{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,23]],"date-time":"2025-12-23T12:09:20Z","timestamp":1766491760419,"version":"3.48.0"},"publisher-location":"New York, NY, USA","reference-count":25,"publisher":"ACM","content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2025,6,17]]},"DOI":"10.1145\/3727967.3756842","type":"proceedings-article","created":{"date-parts":[[2025,12,23]],"date-time":"2025-12-23T11:53:17Z","timestamp":1766490797000},"page":"108-116","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":0,"title":["Towards the Machine Learning methods for recognizing the security gap patterns in the code - literature review"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-7596-0813","authenticated-orcid":false,"given":"Aneta","family":"Poniszewska-Maranda","sequence":"first","affiliation":[{"name":"Institute of Information Technology, Lodz University of Technology, Lodz, Poland"}]},{"ORCID":"https:\/\/orcid.org\/0009-0003-7766-7700","authenticated-orcid":false,"given":"Wojciech","family":"Krasnowski","sequence":"additional","affiliation":[{"name":"Institute of Information Technology, Lodz University of Technology, Lodz, Poland"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7640-5782","authenticated-orcid":false,"given":"Bozena","family":"Borowska","sequence":"additional","affiliation":[{"name":"Institute of Information Technology, Lodz University of Technology, Lodz, Poland"}]}],"member":"320","published-online":{"date-parts":[[2025,12,23]]},"reference":[{"key":"e_1_3_3_1_2_2","doi-asserted-by":"crossref","unstructured":"Mahyari A.: A Hierarchical Deep Neural Network for Detecting Lines of Codes with Vulnerabilities. In: 2022 IEEE 22nd International Conference on Software Quality Reliability and Security Companion (QRS-C) 2022.","DOI":"10.1109\/QRS-C57518.2022.00011"},{"key":"e_1_3_3_1_3_2","doi-asserted-by":"crossref","unstructured":"Peerzada B. and Kumar D.: Analyzing Software Vulnerabilities Using Machine Learning. In: Proc. of 9th International Conference on Reliability Infocom Technologies and Optimization (Trends & Future Directions) (ICRITO) 2021 pp. 1\u20134.","DOI":"10.1109\/ICRITO51393.2021.9596509"},{"key":"e_1_3_3_1_4_2","doi-asserted-by":"crossref","unstructured":"Russell R. L. Kim L. Hamilton L. H. Lazovich T. Harer J. A. Ozdemir O. Ellingwood P. M. and McConley M. W.: Automated Vulnerability Detection in Source Code Using Deep Representation Learning. In: arXiv:https:\/\/arXiv.org\/abs\/1807.04320 2018.","DOI":"10.1109\/ICMLA.2018.00120"},{"key":"e_1_3_3_1_5_2","doi-asserted-by":"crossref","unstructured":"Aota M. Kanehara H. Kubo M. Murata N. Sun B. and Takahashi T.: Automation of Vulnerability Classification from its Description using Machine Learning . In: Proceedings of 2020 IEEE Symposium on Computers and Communications (ISCC) 2020 pp. 1\u20137.","DOI":"10.1109\/ISCC50000.2020.9219568"},{"key":"e_1_3_3_1_6_2","doi-asserted-by":"crossref","unstructured":"Ferenc R. Hegedus P. Gyimesi P. Antal G. Ban D. and Gyimothy T.: Challenging Machine Learning Algorithms in Predicting Vulnerable JavaScript Functions. In: Proc. of IEEE\/ACM 7th International Workshop on Realizing Artificial Intelligence Synergies in Software Engineering (RAISE) Canada 2019 pp. 8\u201314.","DOI":"10.1109\/RAISE.2019.00010"},{"key":"e_1_3_3_1_7_2","unstructured":"Check Point Research: Check Point Research: 2023 \u2013 The year of Mega Ransomware attacks with unprecedented impact on global organizations. 2024 [Online]. https:\/\/blog.checkpoint.com\/research\/check-point-research-2023-the-year-of-mega-ransomwareattacks-with-unprecedented-impact-on-global-organizations\/."},{"key":"e_1_3_3_1_8_2","doi-asserted-by":"crossref","unstructured":"Ruggahakotuwa L. Rupasinghe L. and Abeygunawardhana P.: Code Vulnerability Identification and Code Improvement using Advanced Machine Learning. In: proceedings of International Conference on Advancements in Computing (ICAC) Sri Lanka 2019 pp. 186\u2013191.","DOI":"10.1109\/ICAC49085.2019.9103400"},{"key":"e_1_3_3_1_9_2","unstructured":"Kitchenham B. and Charters S. Guidelines for performing systematic literature reviews in software engineering. Technical Report EBSE 2007-001 Keele University and Durham University Joint Report. 2007."},{"key":"e_1_3_3_1_10_2","doi-asserted-by":"crossref","unstructured":"Zagane M. Abdi M. K. and Alenezi M.: Deep Learning for Software Vulnerabilities Detection Using Code Metrics. In: IEEE Access Vol. 8 2020 pp. 74562\u201374570.","DOI":"10.1109\/ACCESS.2020.2988557"},{"key":"e_1_3_3_1_11_2","unstructured":"Zhou Y. Liu S. Siow J. Du X. and Liu Y.: Devign: Effective Vulnerability Identification by Learning Comprehensive Program Semantics via Graph Neural Networks. In: NeurIPS 2019 pp. 10197\u201310207."},{"key":"e_1_3_3_1_12_2","doi-asserted-by":"crossref","unstructured":"Jia Y. Zhuang H. Lin Z. and Meng Y.: Machine Learning for Software Vulnerability Analysis: A Survey. In: Proceedings of IEEE Sixth International Conference on Data Science in Cyberspace (DSC) China 2021 pp. 396\u2013402.","DOI":"10.1109\/DSC53577.2021.00062"},{"key":"e_1_3_3_1_13_2","doi-asserted-by":"crossref","unstructured":"Ahmed S. J. and Taha D. B.: Machine Learning for Software Vulnerability Detection: A Survey. In: Proceedings of 8th International Conference on Contemporary Information Technology and Mathematics (ICCITM) Iraq 2022 pp. 66\u201372.","DOI":"10.1109\/ICCITM56309.2022.10031734"},{"key":"e_1_3_3_1_14_2","unstructured":"McAfee Labs: McAfee 2023 Threat Predictions: Evolution and Exploitation. Dec. 2022 [Online]. Available: https:\/\/www.mcafee.com\/blogs\/security-news\/mcafee-2023-threat-predictionsevolution-and-exploitation\/."},{"key":"e_1_3_3_1_15_2","doi-asserted-by":"crossref","unstructured":"Xue Y. Guo J. Zhang L. and Song H.: Message Passing Graph Neural Networks for Software Security Vulnerability Detection. In: Proc. of International Conference on Computer Network Electronic and Automation (ICCNEA) 2022 pp. 144\u2013148.","DOI":"10.1109\/ICCNEA57056.2022.00041"},{"key":"e_1_3_3_1_16_2","doi-asserted-by":"crossref","unstructured":"Chen Z. Kommrusch S. and Monperrus M.: Neural Transfer Learning for Repairing Security Vulnerabilities in C Code. In: IEEE Transactions on Software Engineering Vol. 49 no. 1 2023 pp. 147\u2013165.","DOI":"10.1109\/TSE.2022.3147265"},{"key":"e_1_3_3_1_17_2","unstructured":"OWASP Top Ten. [Online]. Available: https:\/\/owasp.org\/www-project-top-ten\/."},{"key":"e_1_3_3_1_18_2","doi-asserted-by":"crossref","unstructured":"Mandal D. and Kosesoy I.: Prediction of Software Security Vulnerabilities from Source Code Using Machine Learning Methods. In: Proc. of 2023 Innovations in Intelligent Systems and Applications Conference (ASYU) Turkiye 2023 pp. 1\u20136.","DOI":"10.1109\/ASYU58738.2023.10296747"},{"key":"e_1_3_3_1_19_2","unstructured":"Srinivasan S.: Ransomware Attack at Colonial Pipeline Company. 2023. [Online]. Available: https:\/\/www.hbs.edu\/faculty\/Pages\/item.aspx?num=63758."},{"key":"e_1_3_3_1_20_2","doi-asserted-by":"crossref","unstructured":"Kim M.: Research on Malware Detection System Using Artificial Intelligence. In: Proceedings of IEEE\/ACIS 7th International Conference on Big Data Cloud Computing and Data Science (BCD) Vietnam 2022 pp. 211\u2013213.","DOI":"10.1109\/BCD54882.2022.9900792"},{"key":"e_1_3_3_1_21_2","doi-asserted-by":"crossref","unstructured":"Li Z. Zou D. Xu S. Ou X. Jin H. Wang S. Deng Z. and Zhong Y.: VulDeePecker: A Deep Learning-Based System for Vulnerability Detection. In: arXiv:https:\/\/arXiv.org\/abs\/1801.01681 2018.","DOI":"10.14722\/ndss.2018.23158"},{"key":"e_1_3_3_1_22_2","doi-asserted-by":"crossref","unstructured":"Bilgin Z. Ersoy M. A. Soykan E. U. Tomur E. \u00c7omak P. and Kara\u00e7ay L.: Vulnerability Prediction From Source Code Using Machine Learning. In: IEEE Access Vol. 8 2020 pp. 150672\u2013150684.","DOI":"10.1109\/ACCESS.2020.3016774"},{"key":"e_1_3_3_1_23_2","doi-asserted-by":"crossref","unstructured":"Medeiros N. Ivaki N. Costa P. and Vieira M.: Vulnerable Code Detection Using Software Metrics and Machine Learning. In: IEEE Access Vol. 8 2020 pp. 219174\u2013219198.","DOI":"10.1109\/ACCESS.2020.3041181"},{"key":"e_1_3_3_1_24_2","doi-asserted-by":"crossref","unstructured":"Seas C. Fitzpatrick G. Hamilton J. A. and M. C. Carlisle M.C.: Automated Vulnerability Detection in Source Code Using Deep Representation Learning. In: Proceedings of IEEE 14th Annual Computing and Communication Workshop and Conference (CCWC) Las Vegas NV USA 2024 pp. 0484\u20130490.","DOI":"10.1109\/CCWC60891.2024.10427574"},{"key":"e_1_3_3_1_25_2","doi-asserted-by":"crossref","unstructured":"Xue Y. Guo J. Zhang L. and Song H.: Message Passing Graph Neural Networks for Software Security Vulnerability Detection. In: Proceedings of International Conference on Computer Network Electronic and Automation (ICCNEA) Xi\u2019an China 2022 pp. 144\u2013148.","DOI":"10.1109\/ICCNEA57056.2022.00041"},{"key":"e_1_3_3_1_26_2","doi-asserted-by":"crossref","unstructured":"Liang C. Wei Q. Jiang Z. Wang Y. and Du J.: A Source Code Vulnerability Detection Method Based on Adaptive Graph Neural Networks. In: Proceedings of 39th IEEE\/ACM International Conference on Automated Software Engineering Workshops Sacramento USA 2024 pp. 187\u2013196.","DOI":"10.1145\/3691621.3694950"}],"event":{"name":"EASE Companion '25: Evaluation and Assessment in Software Engineering","acronym":"EASE Companion '25","location":"Istanbul Turkiye"},"container-title":["Proceedings of the 2025 29th International Conference on Evaluation and Assessment in Software Engineering Companion"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3727967.3756842","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,12,23]],"date-time":"2025-12-23T12:07:44Z","timestamp":1766491664000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3727967.3756842"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,6,17]]},"references-count":25,"alternative-id":["10.1145\/3727967.3756842","10.1145\/3727967"],"URL":"https:\/\/doi.org\/10.1145\/3727967.3756842","relation":{},"subject":[],"published":{"date-parts":[[2025,6,17]]},"assertion":[{"value":"2025-12-23","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}