English
Related papers

Related papers: Systematization of Vulnerability Discovery Knowled…

200 papers

This paper presents results from the MSR 2021 Hackathon. Our team investigates files/projects that contain known security vulnerabilities and how widespread they are throughout repositories in open source software. These security…

Software Engineering · Computer Science 2021-03-24 David Reid , Kalvin Eng , Chris Bogart , Adam Tutko

Objective: To present an overview on the current state of the art concerning metrics-based quality evaluation of software components and component assemblies. Method: Comparison of several approaches available in the literature, using a…

Software Engineering · Computer Science 2011-10-03 Miguel Goulão , Fernando Brito e Abreu

In the past, several works have investigated ways for combining quantitative and qualitative methods in research assessment exercises. In this work, we aim at introducing a methodology to explore whether citation-based metrics, calculated…

Digital Libraries · Computer Science 2021-06-11 Federica Bologna , Angelo Di Iorio , Silvio Peroni , Francesco Poggi

In recent years, machine learning has demonstrated impressive results in various fields, including software vulnerability detection. Nonetheless, using machine learning to identify software vulnerabilities presents new challenges,…

Cryptography and Security · Computer Science 2025-08-22 Sima Arasteh , Christophe Hauser

While Machine Learning (ML) technologies are widely adopted in many mission critical fields to support intelligent decision-making, concerns remain about system resilience against ML-specific security attacks and privacy breaches as well as…

Machine Learning · Computer Science 2022-02-15 Pulei Xiong , Scott Buffett , Shahrear Iqbal , Philippe Lamontagne , Mohammad Mamun , Heather Molyneaux

Deep learning achieves remarkable performance on pattern recognition, but can be vulnerable to defects of some important properties such as robustness and security. This tutorial is based on a stream of research conducted since the summer…

Software Engineering · Computer Science 2021-08-05 Nicolas Berthier , Youcheng Sun , Wei Huang , Yanghao Zhang , Wenjie Ruan , Xiaowei Huang

A number of determinants predict the adoption of Information Systems (IS) security innovations. Amongst, perceived vulnerability of IS security threats has been examined in a number of past explorations. In this research, we examined the…

Cryptography and Security · Computer Science 2019-04-18 Mumtaz Abdul Hameed , Nalin Asanka Gamagedara Arachchilage

In the medical domain, a Systematic Literature Review (SLR) attempts to collect all empirical evidence, that fit pre-specified eligibility criteria, in order to answer a specific research question. The process of preparing an SLR consists…

Information Retrieval · Computer Science 2020-11-20 Athanasios Lagopoulos , Grigorios Tsoumakas

Background: Research software is software developed by and/or used by researchers, across a wide variety of domains, to perform their research. Because of the complexity of research software, developers cannot conduct exhaustive testing. As…

Software Engineering · Computer Science 2021-10-29 Nasir U. Eisty , Jeffrey C. Carver

Protocol detection is the process of determining the application layer protocol in the context of network security monitoring, which requires a timely and precise decision to enable protocol-specific deep packet inspection. This task has…

Networking and Internet Architecture · Computer Science 2019-12-10 Jan Grashöfer , Christian Titze , Hannes Hartenstein

This paper is an introductory discussion on the cause of open source software vulnerabilities, their importance in the cybersecurity ecosystem, and a selection of detection methods. A recent application security report showed 44% of…

Cryptography and Security · Computer Science 2022-03-31 Stuart Millar

Confusion over different kinds of secondary research, and their divergent purposes, is undermining the effectiveness and usefulness of secondary studies in software engineering. This short paper therefore explains the differences between ad…

Software Engineering · Computer Science 2022-09-07 Paul Ralph , Sebastian Baltes

This note concerns a search for publications in which the pragmatic concept of a test as conducted in the practice of software testing is formalized, a theory about software testing based on such a formalization is presented or it is…

Software Engineering · Computer Science 2010-08-17 C. A. Middelburg

Code Review consists in assessing the code written by teammates with the goal of increasing code quality. Empirical studies documented the benefits brought by such a practice that, however, has its cost to pay in terms of developers' time.…

Software Engineering · Computer Science 2025-03-13 Rosalia Tufano , Gabriele Bavota

Identifying vulnerable code is a precautionary measure to counter software security breaches. Tedious expert effort has been spent to build static analyzers, yet insecure patterns are barely fully enumerated. This work explores a deep…

Artificial Intelligence · Computer Science 2021-09-09 Yufan Zhuang , Sahil Suneja , Veronika Thost , Giacomo Domeniconi , Alessandro Morari , Jim Laredo

Code Review (CR) is the cornerstone for software quality assurance and a crucial practice for software development. As CR research matures, it can be difficult to keep track of the best practices and state-of-the-art in methodology,…

Software Engineering · Computer Science 2021-04-14 Dong Wang , Yuki Ueda , Raula Gaikovina Kula , Takashi Ishio , Kenichi Matsumoto

Deployment of network/distributed systems sets high requirements for procedures, tools and approaches for the complex testing of these systems. This work provides a survey of testing activities with regard to these systems based on…

Distributed, Parallel, and Cluster Computing · Computer Science 2015-04-28 Andrey A. Shchurov , Radek Marik , Vladimir A. Khlevnoy

An approach to the development of security test procedures for information security controls is presented. The recommendations for optimizing the test procedure are obtained

Cryptography and Security · Computer Science 2013-06-11 Alexander Barabanov , Maxim Grishin , Alexey Markov

In cybersecurity, vulnerability assessment has typically focused on identifying and measuring vulnerabilities within digital assets and technical infrastructures. However, there is growing recognition that this approach alone is inadequate…

The importance of security metrics can hardly be overstated. Despite the attention that has been paid by the academia, government and industry in the past decades, this important problem stubbornly remains open. In this survey, we present a…

Cryptography and Security · Computer Science 2016-01-25 Marcus Pendleton , Richard Garcia-Lebron , Shouhuai Xu