Intelligence Synergies in Software Engineering (RAISE \u201919)","author":"Ferenc R.","year":"2019","unstructured":"R. Ferenc, P. Heged\u0171s, P. Gyimesi, G. Antal, D. B\u00e1n, and T. Gyim\u00f3thy. 2019. Challenging machine learning algorithms in predicting vulnerable JavaScript functions. In Proceedings of the 2019 IEEE\/ACM 7th International Workshop on Realizing Artificial Intelligence Synergies in Software Engineering (RAISE \u201919). DOI:10.1109\/RAISE.2019.00010"},{"key":"e_1_3_3_148_2","unstructured":"A. D. Sawadogo T. F. Bissyand\u00e9 N. Moha K. Allix J. Klein L. Li and Y. L. Traon. 2020. Learning to catch security patches. arxiv:cs.SE\/2001.09148."},{"key":"e_1_3_3_149_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.sysarc.2010.06.003"},{"key":"e_1_3_3_150_2","volume-title":"Proceedings of the 2017 IEEE Global Communications Conference (GLOBECOM \u201917)","author":"Yang L.","year":"2017","unstructured":"L. Yang, X. Li, and Y. Yu. 2017. VulDigger: A just-in-time and cost-aware tool for digging vulnerability-contributing changes. In Proceedings of the 2017 IEEE Global Communications Conference (GLOBECOM \u201917). DOI:10.1109\/GLOCOM.2017.8254428"},{"key":"e_1_3_3_151_2","volume-title":"Proceedings of the 15th Asian Internet Engineering Conference (AINTEC \u201919)","author":"Kumar L.","year":"2019","unstructured":"L. Kumar, C. Hota, A. Mahindru, and L. B. M. Neti. 2019. Android malware prediction using extreme learning machine with different kernel functions. In Proceedings of the 15th Asian Internet Engineering Conference (AINTEC \u201919). DOI:10.1145\/3340422.3343639"},{"key":"e_1_3_3_152_2","volume-title":"Proceedings of the 2021 International Conference on Computer Network, Electronic, and Automation (ICCNEA \u201921)","author":"Wang Z.","year":"2021","unstructured":"Z. Wang, J. Guo, and H. Li. 2021. Vulnerability feature extraction model for source code based on deep learning. In Proceedings of the 2021 International Conference on Computer Network, Electronic, and Automation (ICCNEA \u201921). DOI:10.1109\/ICCNEA53019.2021.00016"},{"key":"e_1_3_3_153_2","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2020.2988557"},{"key":"e_1_3_3_154_2","volume-title":"Proceedings of the 2021 Swedish Workshop on Data Science (SweDS \u201921)","author":"Ganesh S.","year":"2021","unstructured":"S. Ganesh, T. Ohlsson, and F. Palma. 2021. Predicting security vulnerabilities using source code metrics. In Proceedings of the 2021 Swedish Workshop on Data Science (SweDS \u201921). DOI:10.1109\/SweDS53855.2021.9638301"},{"key":"e_1_3_3_155_2","volume-title":"Proceedings of the 2019 IEEE International Conference on Computational Science and Engineering (CSE \u201919) and the IEEE International Conference on Embedded and Ubiquitous Computing (EUC \u201919)","author":"Chong T.-Y.","year":"2019","unstructured":"T.-Y. Chong, V. Anu, and K. Z. Sultana. 2019. Using software metrics for predicting vulnerable code-components: A study on Java and Python open source projects. In Proceedings of the 2019 IEEE International Conference on Computational Science and Engineering (CSE \u201919) and the IEEE International Conference on Embedded and Ubiquitous Computing (EUC \u201919). DOI:10.1109\/CSE\/EUC.2019.00028"},{"key":"e_1_3_3_156_2","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2020.3041181"},{"key":"e_1_3_3_157_2","volume-title":"Proceedings of the 2019 International Conference on Electrical and Computing Technologies and Applications (ICECTA \u201919)","author":"Hasan M.","year":"2019","unstructured":"M. Hasan, Z. Balbahaith, and M. Tarique. 2019. Detection of SQL injection attacks: A machine learning approach. In Proceedings of the 2019 International Conference on Electrical and Computing Technologies and Applications (ICECTA \u201919). DOI:10.1109\/ICECTA48151.2019.8959617"},{"key":"e_1_3_3_158_2","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2022.3232505"},{"key":"e_1_3_3_159_2","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2021.3051525"},{"key":"e_1_3_3_160_2","volume-title":"Proceedings of the 2022 IEEE 22nd International Conference on Software Quality, Reliability, and Security Companion (QRS-C \u201922)","author":"Mahyari A.","year":"2022","unstructured":"A. Mahyari. 2022. A hierarchical deep neural network for detecting lines of codes with vulnerabilities. In Proceedings of the 2022 IEEE 22nd International Conference on Software Quality, Reliability, and Security Companion (QRS-C \u201922). DOI:10.1109\/QRS-C57518.2022.00011"},{"key":"e_1_3_3_161_2","volume-title":"Proceedings of the 38th Annual Computer Security Applications Conference (ACSAC \u201922)","author":"Thapa C.","year":"2022","unstructured":"C. Thapa, S. I. Jang, M. E. Ahmed, S. Camtepe, J. Pieprzyk, and S. Nepal. 2022. Transformer-based language models for software vulnerability detection. In Proceedings of the 38th Annual Computer Security Applications Conference (ACSAC \u201922). DOI:10.1145\/3564625.3567985"},{"key":"e_1_3_3_162_2","volume-title":"Proceedings of the 2022 52nd Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN \u201922)","author":"Tang Z.","year":"2022","unstructured":"Z. Tang, Q. Hu, Y. Hu, W. Kuang, and J. Chen. 2022. SEVulDet: A semantics-enhanced learnable vulnerability detector. In Proceedings of the 2022 52nd Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN \u201922). DOI:10.1109\/DSN53405.2022.00026"},{"key":"e_1_3_3_163_2","volume-title":"Proceedings of the 2022 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW \u201922)","author":"Kim S.","year":"2022","unstructured":"S. Kim, J. Choi, M. E. Ahmed, S. Nepal, and H. Kim. 2022. VulDeBERT: A vulnerability detection system using BERT. In Proceedings of the 2022 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW \u201922). DOI:10.1109\/ISSREW55968.2022.00042"},{"key":"e_1_3_3_164_2","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2020.2984505"},{"key":"e_1_3_3_165_2","volume-title":"Proceedings of the 2019 6th International Conference on Internet of Things: Systems, Management, and Security (IOTSMS \u201919)","author":"Liao J.-W.","year":"2019","unstructured":"J.-W. Liao, T.-T. Tsai, C.-K. He, and C.-W. Tien. 2019. SoliAudit: Smart contract vulnerability assessment based on machine learning and fuzz testing. In Proceedings of the 2019 6th International Conference on Internet of Things: Systems, Management, and Security (IOTSMS \u201919). DOI:10.1109\/IOTSMS48152.2019.8939256"},{"key":"e_1_3_3_166_2","doi-asserted-by":"publisher","DOI":"10.1109\/TFUZZ.2019.2958558"},{"key":"e_1_3_3_167_2","volume-title":"Proceedings of the 3rd ACM International Symposium on Blockchain and Secure Critical Infrastructure (BSCI \u201921)","author":"Ashizawa N.","year":"2021","unstructured":"N. Ashizawa, N. Yanai, J. P. Cruz, and S. Okamura. 2021. Eth2Vec: Learning contract-wide code representations for vulnerability detection on Ethereum smart contracts. In Proceedings of the 3rd ACM International Symposium on Blockchain and Secure Critical Infrastructure (BSCI \u201921). DOI:10.1145\/3457337.3457841"},{"key":"e_1_3_3_168_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.jss.2017.11.001"},{"key":"e_1_3_3_169_2","unstructured":"D. Coimbra S. Reis R. Abreu C. P\u0103s\u0103reanu and H. Erdogmus. 2021. On using distributed representations of source code for the detection of C security vulnerabilities. arxiv:cs.CR\/2106.01367."},{"key":"e_1_3_3_170_2","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2019.2954088"},{"key":"e_1_3_3_171_2","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2020.3016774"},{"key":"e_1_3_3_172_2","volume-title":"Proceedings of the IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS \u201920)","author":"Feng H.","year":"2020","unstructured":"H. Feng, X. Fu, H. Sun, H. Wang, and Y. Zhang. 2020. Efficient vulnerability detection based on abstract syntax tree and deep learning. In Proceedings of the IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS \u201920). DOI:10.1109\/INFOCOMWKSHPS50562.2020.9163061"},{"key":"e_1_3_3_173_2","volume-title":"Proceedings of the IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS \u201922)","author":"Gu M.","year":"2022","unstructured":"M. Gu, H. Feng, H. Sun, P. Liu, Q. Yue, J. Hu, C. Cao, and Y. Zhang. 2022. Hierarchical attention network for interpretable and fine-grained vulnerability detection. In Proceedings of the IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS \u201922). DOI:10.1109\/INFOCOMWKSHPS54753.2022.9798297"},{"key":"e_1_3_3_174_2","volume-title":"Proceedings of the 2020 IEEE International Conference on Big Data (Big Data \u201920)","author":"Mao Y.","year":"2020","unstructured":"Y. Mao, Y. Li, J. Sun, and Y. Chen. 2020. Explainable software vulnerability detection based on attention-based bidirectional recurrent neural networks. In Proceedings of the 2020 IEEE International Conference on Big Data (Big Data \u201920). DOI:10.1109\/BigData50022.2020.9377803"},{"key":"e_1_3_3_175_2","volume-title":"Proceedings of the 2020 12th International Conference on Advanced Computational Intelligence (ICACI \u201920)","author":"He Y.","year":"2020","unstructured":"Y. He, H. Sun, and H. Feng. 2020. UA-Miner: Deep learning systems for expose unprotected API vulnerability in source code. In Proceedings of the 2020 12th International Conference on Advanced Computational Intelligence (ICACI \u201920). DOI:10.1109\/ICACI49185.2020.9177528"},{"key":"e_1_3_3_176_2","volume-title":"Proceedings of the 2019 17th International Conference on Privacy, Security, and Trust (PST \u201919)","author":"Momeni P.","year":"2019","unstructured":"P. Momeni, Y. Wang, and R. Samavi. 2019. Machine learning model for smart contracts security analysis. In Proceedings of the 2019 17th International Conference on Privacy, Security, and Trust (PST \u201919). DOI:10.1109\/PST47121.2019.8949045"},{"key":"e_1_3_3_177_2","volume-title":"Proceedings of the 2022 IEEE 8th International Conference on Big Data Security on Cloud (BigDataSecurity \u201922), the IEEE International Conference on High Performance and Smart Computing (HPSC \u201922), and the IEEE International Conference on Intelligent Data and Security (IDS \u201922)","author":"Yan X.","year":"2022","unstructured":"X. Yan, S. Wang, and K. Gai. 2022. A semantic analysis-based method for smart contract vulnerability. In Proceedings of the 2022 IEEE 8th International Conference on Big Data Security on Cloud (BigDataSecurity \u201922), the IEEE International Conference on High Performance and Smart Computing (HPSC \u201922), and the IEEE International Conference on Intelligent Data and Security (IDS \u201922). DOI:10.1109\/BigDataSecurityHPSCIDS54978.2022.00015"},{"key":"e_1_3_3_178_2","doi-asserted-by":"publisher","DOI":"10.1109\/TII.2019.2929739"},{"key":"e_1_3_3_179_2","volume-title":"Proceedings of the 2021 IEEE International Conference on Software Analysis, Evolution, and Reengineering (SANER \u201921)","author":"Zheng W.","year":"2021","unstructured":"W. Zheng, A. O. Abdallah Semasaba, X. Wu, S. A. Agyemang, T. Liu, and Y. Ge. 2021. Representation vs. model: What matters most for source code vulnerability detection. In Proceedings of the 2021 IEEE International Conference on Software Analysis, Evolution, and Reengineering (SANER \u201921). DOI:10.1109\/SANER50967.2021.00082"},{"key":"e_1_3_3_180_2","volume-title":"Proceedings of the 31st IEEE\/ACM International Conference on Automated Software Engineering (ASE \u201916)","author":"Ceccato M.","year":"2016","unstructured":"M. Ceccato, C. D. Nguyen, D. Appelt, and L. C. Briand. 2016. SOFIA: An automated security oracle for black-box testing of SQL-injection vulnerabilities. In Proceedings of the 31st IEEE\/ACM International Conference on Automated Software Engineering (ASE \u201916). DOI:10.1145\/2970276.2970343"},{"key":"e_1_3_3_181_2","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2020.3019282"},{"key":"e_1_3_3_182_2","volume-title":"Proceedings of the 2021 IEEE\/ACM 18th International Conference on Mining Software Repositories (MSR \u201921)","author":"Spirin E.","year":"2021","unstructured":"E. Spirin, E. Bogomolov, V. Kovalenko, and T. Bryksin. 2021. PSIMiner: A tool for mining rich abstract syntax trees from code. In Proceedings of the 2021 IEEE\/ACM 18th International Conference on Mining Software Repositories (MSR \u201921). DOI:10.1109\/MSR52588.2021.00014"},{"key":"e_1_3_3_183_2","doi-asserted-by":"crossref","unstructured":"U. Alon M. Zilberstein O. Levy and E. Yahav. 2018. code2vec: Learning distributed representations of code. arxiv:cs.LG\/1803.09473.","DOI":"10.1145\/3290353"},{"key":"e_1_3_3_184_2","volume-title":"Proceedings of the 5th International Workshop on Software Engineering and Middleware (SEM \u201905)","author":"Buehrer G.","year":"2005","unstructured":"G. Buehrer, B. W. Weide, and P. A. G. Sivilotti. 2005. Using parse tree validation to prevent SQL injection attacks. In Proceedings of the 5th International Workshop on Software Engineering and Middleware (SEM \u201905). DOI:10.1145\/1108473.1108496"},{"key":"e_1_3_3_185_2","volume-title":"Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security (CCS \u201917)","author":"Lin G.","year":"2017","unstructured":"G. Lin, J. Zhang, W. Luo, L. Pan, and Y. Xiang. 2017. POSTER: Vulnerability discovery with function representation learning from unlabeled projects. In Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security (CCS \u201917). DOI:10.1145\/3133956.3138840"},{"key":"e_1_3_3_186_2","volume-title":"Proceedings of the 27th Conference on Winter Simulation (WSC \u201995)","author":"Fritz D. G.","year":"1995","unstructured":"D. G. Fritz and R. G. Sargent. 1995. An overview of hierarchical control flow graph models. In Proceedings of the 27th Conference on Winter Simulation (WSC \u201995). DOI:10.1145\/224401.224819"},{"key":"e_1_3_3_187_2","volume-title":"Static and Dynamic Analysis of Programs That Contain Arbitrary Interprocedural Control Flow","author":"Sinha S.","year":"2002","unstructured":"S. Sinha. 2002. Static and Dynamic Analysis of Programs That Contain Arbitrary Interprocedural Control Flow. Ph.D. Dissertation. Georgia Institute of Technology. http:\/\/proxy.library.nd.edu\/login?url=https:\/\/www.proquest.com\/dissertations-theses\/static-dynamic-analysis-progams-that-contain\/docview\/305602235\/se-2"},{"key":"e_1_3_3_188_2","doi-asserted-by":"publisher","DOI":"10.1145\/24039.24041"},{"key":"e_1_3_3_189_2","doi-asserted-by":"publisher","DOI":"10.1145\/506315.506316"},{"issue":"4","key":"e_1_3_3_190_2","doi-asserted-by":"crossref","DOI":"10.1109\/TSE.1984.5010248","article-title":"Program slicing","author":"Weiser M.","year":"1984","unstructured":"M. Weiser. 1984. Program slicing. IEEE Transactions on Software Engineering4 (1984), 352\u2013357.","journal-title":"IEEE Transactions on Software Engineering"},{"key":"e_1_3_3_191_2","doi-asserted-by":"publisher","DOI":"10.1145\/3428301"},{"key":"e_1_3_3_192_2","doi-asserted-by":"crossref","unstructured":"B. Steffen J. Knoop and O. R\u00fcthing. 1990. The value flow graph: A program representation for optimal program transformations. In ESOP \u201990. Lecture Notes in Computer Science Vol. 432. Springer 389\u2013405. https:\/\/link.springer.com\/content\/pdf\/10.1007\/3-540-52592-0_76.pdf","DOI":"10.1007\/3-540-52592-0_76"},{"key":"e_1_3_3_193_2","doi-asserted-by":"publisher","DOI":"10.1145\/2660267.2660359"},{"key":"e_1_3_3_194_2","doi-asserted-by":"crossref","unstructured":"Y. Zhang X. Yu Z. Cui S. Wu Z. Wen and L. Wang. 2020. Every document owns its structure: Inductive text classification via graph neural networks. arxiv:cs.CL\/2004.13826.","DOI":"10.18653\/v1\/2020.acl-main.31"},{"key":"e_1_3_3_195_2","volume-title":"Proceedings of the 2022 IEEE 8th International Conference on Computer and Communications (ICCC \u201922)","author":"Xu T.","year":"2022","unstructured":"T. Xu and P. Zhou. 2022. Feature extraction for payload classification: A byte pair encoding algorithm. In Proceedings of the 2022 IEEE 8th International Conference on Computer and Communications (ICCC \u201922). DOI:10.1109\/ICCC56324.2022.10065977"},{"key":"e_1_3_3_196_2","doi-asserted-by":"crossref","unstructured":"T. Kudo and J. Richardson. 2018. SentencePiece: A simple and language independent subword tokenizer and detokenizer for neural text processing. arxiv:cs.CL\/1808.06226.https:\/\/arxiv.org\/abs\/1808.06226","DOI":"10.18653\/v1\/D18-2012"},{"key":"e_1_3_3_197_2","doi-asserted-by":"crossref","unstructured":"X. Song A. Salcianu Y. Song D. Dopson and D. Zhou. 2021. Fast WordPiece tokenization. arxiv:cs.CL\/2012.15524.https:\/\/arxiv.org\/abs\/2012.15524","DOI":"10.18653\/v1\/2021.emnlp-main.160"},{"key":"e_1_3_3_198_2","unstructured":"Q. V. Le and T. Mikolov. 2014. Distributed representations of sentences and documents. arxiv:cs.CL\/1405.4053."},{"key":"e_1_3_3_199_2","volume-title":"Proceedings of the 2017 IEEE International Conference on Cybernetics and Computational Intelligence (CyberneticsCom \u201917)","year":"2017","unstructured":"Meiliana, S. Karim, H. L. H. S. Warnars, F. L. Gaol, E. Abdurachman, and B. Soewito. 2017. Software metrics for fault prediction using machine learning approaches: A literature review with PROMISE repository dataset. In Proceedings of the 2017 IEEE International Conference on Cybernetics and Computational Intelligence (CyberneticsCom \u201917). DOI:10.1109\/CYBERNETICSCOM.2017.8311708"},{"key":"e_1_3_3_200_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.ins.2011.08.020"},{"key":"e_1_3_3_201_2","unstructured":"B. Min H. Ross E. Sulem A. P. B. Veyseh T. H. Nguyen O. Sainz E. Agirre I. Heinz and D. Roth. 2021. Recent advances in natural language processing via large pre-trained language models: A survey. arxiv:cs.CL\/2111.01243.https:\/\/arxiv.org\/abs\/2111.01243"},{"key":"e_1_3_3_202_2","volume-title":"The Rational Unified Process: An Introduction","author":"Kruchten P.","year":"2009","unstructured":"P. Kruchten. 2009. The Rational Unified Process: An Introduction. Addison-Wesley."},{"key":"e_1_3_3_203_2","unstructured":"Y. Gui Y. Wan H. Zhang H. Huang Y. Sui G. Xu Z. Shao and H. Jin. 2022. Cross-language binary-source code matching with intermediate representations. arxiv:cs.SE\/2201.07420.https:\/\/arxiv.org\/abs\/2201.07420"},{"key":"e_1_3_3_204_2","doi-asserted-by":"publisher","DOI":"10.1109\/tse.2022.3147265"},{"key":"e_1_3_3_205_2","doi-asserted-by":"crossref","unstructured":"Y. Chen Z. Ding L. Alowain X. Chen and D. Wagner. 2023. DiverseVul: A new vulnerable source code dataset for deep learning based vulnerability detection. arxiv:cs.CR\/2304.00409.","DOI":"10.1145\/3607199.3607242"},{"key":"e_1_3_3_206_2","doi-asserted-by":"crossref","unstructured":"R. L. Russell L. Kim L. H. Hamilton T. Lazovich J. A. Harer O. Ozdemir P. M. Ellingwood and M. W. McConley. 2018. Automated vulnerability detection in source code using deep representation learning. arxiv:cs.LG\/1807.04320.","DOI":"10.1109\/ICMLA.2018.00120"},{"key":"e_1_3_3_207_2","doi-asserted-by":"publisher","DOI":"10.1109\/MC.2012.345"},{"key":"e_1_3_3_208_2","volume-title":"Proceedings of the 2013 IEEE Symposium on Security and Privacy","author":"Szekeres L.","year":"2013","unstructured":"L. Szekeres, M. Payer, T. Wei, and D. Song. 2013. SoK: Eternal war in memory. In Proceedings of the 2013 IEEE Symposium on Security and Privacy. DOI:10.1109\/SP.2013.13"},{"key":"e_1_3_3_209_2","volume-title":"Proceedings of the 2022 IEEE International Conference on Software Analysis, Evolution, and Reengineering (SANER \u201922)","author":"Siow J. K.","year":"2022","unstructured":"J. K. Siow, S. Liu, X. Xie, G. Meng, and Y. Liu. 2022. Learning program semantics with code representations: An empirical study. In Proceedings of the 2022 IEEE International Conference on Software Analysis, Evolution, and Reengineering (SANER \u201922). DOI:10.1109\/SANER53432.2022.00073"},{"key":"e_1_3_3_210_2","unstructured":"Y. Hu A. Huber J. Anumula and S. Liu. 2019. Overcoming the vanishing gradient problem in plain recurrent networks. arxiv:cs.NE\/1801.06105."},{"key":"e_1_3_3_211_2","doi-asserted-by":"publisher","DOI":"10.1007\/s10664-008-9102-8"},{"key":"e_1_3_3_212_2","doi-asserted-by":"publisher","DOI":"10.1177\/001316446002000104"}],"container-title":["ACM Computing Surveys"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3721977","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3721977","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T01:09:48Z","timestamp":1750295388000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3721977"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,4,3]]},"references-count":211,"journal-issue":{"issue":"8","published-print":{"date-parts":[[2025,8,31]]}},"alternative-id":["10.1145\/3721977"],"URL":"https:\/\/doi.org\/10.1145\/3721977","relation":{},"ISSN":["0360-0300","1557-7341"],"issn-type":[{"value":"0360-0300","type":"print"},{"value":"1557-7341","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025,4,3]]},"assertion":[{"value":"2024-03-15","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2025-02-24","order":2,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2025-04-03","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}