{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,14]],"date-time":"2026-01-14T08:24:36Z","timestamp":1768379076570,"version":"3.49.0"},"reference-count":23,"publisher":"Springer Science and Business Media LLC","issue":"1","license":[{"start":{"date-parts":[[2026,1,14]],"date-time":"2026-01-14T00:00:00Z","timestamp":1768348800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2026,1,14]],"date-time":"2026-01-14T00:00:00Z","timestamp":1768348800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"funder":[{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["U23B2002"],"award-info":[{"award-number":["U23B2002"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["62272007"],"award-info":[{"award-number":["62272007"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Cybersecurity"],"abstract":"<jats:title>Abstract<\/jats:title>\n                  <jats:p>Although there are numerous advanced and well-established models and methods available for code auditing tasks, their interpretability remains a significant challenge. For machine learning models designed to address code auditing problems, we often know that they can identify vulnerable code but lack insight into their decision-making criteria or whether they have effectively captured the characteristics of vulnerable code. To evaluate the capability of such models in extracting vulnerability-related features, this paper proposes a method called Program-PLATE. By extending a single vulnerable file into a PLATE-dataset, this method enables a more objective assessment of the model\u2019s performance on the PLATE-dataset. We applied this method to evaluate multiple models, conducted an in-depth analysis based on the results, and provided suggestions and expectations for future research directions.<\/jats:p>","DOI":"10.1186\/s42400-025-00404-2","type":"journal-article","created":{"date-parts":[[2026,1,14]],"date-time":"2026-01-14T03:01:56Z","timestamp":1768359716000},"update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Program-plate: a method for identifying the ability to extract vulnerability features"],"prefix":"10.1186","volume":"9","author":[{"given":"Yifan","family":"Wang","sequence":"first","affiliation":[]},{"given":"Yanzhi","family":"Hou","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-8103-0468","authenticated-orcid":false,"given":"Bin","family":"Wu","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2026,1,14]]},"reference":[{"issue":"9","key":"404_CR1","doi-asserted-by":"publisher","first-page":"3280","DOI":"10.1109\/TSE.2021.3087402","volume":"48","author":"S Chakraborty","year":"2021","unstructured":"Chakraborty S, Krishna R, Ding Y, Ray B (2021) Deep learning based vulnerability detection: are we there yet? IEEE Trans Softw Eng 48(9):3280\u20133296","journal-title":"IEEE Trans Softw Eng"},{"key":"404_CR2","unstructured":"Checkmarx\/kics [source code]. https:\/\/github.com\/Checkmarx\/kics"},{"issue":"6","key":"404_CR3","doi-asserted-by":"publisher","first-page":"76","DOI":"10.1109\/MSP.2004.111","volume":"2","author":"B Chess","year":"2004","unstructured":"Chess B, McGraw G (2004) Static analysis for security. IEEE Secur Priv 2(6):76\u201379","journal-title":"IEEE Secur Priv"},{"issue":"3","key":"404_CR4","doi-asserted-by":"publisher","first-page":"985","DOI":"10.1007\/s11219-024-09675-3","volume":"32","author":"X Du","year":"2024","unstructured":"Du X, Liu Z, Li C, Ma X, Li Y, Wang X (2024) LLM-BRC: a large language model-based bug report classification framework. Softw Qual J 32(3):985\u20131005","journal-title":"Softw Qual J"},{"key":"404_CR5","unstructured":"Ferschke O, Gurevych I, Rittberger M (2012) Flawfinder: A modular system for predicting quality flaws in wikipedia. In: CLEF (Online Working Notes\/Labs\/Workshop), pp. 1\u201310"},{"key":"404_CR6","doi-asserted-by":"crossref","unstructured":"Fu M, Tantithamthavorn C (2022) Linevul: A transformer-based line-level vulnerability prediction. In: Proceedings of the 19th International Conference on Mining Software Repositories, pp. 608\u2013620","DOI":"10.1145\/3524842.3528452"},{"key":"404_CR7","doi-asserted-by":"publisher","unstructured":"Hin D, Kan A, Chen H, Babar MA (2022) Linevd: Statement-level vulnerability detection using graph neural networks. CoRR abs\/2203.05181 https:\/\/doi.org\/10.48550\/ARXIV.2203.05181. Accessed: 2024-12-04","DOI":"10.48550\/ARXIV.2203.05181"},{"key":"404_CR8","doi-asserted-by":"crossref","unstructured":"Jang J, Agrawal A, Brumley D (2012)Redebug: finding unpatched code clones in entire os distributions. In: 2012 IEEE Symposium on Security and Privacy, pp. 48\u201362. IEEE","DOI":"10.1109\/SP.2012.13"},{"key":"404_CR9","doi-asserted-by":"crossref","unstructured":"Jiang W, Wu B, Yu X, Xue R, Yu Z (2020) Restructured cloning vulnerability detection based on function semantic reserving and reiteration screening. In: European Symposium on Research in Computer Security, pp. 359\u2013376. Springer","DOI":"10.1007\/978-3-030-58951-6_18"},{"key":"404_CR10","doi-asserted-by":"crossref","unstructured":"Keltek M, Hu R, Sani MF, Li Z (2024) Lsast\u2013enhancing cybersecurity through llm-supported static application security testing. arXiv preprint arXiv:2409.15735","DOI":"10.1007\/978-3-031-92882-6_12"},{"key":"404_CR11","doi-asserted-by":"crossref","unstructured":"Kim S, Woo S, Lee H, Oh H (2017) Vuddy: A scalable approach for vulnerable code clone discovery. In: 2017 IEEE Symposium on Security and Privacy (SP), pp. 595\u2013614. IEEE","DOI":"10.1109\/SP.2017.62"},{"issue":"4","key":"404_CR12","doi-asserted-by":"publisher","first-page":"2244","DOI":"10.1109\/TDSC.2021.3051525","volume":"19","author":"Z Li","year":"2021","unstructured":"Li Z, Zou D, Xu S, Jin H, Zhu Y, Chen Z (2021) Sysevr: a framework for using deep learning to detect software vulnerabilities. IEEE Trans Dependable Secur Comput 19(4):2244\u20132258","journal-title":"IEEE Trans Dependable Secur Comput"},{"issue":"4","key":"404_CR13","doi-asserted-by":"publisher","first-page":"2821","DOI":"10.1109\/TDSC.2021.3076142","volume":"19","author":"Z Li","year":"2021","unstructured":"Li Z, Zou D, Xu S, Chen Z, Zhu Y, Jin H (2021) Vuldeelocator: a deep learning-based fine-grained vulnerability detector. IEEE Trans Depend Secur Comput 19(4):2821\u20132837","journal-title":"IEEE Trans Depend Secur Comput"},{"key":"404_CR14","doi-asserted-by":"crossref","unstructured":"Liu Z, Wei Q, Cao Y (2017) Vfdetect: A vulnerable code clone detection system based on vulnerability fingerprint. In: 2017 IEEE 3rd Information Technology and Mechatronics Engineering Conference (ITOEC), pp. 548\u2013553. IEEE","DOI":"10.1109\/ITOEC.2017.8122356"},{"key":"404_CR15","unstructured":"Li Y, Zhang T, Widyasari R, Tun YN, Nguyen HH, Bui T, Irsan IC, Cheng Y, Lan X, Ang HW, et al (2024) Cleanvul: Automatic function-level vulnerability detection in code commits using llm heuristics. arXiv preprint arXiv:2411.17274"},{"key":"404_CR16","doi-asserted-by":"crossref","unstructured":"Li Z, Zou D, Xu S, Jin H, Qi H, Hu J (2016) Vulpecker: an automated vulnerability detection system based on code similarity analysis. In: Proceedings of the 32nd Annual Conference on Computer Security Applications, pp. 201\u2013213","DOI":"10.1145\/2991079.2991102"},{"key":"404_CR17","doi-asserted-by":"crossref","unstructured":"Li Z, Zou D, Xu S, Ou X, Jin H, Wang S, Deng Z, Zhong Y (2018) Vuldeepecker: A deep learning-based system for vulnerability detection. arXiv preprint arXiv:1801.01681","DOI":"10.14722\/ndss.2018.23158"},{"key":"404_CR18","doi-asserted-by":"publisher","first-page":"130","DOI":"10.1016\/j.jss.2017.11.039","volume":"137","author":"MA Nishi","year":"2018","unstructured":"Nishi MA, Damevski K (2018) Scalable code clone detection and search based on adaptive prefix filtering. J Syst Softw 137:130\u2013142","journal-title":"J Syst Softw"},{"key":"404_CR19","doi-asserted-by":"crossref","unstructured":"Pham NH, Nguyen TT, Nguyen HA, Wang X, Nguyen AT, Nguyen TN (2010) Detecting recurring and similar software vulnerabilities. In: Proceedings of the 32nd ACM\/IEEE International Conference on Software Engineering 2:227\u2013230","DOI":"10.1145\/1810295.1810336"},{"key":"404_CR20","doi-asserted-by":"crossref","unstructured":"Sajnani H, Saini V, Svajlenko J, Roy CK, Lopes CV (2016) Sourcerercc: Scaling code clone detection to big-code. In: Proceedings of the 38th International Conference on Software Engineering, pp. 1157\u20131168","DOI":"10.1145\/2884781.2884877"},{"key":"404_CR21","unstructured":"Xiao Y, Chen B, Yu C, Xu Z, Yuan Z, Li F, Liu B, Liu Y, Huo W, Zou W, et al (2020) $$\\{$$MVP$$\\}$$: Detecting vulnerabilities using $$\\{$$Patch-Enhanced$$\\}$$ vulnerability signatures. In: 29th USENIX Security Symposium (USENIX Security 20), pp. 1165\u20131182"},{"issue":"11","key":"404_CR22","first-page":"2180","volume":"52","author":"L Zhen","year":"2018","unstructured":"Zhen L, Wu Zehui CY, Qiang W (2018) Software vulnerability code reuse detection method based on vulnerability fingerprint. J Zhejiang Univ Eng Edition 52(11):2180\u20132190","journal-title":"J Zhejiang Univ Eng Edition"},{"key":"404_CR23","unstructured":"Zhou Y, Liu S, Siow J, Du X, Liu Y (2019) Devign: Effective vulnerability identification by learning comprehensive program semantics via graph neural networks. Adv Neural Inform Process Syst 32"}],"container-title":["Cybersecurity"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1186\/s42400-025-00404-2.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1186\/s42400-025-00404-2","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1186\/s42400-025-00404-2.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,1,14]],"date-time":"2026-01-14T03:02:11Z","timestamp":1768359731000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1186\/s42400-025-00404-2"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2026,1,14]]},"references-count":23,"journal-issue":{"issue":"1","published-online":{"date-parts":[[2026,12]]}},"alternative-id":["404"],"URL":"https:\/\/doi.org\/10.1186\/s42400-025-00404-2","relation":{},"ISSN":["2523-3246"],"issn-type":[{"value":"2523-3246","type":"electronic"}],"subject":[],"published":{"date-parts":[[2026,1,14]]},"assertion":[{"value":"5 December 2024","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"22 March 2025","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"14 January 2026","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"The authors declare that they have no competing interests.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Competing interests"}}],"article-number":"13"}}