Patchworking: Exploring the code changes induced by vulnerability fixing activities
暂无分享,去创建一个
Gerardo Canfora | Matias Martinez | Corrado Aaron Visaggio | Andrea Di Sorbo | Sara Forootani | G. Canfora | Matias Martinez | C. A. Visaggio | S. Forootani
[1] Andreas Zeller,et al. The impact of tangled code changes , 2013, 2013 10th Working Conference on Mining Software Repositories (MSR).
[2] Gregg Rothermel,et al. Whole program path-based dynamic impact analysis , 2003, 25th International Conference on Software Engineering, 2003. Proceedings..
[3] Gerardo Canfora,et al. Investigating the vulnerability fixing process in OSS projects: Peculiarities and challenges , 2020, Comput. Secur..
[4] Matias Martinez,et al. Coming: A Tool for Mining Change Pattern Instances from Git Commits , 2018, 2019 IEEE/ACM 41st International Conference on Software Engineering: Companion Proceedings (ICSE-Companion).
[5] Claire Le Goues,et al. Using a probabilistic model to predict bug fixes , 2018, 2018 IEEE 25th International Conference on Software Analysis, Evolution and Reengineering (SANER).
[6] Lionel C. Briand,et al. Using coupling measurement for impact analysis in object-oriented systems , 1999, Proceedings IEEE International Conference on Software Maintenance - 1999 (ICSM'99). 'Software Maintenance for Business Change' (Cat. No.99CB36360).
[7] Zhendong Su,et al. An Empirical Study on Real Bug Fixes , 2015, 2015 IEEE/ACM 37th IEEE International Conference on Software Engineering.
[8] Matias Martinez,et al. Fine-grained and accurate source code differencing , 2014, ASE.
[9] Rocco Oliveto,et al. Fixing of Security Vulnerabilities in Open Source Projects: A Case Study of Apache HTTP Server and Apache Tomcat , 2019, 2019 12th IEEE Conference on Software Testing, Validation and Verification (ICST).
[10] Corrado Aaron Visaggio,et al. Investigating the criticality of user‐reported issues through their relations with app rating , 2020, J. Softw. Evol. Process..
[11] Hareton K. N. Leung,et al. A survey of code‐based change impact analysis techniques , 2013, Softw. Test. Verification Reliab..
[12] James E. Tomayko,et al. The structural complexity of software an experimental test , 2005, IEEE Transactions on Software Engineering.
[13] Ahmed E. Hassan,et al. Security versus performance bugs: a case study on Firefox , 2011, MSR '11.
[14] Jacques Klein,et al. Profiling Android Vulnerabilities , 2016, 2016 IEEE International Conference on Software Quality, Reliability and Security (QRS).
[15] Alex X. Liu,et al. Large Scale Characterization of Software Vulnerability Life Cycles , 2020, IEEE Transactions on Dependable and Secure Computing.
[16] Veit Frick,et al. Understanding Software Changes: Extracting, Classifying, and Presenting Fine-Grained Source Code Changes , 2020, 2020 IEEE/ACM 42nd International Conference on Software Engineering: Companion Proceedings (ICSE-Companion).
[17] W. Kruskal,et al. Use of Ranks in One-Criterion Variance Analysis , 1952 .
[18] Hossain Shahriar,et al. Rule-Based Source Level Patching of Buffer Overflow Vulnerabilities , 2013, 2013 10th International Conference on Information Technology: New Generations.
[19] Andrew Meneely,et al. Do Bugs Foreshadow Vulnerabilities? A Study of the Chromium Project , 2015, 2015 IEEE/ACM 12th Working Conference on Mining Software Repositories.
[20] Robert H. Deng,et al. VuRLE: Automatic Vulnerability Detection and Repair by Learning from Examples , 2017, ESORICS.
[21] Syed Nadeem Ahsan,et al. Predicting bug inducing source code change patterns , 2016, 2016 International Conference on Open Source Systems & Technologies (ICOSST).
[22] Manishankar Mondal,et al. Associating Code Clones with Association Rules for Change Impact Analysis , 2020, 2020 IEEE 27th International Conference on Software Analysis, Evolution and Reengineering (SANER).
[23] Kazi Zakia Sultana,et al. A study examining relationships between micro patterns and security vulnerabilities , 2017, Software Quality Journal.
[24] Huzefa H. Kagdi,et al. Impact analysis of change requests on source code based on interaction and commit histories , 2014, MSR 2014.
[25] Gerardo Canfora,et al. Impact analysis by mining software and change request repositories , 2005, 11th IEEE International Software Metrics Symposium (METRICS'05).
[26] Kazi Zakia Sultana,et al. Correlation Analysis among Java Nano-Patterns and Software Vulnerabilities , 2017, 2017 IEEE 18th International Symposium on High Assurance Systems Engineering (HASE).
[27] H. Abdi. The Kendall Rank Correlation Coefficient , 2007 .
[28] Gabriele Bavota,et al. An Empirical Study on Android-Related Vulnerabilities , 2017, 2017 IEEE/ACM 14th International Conference on Mining Software Repositories (MSR).
[29] Claire Le Goues,et al. Automated program repair , 2019, Commun. ACM.
[30] Tao Ye,et al. An Empirical Study on Detecting and Fixing Buffer Overflow Bugs , 2016, 2016 IEEE International Conference on Software Testing, Verification and Validation (ICST).
[31] Tomasz Imielinski,et al. Mining association rules between sets of items in large databases , 1993, SIGMOD Conference.
[32] David Lie,et al. Talos: Neutralizing Vulnerabilities with Security Workarounds for Rapid Response , 2016, 2016 IEEE Symposium on Security and Privacy (SP).
[33] Michele Bezzi,et al. A Manually-Curated Dataset of Fixes to Vulnerabilities of Open-Source Software , 2019, 2019 IEEE/ACM 16th International Conference on Mining Software Repositories (MSR).
[34] Basel Katt,et al. Source Code Patterns of SQL Injection Vulnerabilities , 2017, ARES.
[35] Matias Martinez,et al. Mining software repair models for reasoning on the search space of automated program fixing , 2013, Empirical Software Engineering.
[36] Tibor Gyimóthy,et al. Using information retrieval based coupling measures for impact analysis , 2009, Empirical Software Engineering.
[37] Vern Paxson,et al. A Large-Scale Empirical Study of Security Patches , 2017, CCS.
[38] Yaqin Zhou,et al. Automated identification of security issues from commit messages and bug reports , 2017, ESEC/SIGSOFT FSE.
[39] Cleotilde Gonzalez,et al. Effects of cyber security knowledge on attack detection , 2015, Comput. Hum. Behav..
[40] Michele Bezzi,et al. A Practical Approach to the Automatic Classification of Security-Relevant Commits , 2018, 2018 IEEE International Conference on Software Maintenance and Evolution (ICSME).
[41] Shawn A. Bohner,et al. Impact analysis in the software change process: a year 2000 perspective , 1996, 1996 Proceedings of International Conference on Software Maintenance.
[42] M. Urbanchek,et al. The Seven Deadly Sins of Statistical Analysis , 1996, Annals of plastic surgery.
[43] Stefan Fenz,et al. Formalizing information security knowledge , 2009, ASIACCS '09.
[44] Václav Rajlich,et al. Incremental change in object-oriented programming , 2004, IEEE Software.
[45] Gerardo Canfora,et al. Summarizing vulnerabilities' descriptions to support experts during vulnerability assessment activities , 2019, J. Syst. Softw..
[46] S. Shapiro,et al. An Analysis of Variance Test for Normality (Complete Samples) , 1965 .
[47] Claire Le Goues,et al. GenProg: A Generic Method for Automatic Software Repair , 2012, IEEE Transactions on Software Engineering.
[48] Dongmei Zhang,et al. How do software engineers understand code changes?: an exploratory study in industry , 2012, SIGSOFT FSE.
[49] Ramakrishnan Srikant,et al. Fast Algorithms for Mining Association Rules in Large Databases , 1994, VLDB.
[50] Frank Tip,et al. Change impact analysis for object-oriented programs , 2001, PASTE '01.
[51] Yuanyuan Zhou,et al. Bug characteristics in open source software , 2013, Empirical Software Engineering.
[52] Giuliano Antoniol,et al. Identifying the starting impact set of a maintenance request: a case study , 2000, Proceedings of the Fourth European Conference on Software Maintenance and Reengineering.