{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,8,2]],"date-time":"2025-08-02T19:01:35Z","timestamp":1754161295883,"version":"3.41.2"},"publisher-location":"New York, NY, USA","reference-count":25,"publisher":"ACM","content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2025,6,23]]},"DOI":"10.1145\/3696630.3728601","type":"proceedings-article","created":{"date-parts":[[2025,7,28]],"date-time":"2025-07-28T19:08:09Z","timestamp":1753729689000},"page":"1158-1162","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":0,"title":["KAVe: A Tool to Detect XSS and SQLi Vulnerabilities using a Multi-Agent System over a Multi-Layer Knowledge Graph"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-8676-800X","authenticated-orcid":false,"given":"Rafael","family":"Ramires","sequence":"first","affiliation":[{"name":"LASIGE, DI, Faculdade de Ciencias da Universidade de Lisboa, Lisbon, Portugal"},{"name":"University of Luxembourg, Luxembourg, Luxembourg"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-2758-7035","authenticated-orcid":false,"given":"Ana","family":"Resp\u00edcio","sequence":"additional","affiliation":[{"name":"LASIGE, DI, Faculdade de Ciencias da Universidade de Lisboa, Lisbon, Portugal"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-4478-8680","authenticated-orcid":false,"given":"Ib\u00e9ria","family":"Medeiros","sequence":"additional","affiliation":[{"name":"LASIGE, DI, Faculdade de Ciencias da Universidade de Lisboa, Lisbon, Portugal"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-1852-2547","authenticated-orcid":false,"given":"Mike","family":"Papadakis","sequence":"additional","affiliation":[{"name":"University of Luxembourg, Luxembourg, Luxembourg"}]}],"member":"320","published-online":{"date-parts":[[2025,7,28]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"Pieter J. Swart Aric A. Hagberg Daniel A. Schult. 2008. Exploring network structure dynamics and function using NetworkX. https:\/\/networkx.org\/"},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1109\/EuroSP.2017.14"},{"key":"e_1_3_2_1_3_1","unstructured":"The MITRE Corporation. 2023. Common Weakness Enumeration. https:\/\/cwe.mitre.org\/."},{"key":"e_1_3_2_1_4_1","unstructured":"CVE. 2023. CVE Details. https:\/\/www.cvedetails.com\/browse-by-date.php."},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2014.23262"},{"key":"e_1_3_2_1_6_1","article-title":"Insecure Software is Eating the World: Promoting Cybersecurity in an Age of Ubiquitous Software Embedded Systems","volume":"19","author":"Daley John","year":"2017","unstructured":"John Daley. 2017. Insecure Software is Eating the World: Promoting Cybersecurity in an Age of Ubiquitous Software Embedded Systems. Stanford Technology Law Review 19, 3 (2017).","journal-title":"Stanford Technology Law Review"},{"key":"e_1_3_2_1_7_1","first-page":"041022","article-title":"Mathematical formulation of multilayer networks","author":"Domenico Manlio De","year":"2013","unstructured":"Manlio De Domenico, Albert Sol\u00e9-Ribalta, Emanuele Cozzo, Mikko Kivel\u00e4, Yamir Moreno, Mason A Porter, Sergio G\u00f3mez, and Alex Arenas. 2013. Mathematical formulation of multilayer networks. Physical Review X 3, 4 (2013), 041022.","journal-title":"Physical Review"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1145\/24039.24041"},{"key":"e_1_3_2_1_9_1","unstructured":"OWASP Foundation. 2023. Open Web Application Security Project. https:\/\/www.owasp.org\/."},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2006.29"},{"key":"e_1_3_2_1_11_1","unstructured":"Kingthorin. 2023. SQL Injection. https:\/\/owasp.org\/www-community\/attacks\/SQL_Injection."},{"key":"e_1_3_2_1_12_1","unstructured":"KirstenS. 2023. Cross Site Scripting (XSS). https:\/\/owasp.org\/www-community\/attacks\/xss\/."},{"key":"e_1_3_2_1_13_1","unstructured":"Amit Klein. 2005. DOM Based Cross Site Scripting or XSS of the Third Kind. http:\/\/www.webappsec.org\/projects\/articles\/071105.shtml."},{"key":"e_1_3_2_1_14_1","unstructured":"Stephen Kost. 2007. An Introduction to SQL Injection Attacks for Oracle Developers."},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1109\/TR.2015.2457411"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.5220\/0009369900860096"},{"key":"e_1_3_2_1_17_1","volume-title":"NIST Software Assurance Reference Dataset (SARD). https:\/\/samate.nist.gov\/SARD Accessed","author":"National Institute of Standards and Technology (NIST). 2023.","year":"2023","unstructured":"National Institute of Standards and Technology (NIST). 2023. NIST Software Assurance Reference Dataset (SARD). https:\/\/samate.nist.gov\/SARD Accessed December 15, 2023."},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1109\/DSN.2015.16"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-91602-6_6"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"crossref","unstructured":"Rafael Ramires. 2024. KAVe: Knowledge-Based Multi-Agent System Vulnerability Detector. https:\/\/github.com\/rframires\/KAVe.git.","DOI":"10.1109\/ICWS62655.2024.00070"},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICWS62655.2024.00070"},{"volume-title":"State of Software Security","year":"2023","key":"e_1_3_2_1_22_1","unstructured":"Veracode. 2023. State of Software Security 2023. Annual Report on the State of Application Security. https:\/\/info.veracode.com\/rs\/790-ZKW-291\/images\/Veracode_State_of_Software_Security_2023.pdf."},{"key":"e_1_3_2_1_23_1","volume-title":"Mario Heiderich, Eduardo Alberto Vela Nava, and Jeff Williams.","author":"Wichers Dave","year":"2023","unstructured":"Dave Wichers, Arshan Dabirsiaghi, Stefano Di Paolo, Mario Heiderich, Eduardo Alberto Vela Nava, and Jeff Williams. 2023. Types of XSS. https:\/\/owasp.org\/www-community\/Types_of_Cross-Site_Scripting."},{"key":"e_1_3_2_1_24_1","unstructured":"Merijn Wijngaard. 2016. Dependence Analysis in PHP. http:\/\/www.scriptiesonline.uba.uva.nl\/618176"},{"volume-title":"Proceedings of the 2014 IEEE Symposium on Security and Privacy. 590\u2013604","author":"Yamaguchi F.","key":"e_1_3_2_1_25_1","unstructured":"F. Yamaguchi, N. Golde, D. Arp, and K. Rieck. 2014. Modeling and Discovering Vulnerabilities with Code Property Graphs. In Proceedings of the 2014 IEEE Symposium on Security and Privacy. 590\u2013604."}],"event":{"name":"FSE Companion '25: 33rd ACM International Conference on the Foundations of Software Engineering","sponsor":["SIGSOFT ACM Special Interest Group on Software Engineering"],"location":"Clarion Hotel Trondheim Trondheim Norway","acronym":"FSE Companion '25"},"container-title":["Proceedings of the 33rd ACM International Conference on the Foundations of Software Engineering"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3696630.3728601","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,7,28]],"date-time":"2025-07-28T19:08:54Z","timestamp":1753729734000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3696630.3728601"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,6,23]]},"references-count":25,"alternative-id":["10.1145\/3696630.3728601","10.1145\/3696630"],"URL":"https:\/\/doi.org\/10.1145\/3696630.3728601","relation":{},"subject":[],"published":{"date-parts":[[2025,6,23]]},"assertion":[{"value":"2025-07-28","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}