English
Related papers

Related papers: A Quantitative Study of Security Bug Fixes of GitH…

200 papers

Software security is becoming a high priority for both large companies and start-ups alike due to the increasing potential for harm that vulnerabilities and breaches carry with them. However, attaining robust security assurance while…

Software Engineering · Computer Science 2019-08-06 David N. Palacio , Daniel McCrystal , Kevin Moran , Carlos Bernal-Cárdenas , Denys Poshyvanyk , Chris Shenefiel

Software vulnerabilities pose critical security and risk concerns for many software systems. Many techniques have been proposed to effectively assess and prioritize these vulnerabilities before they cause serious consequences. To evaluate…

Cryptography and Security · Computer Science 2024-09-25 Bonan Ruan , Jiahao Liu , Weibo Zhao , Zhenkai Liang

Forking is a common practice for developers when building upon on already existing projects. These forks create variants, which have a common code base but then evolve the code in different directions, which is specific to that forked…

Software Engineering · Computer Science 2022-08-09 Daigo Imamura , Takashi Ishio , Raula Gaikovina Kula , Kenichi Matsumoto

Software is often developed using versioned controlled software, such as Git, and hosted on centralized Web hosts, such as GitHub and GitLab. These Web hosted software repositories are made available to users in the form of traditional HTML…

Digital Libraries · Computer Science 2025-05-22 David Calano , Michele C. Weigle , Michael L. Nelson

The tremendous success of Deep Learning (DL) has significantly boosted the number of open-sourced DL frameworks hosted on GitHub. Among others, performance and accuracy bugs are critical factors that affect the reputation of these DL…

Software Engineering · Computer Science 2022-04-19 Guoming Long , Tao Chen

Are malicious repositories hiding under the educational label in GitHub? Recent studies have identified collections of GitHub repositories hosting malware source code with notable collaboration among the developers. Thus, analyzing GitHub…

Software Engineering · Computer Science 2024-03-08 Md Rayhanul Masud , Michalis Faloutsos

Reviewing source code from a security perspective has proven to be a difficult task. Indeed, previous research has shown that developers often miss even popular and easy-to-detect vulnerabilities during code review. Initial evidence…

Software Engineering · Computer Science 2022-02-15 Larissa Braz , Christian Aeberhard , Gül Çalikli , Alberto Bacchelli

In 2017, GitHub was the first online open source platform to show security alerts to its users. It has since introduced further security interventions to help developers improve the security of their open source software. In this study, we…

Cryptography and Security · Computer Science 2023-09-27 Felix Fischer , Jonas Höbenreich , Jens Grossklags

Machine learning-based software vulnerability detection requires high-quality datasets, which is essential for training effective models. To address challenges related to data label quality, diversity, and comprehensiveness, we constructed…

Software Engineering · Computer Science 2025-05-14 Chaomeng Lu , Tianyu Li , Toon Dehaene , Bert Lagaisse

GitHub hosts millions of software repositories, facilitating developers to contribute to many projects in multiple ways. Most of the information about the repositories is text-based in the form of stars, forks, commits, and so on. However,…

Software Engineering · Computer Science 2022-05-03 Akhila Sri Manasa Venigalla , Kowndinya Boyalakunta , Sridhar Chimalakonda

Open source software vulnerabilities pose significant security risks to downstream applications. While vulnerability databases provide valuable information for mitigation, many security patches are released silently in new commits of OSS…

Software Engineering · Computer Science 2025-03-27 Yiran Cheng , Ting Zhang , Lwin Khin Shar , Zhe Lang , David Lo , Shichao Lv , Dongliang Fang , Zhiqiang Shi , Limin Sun

Improved test case prioritization means that software developers can detect and fix more software faults sooner than usual. But is there one "best" prioritization algorithm? Or do different kinds of projects deserve special kinds of…

Software Engineering · Computer Science 2021-02-23 Xiao Ling , Rishabh Agrawal , Tim Menzies

Many open-source projects land security fixes in public repositories before shipping these patches to users. This paper presents attacks on such projects - taking Firefox as a case-study - that exploit patch metadata to efficiently search…

Cryptography and Security · Computer Science 2011-09-05 Adam Barth , Saung Li , Benjamin I. P. Rubinstein , Dawn Song

Background: Open source software has an increasing importance in modern software development. However, there is also a growing concern on the sustainability of such projects, which are usually managed by a small number of developers,…

Software Engineering · Computer Science 2019-01-31 Jailton Coelho , Marco Tulio Valente , Luciana L. Silva , Emad Shihab

We present a comprehensive dataset of Java vulnerability-fixing commits (VFCs) to advance research in Java vulnerability analysis. Our dataset, derived from thousands of open-source Java projects on GitHub, comprises two variants: JavaVFC…

Software Engineering · Computer Science 2024-09-10 Tan Bui , Yan Naing Tun , Yiran Cheng , Ivana Clairine Irsan , Ting Zhang , Hong Jin Kang

The National Vulnerability Disclosure Database is an invaluable source of information for security professionals and researchers. However, in some cases, a vulnerability report is initially published with incomplete information, a situation…

Cryptography and Security · Computer Science 2023-03-15 Kobra Khanmohammadi , Raphael Khoury

Security patches in open-source software, providing security fixes to identified vulnerabilities, are crucial in protecting against cyberattacks. Despite the National Vulnerability Database (NVD) publishes identified vulnerabilities, a vast…

Cryptography and Security · Computer Science 2021-06-08 Yaqin Zhou , Jing Kai Siow , Chenyu Wang , Shangqing Liu , Yang Liu

Understanding vulnerability propagation is essential for assessing how vulnerabilities spread across components of a software package. This supports more accurate impact analysis and enhances threat detection and mitigation. In this paper,…

Cryptography and Security · Computer Science 2026-04-21 Michael Robinson , Sajal Halder , Muhammad Ejaz Ahmed , Muhammad Ikram , Seyit Camtepe , Hyoungshick Kim

Software Bills of Material (SBOMs) are becoming a consolidated, often enforced by governmental regulations, way to describe software composition. However, based on recent studies, SBOMs suffer from limited support for their consumption and…

Software Engineering · Computer Science 2025-05-29 Davide Fucci , Massimiliano Di Penta , Simone Romano , Giuseppe Scanniello

The Web is replete with tutorial-style content on how to accomplish programming tasks. Unfortunately, even top-ranked tutorials suffer from severe security vulnerabilities, such as cross-site scripting (XSS), and SQL injection (SQLi).…

Cryptography and Security · Computer Science 2017-04-11 Tommi Unruh , Bhargava Shastry , Malte Skoruppa , Federico Maggi , Konrad Rieck , Jean-Pierre Seifert , Fabian Yamaguchi
‹ Prev 1 8 9 10 Next ›