ICPC 2025
Sun 27 - Mon 28 April 2025 Ottawa, Ontario, Canada
co-located with ICSE 2025

This program is tentative and subject to change.

Sun 27 Apr 2025 11:20 - 11:30 at 205 - Vulnerabilities, Technical Debt, Defects

Code cloning is a common practice in software development, but it poses significant security risks by propagating vulnerabilities across cloned segments. To address this challenge, we introduce srcVul, a scalable, precise detection approach that combines program slicing with Locality-Sensitive Hashing to identify vulnerable code clones and recommend patches. srcVul builds a database of vulnerability-related slices by analyzing known vulnerable programs and their corresponding patches, indexing each slice’s unique structural characteristics as a vulnerability slicing vector. During clone detection, srcVul efficiently matches slicing vectors from target programs with those in the database, recommending patches upon identifying similarities. Our evaluation of srcVul against three state-of-the-art vulnerable clone detectors demonstrates its accuracy, efficiency, and scalability, achieving 91% precision and 75% recall on established vulnerability databases and open-source repositories. These results highlight srcVul’s effectiveness in detecting complex vulnerability patterns across diverse codebases.

This program is tentative and subject to change.

Sun 27 Apr

Displayed time zone: Eastern Time (US & Canada) change

11:00 - 12:30
11:00
10m
Talk
CalmDroid: Core-Set Based Active Learning for Multi-Label Android Malware Detection
Research Track
Minhong Dong Tiangong University, Liyuan Liu Tiangong University, Mengting Zhang Tiangong University, Sen Chen Tianjin University, Wenying He Hebei University of Technology, Ze Wang Tiangong University, Yude Bai Tianjin University
11:10
10m
Talk
Towards Task-Harmonious Vulnerability Assessment based on LLM
Research Track
Zaixing Zhang Southeast University, Chang Jianming , Tianyuan Hu Southeast University, Lulu Wang Southeast University, Bixin Li Southeast University
11:20
10m
Talk
Slicing-Based Approach for Detecting and Patching Vulnerable Code Clones
Research Track
Hakam W. Alomari Miami University, Christopher Vendome Miami University, Himal Gyawali Miami University
11:30
6m
Talk
Revisiting Security Practices for GitHub Actions Workflows
Early Research Achievements (ERA)
Jiangnan Huang Radboud University, Bin Lin Radboud University
11:36
6m
Talk
Leveraging multi-task learning to improve the detection of SATD and vulnerability
Replications and Negative Results (RENE)
Barbara Russo Free University of Bolzano, Jorge Melegati Free University of Bozen-Bolzano, Moritz Mock Free University of Bozen-Bolzano
Pre-print
11:42
10m
Talk
Leveraging Context Information for Self-Admitted Technical Debt Detection
Research Track
Miki Yonekura Nara Institute of Science and Technology, Yutaro Kashiwa Nara Institute of Science and Technology, Bin Lin Radboud University, Kenji Fujiwara Nara Women’s University, Hajimu Iida Nara Institute of Science and Technology
11:52
6m
Talk
Personalized Code Readability Assessment: Are We There Yet?
Replications and Negative Results (RENE)
Antonio Vitale Politecnico di Torino, University of Molise, Emanuela Guglielmi University of Molise, Rocco Oliveto University of Molise, Simone Scalabrino University of Molise
11:58
6m
Talk
Automated Refactoring of Non-Idiomatic Python Code: A Differentiated Replication with LLMs
Replications and Negative Results (RENE)
Alessandro Midolo University of Sannio, Italy, Massimiliano Di Penta University of Sannio, Italy
Pre-print
12:04
10m
Research paper
Sonar: Detecting Logic Bugs in DBMS through Generating Semantic-aware Non-Optimizing Query
Research Track
Shiyang Ye Zhejiang University, Chao Ni Zhejiang University, Jue Wang Nanjing University, Qianqian Pang zhejang university, Xinrui Li School of Software Technology, Zhejiang University, xiaodanxu College of Computer Science and Technology, Zhejiang university
12:14
6m
Talk
A Study on Applying Large Language Models to Issue Classification
Replications and Negative Results (RENE)
Jueun Heo Gyeongsang National University, Seonah Lee Gyeongsang National University
12:20
10m
Live Q&A
Session's Discussion: "Vulnerabilities, Technical Debt, Defects"
Research Track

:
:
:
: