Filters








731 Hits in 8.9 sec

How security bugs are fixed and what can be improved: an empirical study with Mozilla

Xiaobing Sun, Xin Peng, Kai Zhang, Yang Liu, Yuanfang Cai
<span title="2018-12-17">2018</span> <i title="Springer Nature"> <a target="_blank" rel="noopener" href="https://fatcat.wiki/container/ikvx2lmj7rew7jpw4lygqgjpby" style="color: black;">Science China Information Sciences</a> </i> &nbsp;
To help developers fix security bugs more quickly and easily, there is a need to learn how security bugs are fixed in practice and how it can be improved by answering the following research questions.  ...  To answer these questions, we conducted an empirical study on bug fixing practices in Mozilla. We identified 1609 bugs between July 2005 and Aug 2015 that were marked as security bugs.  ... 
<span class="external-identifiers"> <a target="_blank" rel="external noopener noreferrer" href="https://doi.org/10.1007/s11432-017-9459-5">doi:10.1007/s11432-017-9459-5</a> <a target="_blank" rel="external noopener" href="https://fatcat.wiki/release/vxmbhdmuljbcbku27h2hsdauiq">fatcat:vxmbhdmuljbcbku27h2hsdauiq</a> </span>
<a target="_blank" rel="noopener" href="https://web.archive.org/web/20210802102553/https://www.sciengine.com/doi/pdf/528A27E5881D41CA93ED569BF3AD0840" title="fulltext PDF download" data-goatcounter-click="serp-fulltext" data-goatcounter-title="serp-fulltext"> <button class="ui simple right pointing dropdown compact black labeled icon button serp-button"> <i class="icon ia-icon"></i> Web Archive [PDF] <div class="menu fulltext-thumbnail"> <img src="https://blobs.fatcat.wiki/thumbnail/pdf/b4/f2/b4f2377fff1d8c3488cb8220f5465f2532c32b69.180px.jpg" alt="fulltext thumbnail" loading="lazy"> </div> </button> </a> <a target="_blank" rel="external noopener noreferrer" href="https://doi.org/10.1007/s11432-017-9459-5"> <button class="ui left aligned compact blue labeled icon button serp-button"> <i class="external alternate icon"></i> springer.com </button> </a>

Have things changed now?

Zhenmin Li, Lin Tan, Xuanhui Wang, Shan Lu, Yuanyuan Zhou, Chengxiang Zhai
<span title="">2006</span> <i title="ACM Press"> <a target="_blank" rel="noopener" href="https://fatcat.wiki/container/w47kezfuffdgvcobhv564rrlju" style="color: black;">Proceedings of the 1st workshop on Architectural and system support for improving software dependability - ASID &#39;06</a> </i> &nbsp;
with their full capacity; (3) semantic bugs are the dominant root causes, as they are application specific and difficult to fix, which suggests that more efforts should be put into detecting and fixing  ...  them; (4) security bugs are increasing, and the majority of them cause severe impacts.  ...  It is unclear how many reported bugs are related to security, and what types of securityrelated bugs there are, and how fast these security-related bugs are fixed. • New Software Development Paradigm:  ... 
<span class="external-identifiers"> <a target="_blank" rel="external noopener noreferrer" href="https://doi.org/10.1145/1181309.1181314">doi:10.1145/1181309.1181314</a> <a target="_blank" rel="external noopener" href="https://dblp.org/rec/conf/asplos/LiTWLZZ06.html">dblp:conf/asplos/LiTWLZZ06</a> <a target="_blank" rel="external noopener" href="https://fatcat.wiki/release/nfe3info3vcc7k22s6cuk3qfgq">fatcat:nfe3info3vcc7k22s6cuk3qfgq</a> </span>
<a target="_blank" rel="noopener" href="https://web.archive.org/web/20110401004557/http://pages.cs.wisc.edu/~shanlu/paper/bugchar_asid06.pdf" title="fulltext PDF download" data-goatcounter-click="serp-fulltext" data-goatcounter-title="serp-fulltext"> <button class="ui simple right pointing dropdown compact black labeled icon button serp-button"> <i class="icon ia-icon"></i> Web Archive [PDF] <div class="menu fulltext-thumbnail"> <img src="https://blobs.fatcat.wiki/thumbnail/pdf/e5/7b/e57b41cb06111b97f8fcaee676d39277a43177ca.180px.jpg" alt="fulltext thumbnail" loading="lazy"> </div> </button> </a> <a target="_blank" rel="external noopener noreferrer" href="https://doi.org/10.1145/1181309.1181314"> <button class="ui left aligned compact blue labeled icon button serp-button"> <i class="external alternate icon"></i> acm.org </button> </a>

An improved text classification modelling approach to identify security messages in heterogeneous projects

Tosin Daniel Oyetoyan, Patrick Morrison
<span title="2021-05-27">2021</span> <i title="Springer Science and Business Media LLC"> <a target="_blank" rel="noopener" href="https://fatcat.wiki/container/ebi7q3ex3rg5jft2nycpainznm" style="color: black;">Software quality journal</a> </i> &nbsp;
An average f-score between 3.4 and 88%, an average g-measure of at least 66% across all the dataset, and an average AUC of ROC from 69 to 89%.  ...  Further, our results outperform a state-of-the-art prediction model for security bug reports in all cases.  ...  How many security-related bugs are left unresolved? What is the average window-of-exposure (in days) for securityrelated issues in a project?  ... 
<span class="external-identifiers"> <a target="_blank" rel="external noopener noreferrer" href="https://doi.org/10.1007/s11219-020-09546-7">doi:10.1007/s11219-020-09546-7</a> <a target="_blank" rel="external noopener" href="https://fatcat.wiki/release/iwwyw7fehzcc5j3sy3vfk7qsvq">fatcat:iwwyw7fehzcc5j3sy3vfk7qsvq</a> </span>
<a target="_blank" rel="noopener" href="https://web.archive.org/web/20210717185635/https://link.springer.com/content/pdf/10.1007/s11219-020-09546-7.pdf?error=cookies_not_supported&amp;code=9e72672f-7c35-4439-a3f4-6bbc0e611e35" title="fulltext PDF download" data-goatcounter-click="serp-fulltext" data-goatcounter-title="serp-fulltext"> <button class="ui simple right pointing dropdown compact black labeled icon button serp-button"> <i class="icon ia-icon"></i> Web Archive [PDF] <div class="menu fulltext-thumbnail"> <img src="https://blobs.fatcat.wiki/thumbnail/pdf/7a/2c/7a2c36781b85ec5d5fe439940e57b093750cc515.180px.jpg" alt="fulltext thumbnail" loading="lazy"> </div> </button> </a> <a target="_blank" rel="external noopener noreferrer" href="https://doi.org/10.1007/s11219-020-09546-7"> <button class="ui left aligned compact blue labeled icon button serp-button"> <i class="unlock alternate icon" style="background-color: #fb971f;"></i> springer.com </button> </a>

Bug characteristics in open source software

Lin Tan, Chen Liu, Zhenmin Li, Xuanhui Wang, Yuanyuan Zhou, Chengxiang Zhai
<span title="2013-06-07">2013</span> <i title="Springer Nature"> <a target="_blank" rel="noopener" href="https://fatcat.wiki/container/73dwwe6bxbfctibeikedgeom3m" style="color: black;">Empirical Software Engineering</a> </i> &nbsp;
semantic bugs, suggesting more support to help developers diagnose and fix security bugs, especially semantic security bugs.  ...  We study software bug characteristics by sampling 2,060 real world bugs in three large, representative open-source projects-the Linux kernel, Mozilla, and Apache.  ...  grant, and an Intel gift grant.  ... 
<span class="external-identifiers"> <a target="_blank" rel="external noopener noreferrer" href="https://doi.org/10.1007/s10664-013-9258-8">doi:10.1007/s10664-013-9258-8</a> <a target="_blank" rel="external noopener" href="https://fatcat.wiki/release/qn4bo2dn35bapiqdhiayfciioa">fatcat:qn4bo2dn35bapiqdhiayfciioa</a> </span>
<a target="_blank" rel="noopener" href="https://web.archive.org/web/20170705063642/https://ece.uwaterloo.ca/%7Elintan/publications/bugchar-emse14.pdf" title="fulltext PDF download" data-goatcounter-click="serp-fulltext" data-goatcounter-title="serp-fulltext"> <button class="ui simple right pointing dropdown compact black labeled icon button serp-button"> <i class="icon ia-icon"></i> Web Archive [PDF] <div class="menu fulltext-thumbnail"> <img src="https://blobs.fatcat.wiki/thumbnail/pdf/7b/ce/7bce33d30484fd7169a9671dd9eae8732077e297.180px.jpg" alt="fulltext thumbnail" loading="lazy"> </div> </button> </a> <a target="_blank" rel="external noopener noreferrer" href="https://doi.org/10.1007/s10664-013-9258-8"> <button class="ui left aligned compact blue labeled icon button serp-button"> <i class="external alternate icon"></i> springer.com </button> </a>

Predicting vulnerable software components

Stephan Neuhaus, Thomas Zimmermann, Christian Holler, Andreas Zeller
<span title="">2007</span> <i title="ACM Press"> <a target="_blank" rel="noopener" href="https://fatcat.wiki/container/rau5643b7ncwvh74y6p64hntle" style="color: black;">Proceedings of the 14th ACM conference on Computer and communications security - CCS &#39;07</a> </i> &nbsp;
In an investigation of the Mozilla vulnerability history, we surprisingly found that components that had a single vulnerability in the past were generally not likely to have further vulnerabilities.  ...  Based on this observation, we were able to extend Vulture by a simple predictor that correctly predicts about half of all vulnerable components, and about two thirds of all predictions are correct.  ...  We also thank the Mozilla team for making their databases available. David Schuler and Andrzej Wasylkowski provided valuable feedback on earlier revisions of this paper.  ... 
<span class="external-identifiers"> <a target="_blank" rel="external noopener noreferrer" href="https://doi.org/10.1145/1315245.1315311">doi:10.1145/1315245.1315311</a> <a target="_blank" rel="external noopener" href="https://dblp.org/rec/conf/ccs/NeuhausZHZ07.html">dblp:conf/ccs/NeuhausZHZ07</a> <a target="_blank" rel="external noopener" href="https://fatcat.wiki/release/5ofehv7eprhdnlylkuivdksgwm">fatcat:5ofehv7eprhdnlylkuivdksgwm</a> </span>
<a target="_blank" rel="noopener" href="https://web.archive.org/web/20170706055203/https://www.st.cs.uni-saarland.de/publications/files/neuhaus-ccs-2007.pdf" title="fulltext PDF download" data-goatcounter-click="serp-fulltext" data-goatcounter-title="serp-fulltext"> <button class="ui simple right pointing dropdown compact black labeled icon button serp-button"> <i class="icon ia-icon"></i> Web Archive [PDF] <div class="menu fulltext-thumbnail"> <img src="https://blobs.fatcat.wiki/thumbnail/pdf/cf/a7/cfa753d16327b537aef614146639fdd73ca556a7.180px.jpg" alt="fulltext thumbnail" loading="lazy"> </div> </button> </a> <a target="_blank" rel="external noopener noreferrer" href="https://doi.org/10.1145/1315245.1315311"> <button class="ui left aligned compact blue labeled icon button serp-button"> <i class="external alternate icon"></i> acm.org </button> </a>

Discovering, reporting, and fixing performance bugs

Adrian Nistor, Tian Jiang, Lin Tan
<span title="">2013</span> <i title="IEEE"> <a target="_blank" rel="noopener" href="https://fatcat.wiki/container/vjelrzmdcvaydenhyicylh7bwa" style="color: black;">2013 10th Working Conference on Mining Software Repositories (MSR)</a> </i> &nbsp;
In this paper, we study how performance bugs are discovered, reported to developers, and fixed by developers, and compare the results with those for non-performance bugs.  ...  We study performance and non-performance bugs from three popular code bases: Eclipse JDT, Eclipse SWT, and Mozilla.  ...  ACKNOWLEDGMENTS We thank Jihun Park and Miryung Kim for providing the data from their study, Mitchell Jameson for helping with experiments, and Darko Marinov for his valuable discussion and feedback.  ... 
<span class="external-identifiers"> <a target="_blank" rel="external noopener noreferrer" href="https://doi.org/10.1109/msr.2013.6624035">doi:10.1109/msr.2013.6624035</a> <a target="_blank" rel="external noopener" href="https://dblp.org/rec/conf/msr/NistorJT13.html">dblp:conf/msr/NistorJT13</a> <a target="_blank" rel="external noopener" href="https://fatcat.wiki/release/jkfltqln4zdpti4fogpmbsp6ha">fatcat:jkfltqln4zdpti4fogpmbsp6ha</a> </span>
<a target="_blank" rel="noopener" href="https://web.archive.org/web/20170705063704/https://ece.uwaterloo.ca/%7Elintan/publications/perf-msr13-preprint.pdf" title="fulltext PDF download" data-goatcounter-click="serp-fulltext" data-goatcounter-title="serp-fulltext"> <button class="ui simple right pointing dropdown compact black labeled icon button serp-button"> <i class="icon ia-icon"></i> Web Archive [PDF] <div class="menu fulltext-thumbnail"> <img src="https://blobs.fatcat.wiki/thumbnail/pdf/c6/f0/c6f0db7d72101acf89e1690bfe77e88331c2c023.180px.jpg" alt="fulltext thumbnail" loading="lazy"> </div> </button> </a> <a target="_blank" rel="external noopener noreferrer" href="https://doi.org/10.1109/msr.2013.6624035"> <button class="ui left aligned compact blue labeled icon button serp-button"> <i class="external alternate icon"></i> ieee.com </button> </a>

Why are Some Bugs Non-Reproducible? : –An Empirical Investigation using Data Fusion–

Mohammad Masudur Rahman, Foutse Khomh, Marco Castelluccio
<span title="">2020</span> <i title="IEEE"> <a target="_blank" rel="noopener" href="https://fatcat.wiki/container/eqpb62kt7nhrfde7vi6wrw6wru" style="color: black;">2020 IEEE International Conference on Software Maintenance and Evolution (ICSME)</a> </i> &nbsp;
First, we perform an empirical study using 576 non-reproducible bug reports from two popular software systems (Firefox, Eclipse) and identify 11 key factors that might lead a reported bug to non-reproducibility  ...  Second, we conduct a user study involving 13 professional developers where we investigate how the developers cope with non-reproducible bugs.  ...  ACKNOWLEDGMENT This work was supported by Fonds de Recherche du Quebec (FRQ) and the Natural Sciences and Engineering Research Council of Canada (NSERC).  ... 
<span class="external-identifiers"> <a target="_blank" rel="external noopener noreferrer" href="https://doi.org/10.1109/icsme46990.2020.00063">doi:10.1109/icsme46990.2020.00063</a> <a target="_blank" rel="external noopener" href="https://dblp.org/rec/conf/icsm/0001KC20.html">dblp:conf/icsm/0001KC20</a> <a target="_blank" rel="external noopener" href="https://fatcat.wiki/release/3u5sxvrezrgbxfrgsszag77tcu">fatcat:3u5sxvrezrgbxfrgsszag77tcu</a> </span>
<a target="_blank" rel="noopener" href="https://web.archive.org/web/20210814094917/https://arxiv.org/pdf/2108.05316v1.pdf" title="fulltext PDF download [not primary version]" data-goatcounter-click="serp-fulltext" data-goatcounter-title="serp-fulltext"> <button class="ui simple right pointing dropdown compact black labeled icon button serp-button"> <i class="icon ia-icon"></i> Web Archive [PDF] <span style="color: #f43e3e;">&#10033;</span> <div class="menu fulltext-thumbnail"> <img src="https://blobs.fatcat.wiki/thumbnail/pdf/28/b6/28b6198718be5cf64c711220a0c54490c2b35e87.180px.jpg" alt="fulltext thumbnail" loading="lazy"> </div> </button> </a> <a target="_blank" rel="external noopener noreferrer" href="https://doi.org/10.1109/icsme46990.2020.00063"> <button class="ui left aligned compact blue labeled icon button serp-button"> <i class="external alternate icon"></i> ieee.com </button> </a>

An Empirical Analysis of Bug Reports and Bug Fixing in Open Source Android Apps

P. Bhattacharya, L. Ulanova, I. Neamtiu, S. C. Koduru
<span title="">2013</span> <i title="IEEE"> <a target="_blank" rel="noopener" href="https://fatcat.wiki/container/7bxtpp5fdjfohafns6t4goc57q" style="color: black;">2013 17th European Conference on Software Maintenance and Reengineering</a> </i> &nbsp;
Second, we show how differences in bug life-cycles can affect the bug-fix process.  ...  An essential step towards correcting this situation is understanding the nature of the bugs and bug-fixing processes associated with smartphone platforms and apps.  ...  This work was supported in part by the National Science Foundation awards CNS-1064646 and CCF-1149632.  ... 
<span class="external-identifiers"> <a target="_blank" rel="external noopener noreferrer" href="https://doi.org/10.1109/csmr.2013.23">doi:10.1109/csmr.2013.23</a> <a target="_blank" rel="external noopener" href="https://dblp.org/rec/conf/csmr/BhattacharyaUNK13.html">dblp:conf/csmr/BhattacharyaUNK13</a> <a target="_blank" rel="external noopener" href="https://fatcat.wiki/release/slu6f7aj4vf6lp7hbx33tbf3v4">fatcat:slu6f7aj4vf6lp7hbx33tbf3v4</a> </span>
<a target="_blank" rel="noopener" href="https://web.archive.org/web/20160220230526/http://www.cs.ucr.edu:80/~neamtiu/pubs/csmr13bhattacharya.pdf" title="fulltext PDF download" data-goatcounter-click="serp-fulltext" data-goatcounter-title="serp-fulltext"> <button class="ui simple right pointing dropdown compact black labeled icon button serp-button"> <i class="icon ia-icon"></i> Web Archive [PDF] <div class="menu fulltext-thumbnail"> <img src="https://blobs.fatcat.wiki/thumbnail/pdf/58/a7/58a7896835773a1d16873f0dd09a8ecd35715027.180px.jpg" alt="fulltext thumbnail" loading="lazy"> </div> </button> </a> <a target="_blank" rel="external noopener noreferrer" href="https://doi.org/10.1109/csmr.2013.23"> <button class="ui left aligned compact blue labeled icon button serp-button"> <i class="external alternate icon"></i> ieee.com </button> </a>

Understanding and detecting real-world performance bugs

Guoliang Jin, Linhai Song, Xiaoming Shi, Joel Scherpelz, Shan Lu
<span title="">2012</span> <i title="ACM Press"> <a target="_blank" rel="noopener" href="https://fatcat.wiki/container/jpubwsjaozha5itdes6pzyz2fm" style="color: black;">Proceedings of the 33rd ACM SIGPLAN conference on Programming Language Design and Implementation - PLDI &#39;12</a> </i> &nbsp;
The findings of this study provide guidance for future work to avoid, expose, detect, and fix performance bugs.  ...  This paper conducts a comprehensive study of 109 real-world performance bugs that are randomly sampled from five representative software suites (Apache, Chrome, GCC, Mozilla, and MySQL).  ...  Shan Lu is supported by a Claire Boothe Luce faculty fellowship, and her research group is supported by NSF under grants CCF-1018180 and CCF-1054616.  ... 
<span class="external-identifiers"> <a target="_blank" rel="external noopener noreferrer" href="https://doi.org/10.1145/2254064.2254075">doi:10.1145/2254064.2254075</a> <a target="_blank" rel="external noopener" href="https://dblp.org/rec/conf/pldi/JinSSSL12.html">dblp:conf/pldi/JinSSSL12</a> <a target="_blank" rel="external noopener" href="https://fatcat.wiki/release/dsftsykuvnextmzhquiqsm3rla">fatcat:dsftsykuvnextmzhquiqsm3rla</a> </span>
<a target="_blank" rel="noopener" href="https://web.archive.org/web/20120714015500/http://pages.cs.wisc.edu/~shanlu/paper/pldi118-jin.pdf" title="fulltext PDF download" data-goatcounter-click="serp-fulltext" data-goatcounter-title="serp-fulltext"> <button class="ui simple right pointing dropdown compact black labeled icon button serp-button"> <i class="icon ia-icon"></i> Web Archive [PDF] <div class="menu fulltext-thumbnail"> <img src="https://blobs.fatcat.wiki/thumbnail/pdf/6b/ec/6bec978f4293f64b6b56f99c87fa0b3cab90c7d4.180px.jpg" alt="fulltext thumbnail" loading="lazy"> </div> </button> </a> <a target="_blank" rel="external noopener noreferrer" href="https://doi.org/10.1145/2254064.2254075"> <button class="ui left aligned compact blue labeled icon button serp-button"> <i class="external alternate icon"></i> acm.org </button> </a>

Understanding and detecting real-world performance bugs

Guoliang Jin, Linhai Song, Xiaoming Shi, Joel Scherpelz, Shan Lu
<span title="2012-06-11">2012</span> <i title="Association for Computing Machinery (ACM)"> <a target="_blank" rel="noopener" href="https://fatcat.wiki/container/xu5bk2lj5rbdxlx6222nw7tsxi" style="color: black;">SIGPLAN notices</a> </i> &nbsp;
The findings of this study provide guidance for future work to avoid, expose, detect, and fix performance bugs.  ...  This paper conducts a comprehensive study of 109 real-world performance bugs that are randomly sampled from five representative software suites (Apache, Chrome, GCC, Mozilla, and MySQL).  ...  Shan Lu is supported by a Claire Boothe Luce faculty fellowship, and her research group is supported by NSF under grants CCF-1018180 and CCF-1054616.  ... 
<span class="external-identifiers"> <a target="_blank" rel="external noopener noreferrer" href="https://doi.org/10.1145/2345156.2254075">doi:10.1145/2345156.2254075</a> <a target="_blank" rel="external noopener" href="https://fatcat.wiki/release/edhhmrxkq5bxrhmtp5p6uzvtly">fatcat:edhhmrxkq5bxrhmtp5p6uzvtly</a> </span>
<a target="_blank" rel="noopener" href="https://web.archive.org/web/20120714015500/http://pages.cs.wisc.edu/~shanlu/paper/pldi118-jin.pdf" title="fulltext PDF download" data-goatcounter-click="serp-fulltext" data-goatcounter-title="serp-fulltext"> <button class="ui simple right pointing dropdown compact black labeled icon button serp-button"> <i class="icon ia-icon"></i> Web Archive [PDF] <div class="menu fulltext-thumbnail"> <img src="https://blobs.fatcat.wiki/thumbnail/pdf/6b/ec/6bec978f4293f64b6b56f99c87fa0b3cab90c7d4.180px.jpg" alt="fulltext thumbnail" loading="lazy"> </div> </button> </a> <a target="_blank" rel="external noopener noreferrer" href="https://doi.org/10.1145/2345156.2254075"> <button class="ui left aligned compact blue labeled icon button serp-button"> <i class="external alternate icon"></i> acm.org </button> </a>

Which is the right source for vulnerability studies?

Fabio Massacci, Viet Hung Nguyen
<span title="">2010</span> <i title="ACM Press"> Proceedings of the 6th International Workshop on Security Measurements and Metrics - MetriSec &#39;10 </i> &nbsp;
We provide an analytical comparison of different security metric papers and the relative data sources.  ...  Still, if the data sources do not completely capture the phenomenon we are interested in predicting, then our predictor might be optimal with respect to the data we have but unsatisfactory in practice.  ...  In case of bug fix, the description usually mentions the bug identifier with some special keyword such as Fixes, Fixed, or Bug.  ... 
<span class="external-identifiers"> <a target="_blank" rel="external noopener noreferrer" href="https://doi.org/10.1145/1853919.1853925">doi:10.1145/1853919.1853925</a> <a target="_blank" rel="external noopener" href="https://fatcat.wiki/release/cul7kftv45dubjxpichpdxlrj4">fatcat:cul7kftv45dubjxpichpdxlrj4</a> </span>
<a target="_blank" rel="noopener" href="https://web.archive.org/web/20170706032452/http://disi.unitn.it/~vhnguyen/pmwiki/uploads/Main/Publication/mass-nguyen-10-metrisec.pdf" title="fulltext PDF download" data-goatcounter-click="serp-fulltext" data-goatcounter-title="serp-fulltext"> <button class="ui simple right pointing dropdown compact black labeled icon button serp-button"> <i class="icon ia-icon"></i> Web Archive [PDF] <div class="menu fulltext-thumbnail"> <img src="https://blobs.fatcat.wiki/thumbnail/pdf/88/f2/88f21fc82f9d8fffd6b5ab5128a40fc0aea2c99e.180px.jpg" alt="fulltext thumbnail" loading="lazy"> </div> </button> </a> <a target="_blank" rel="external noopener noreferrer" href="https://doi.org/10.1145/1853919.1853925"> <button class="ui left aligned compact blue labeled icon button serp-button"> <i class="external alternate icon"></i> acm.org </button> </a>

Security versus performance bugs

Shahed Zaman, Bram Adams, Ahmed E. Hassan
<span title="">2011</span> <i title="ACM Press"> <a target="_blank" rel="noopener" href="https://fatcat.wiki/container/vjelrzmdcvaydenhyicylh7bwa" style="color: black;">Proceeding of the 8th working conference on Mining software repositories - MSR &#39;11</a> </i> &nbsp;
Through a case study on the Firefox project, we find that security bugs are fixed and triaged much faster, but are reopened and tossed more frequently.  ...  Our work is the first work to ever empirically study performance bugs and compare it to frequently-studied security bugs.  ...  bugs to CVS changes, and Stephen Thomas for his help with the LDA analysis.  ... 
<span class="external-identifiers"> <a target="_blank" rel="external noopener noreferrer" href="https://doi.org/10.1145/1985441.1985457">doi:10.1145/1985441.1985457</a> <a target="_blank" rel="external noopener" href="https://dblp.org/rec/conf/msr/ZamanAH11.html">dblp:conf/msr/ZamanAH11</a> <a target="_blank" rel="external noopener" href="https://fatcat.wiki/release/d22dvbtakzcotkkpedluzlhfjq">fatcat:d22dvbtakzcotkkpedluzlhfjq</a> </span>
<a target="_blank" rel="noopener" href="https://web.archive.org/web/20200322214920/https://sail.cs.queensu.ca/Downloads/MSR2011_SecurityVersusPerformanceBugs_ACaseStudyOnFirefox.pdf" title="fulltext PDF download" data-goatcounter-click="serp-fulltext" data-goatcounter-title="serp-fulltext"> <button class="ui simple right pointing dropdown compact black labeled icon button serp-button"> <i class="icon ia-icon"></i> Web Archive [PDF] <div class="menu fulltext-thumbnail"> <img src="https://blobs.fatcat.wiki/thumbnail/pdf/5b/1c/5b1ccd0692eccbc80944ec3d1e227eb2c3b0381c.180px.jpg" alt="fulltext thumbnail" loading="lazy"> </div> </button> </a> <a target="_blank" rel="external noopener noreferrer" href="https://doi.org/10.1145/1985441.1985457"> <button class="ui left aligned compact blue labeled icon button serp-button"> <i class="external alternate icon"></i> acm.org </button> </a>

Developer Dashboards: The Need for Qualitative Analytics

Olga Baysal, Reid Holmes, Michael W. Godfrey
<span title="">2013</span> <i title="Institute of Electrical and Electronics Engineers (IEEE)"> <a target="_blank" rel="noopener" href="https://fatcat.wiki/container/jhl2cbsylzbvrkralsnalz2dci" style="color: black;">IEEE Software</a> </i> &nbsp;
research study To understand how developers engage and interact with the Bugzilla issuetracking system, we performed a qualitative study of interviews with 20 core Mozilla developers. 4 The study captures  ...  Again, our study found that developers are interested in status but in a different way: they want to be able to quickly determine how their bugs have evolved recently.  ... 
<span class="external-identifiers"> <a target="_blank" rel="external noopener noreferrer" href="https://doi.org/10.1109/ms.2013.66">doi:10.1109/ms.2013.66</a> <a target="_blank" rel="external noopener" href="https://fatcat.wiki/release/dcadwuxssvbbbfvsf5h5ltwniy">fatcat:dcadwuxssvbbbfvsf5h5ltwniy</a> </span>
<a target="_blank" rel="noopener" href="https://web.archive.org/web/20170829065707/https://plg.uwaterloo.ca/~migod/papers/2013/ieeeSw-olgaReid-finalPreprint.pdf" title="fulltext PDF download" data-goatcounter-click="serp-fulltext" data-goatcounter-title="serp-fulltext"> <button class="ui simple right pointing dropdown compact black labeled icon button serp-button"> <i class="icon ia-icon"></i> Web Archive [PDF] <div class="menu fulltext-thumbnail"> <img src="https://blobs.fatcat.wiki/thumbnail/pdf/eb/c4/ebc4029ee5d97f9389c99cc71d17a1e3fa33ef79.180px.jpg" alt="fulltext thumbnail" loading="lazy"> </div> </button> </a> <a target="_blank" rel="external noopener noreferrer" href="https://doi.org/10.1109/ms.2013.66"> <button class="ui left aligned compact blue labeled icon button serp-button"> <i class="external alternate icon"></i> ieee.com </button> </a>

An Investigation into Inconsistency of Software Vulnerability Severity across Data Sources [article]

Roland Croft, M. Ali Babar, Li Li
<span title="2022-01-16">2022</span> <i > arXiv </i> &nbsp; <span class="release-stage" >pre-print</span>
Inconsistency across these data sources affects the reliability of severity assessment data, and can consequently impact SV prioritization and fixing.  ...  These insights can help developers better consider SV severity data sources, and improve the reliability of consequent SV prioritization.  ...  As Bugzilla reports received the least security consideration, due to their fast communication, we speculate that inconsistencies to the Mozilla Advisory can be associated with potential misjudgment.  ... 
<span class="external-identifiers"> <a target="_blank" rel="external noopener" href="https://arxiv.org/abs/2112.10356v2">arXiv:2112.10356v2</a> <a target="_blank" rel="external noopener" href="https://fatcat.wiki/release/anin6qolcbcntk7cd34ekcfbne">fatcat:anin6qolcbcntk7cd34ekcfbne</a> </span>
<a target="_blank" rel="noopener" href="https://web.archive.org/web/20220122052731/https://arxiv.org/pdf/2112.10356v2.pdf" title="fulltext PDF download" data-goatcounter-click="serp-fulltext" data-goatcounter-title="serp-fulltext"> <button class="ui simple right pointing dropdown compact black labeled icon button serp-button"> <i class="icon ia-icon"></i> Web Archive [PDF] <div class="menu fulltext-thumbnail"> <img src="https://blobs.fatcat.wiki/thumbnail/pdf/66/21/66212013c99f11104c86fbf86edd49f1b589dbcd.180px.jpg" alt="fulltext thumbnail" loading="lazy"> </div> </button> </a> <a target="_blank" rel="external noopener" href="https://arxiv.org/abs/2112.10356v2" title="arxiv.org access"> <button class="ui compact blue labeled icon button serp-button"> <i class="file alternate outline icon"></i> arxiv.org </button> </a>

IMPROVING THE PRECISION OF FLOW-SENSITIVE LIFETIME ANALYSIS

Gabor HORVATH, Department of Programming Languages and Compilers, Faculty of Informatics, Eotv ¨ os Lor ¨ and University, Budapest, Hungary, Norbert PATAKI
<span title="2020-01-21">2020</span> <i title="Technical University of Kosice, Faculty of Electrical Engineering and Informatics"> <a target="_blank" rel="noopener" href="https://fatcat.wiki/container/gcn3dkhcmvgonpiir7fltmkv6e" style="color: black;">Acta Electrotechnica et Informatica</a> </i> &nbsp;
Object lifetimes are a common source of bugs in C++ that can cause crashes, unexpected behavior, or even security vulnerabilities.  ...  The second one is a filter based on reaching definitions and dominance algorithms to remove reports that might be the result of analyzing infeasible paths.  ...  A study about the use of unsafe in Rust [19] argues that unsafe is often inevitable and its usage can introduce bugs into Rust code.  ... 
<span class="external-identifiers"> <a target="_blank" rel="external noopener noreferrer" href="https://doi.org/10.15546/aeei-2020-0020">doi:10.15546/aeei-2020-0020</a> <a target="_blank" rel="external noopener" href="https://fatcat.wiki/release/zxhea7rixvecfeq5pkwpce2hi4">fatcat:zxhea7rixvecfeq5pkwpce2hi4</a> </span>
<a target="_blank" rel="noopener" href="https://web.archive.org/web/20210128023329/http://www.aei.tuke.sk/papers/2020/4/02_Pataki.pdf" title="fulltext PDF download" data-goatcounter-click="serp-fulltext" data-goatcounter-title="serp-fulltext"> <button class="ui simple right pointing dropdown compact black labeled icon button serp-button"> <i class="icon ia-icon"></i> Web Archive [PDF] <div class="menu fulltext-thumbnail"> <img src="https://blobs.fatcat.wiki/thumbnail/pdf/e2/ce/e2ce183329c27e841b6fcd2d9b1162e8e1cd93e7.180px.jpg" alt="fulltext thumbnail" loading="lazy"> </div> </button> </a> <a target="_blank" rel="external noopener noreferrer" href="https://doi.org/10.15546/aeei-2020-0020"> <button class="ui left aligned compact blue labeled icon button serp-button"> <i class="unlock alternate icon" style="background-color: #fb971f;"></i> Publisher / doi.org </button> </a>
&laquo; Previous Showing results 1 &mdash; 15 out of 731 results