TCSE logo 
 Sigsoft logo
Sustainability badge
Wed 30 Apr 2025 13:30 - 14:00 at Canada Hall 3 Poster Area - Wed Lunch Posters 13:30-14:00
Thu 1 May 2025 15:30 - 16:00 at Canada Hall 3 Poster Area - Thu Afternoon Break Posters 15:30-16:00
Fri 2 May 2025 17:15 - 17:22 at 213 - AI for Security 3 Chair(s): Tien N. Nguyen

Dormant open-source software (OSS) dependencies are no longer maintained or actively developed, their related code components are more vulnerable and error-prone since they can hardly keep up with evolving software dependents. Presently, their migration remains costly and challenging for practitioners. To tackle such a challenge, we intend to characterize, predict, and automatically migrate high-risk dormant OSS dependencies. Our pilot study of 4,945 Maven dependencies reveals over half of them are dormant, and 12.15% pose a high security risk. These high-risk dependencies can be predicted early based on their version release and usage characteristics. They are rarely migrated by developers, and simple one-to-one API migrations can be achieved with little context using Large Language Models (LLMs). Future research will be conducted on a more complete dataset, incorporate socio-technical features for improved high-risk prediction, and fine-tune a migration code generator.

Wed 30 Apr

Displayed time zone: Eastern Time (US & Canada) change

13:30 - 14:00
13:30
30m
Poster
Pattern-based Generation and Adaptation of Quantum WorkflowsQuantum
Research Track
Martin Beisel Institute of Architecture of Application Systems (IAAS), University of Stuttgart, Johanna Barzen University of Stuttgart, Frank Leymann University of Stuttgart, Lavinia Stiliadou Institute of Architecture of Application Systems (IAAS), University of Stuttgart, Daniel Vietz University of Stuttgart, Benjamin Weder Institute of Architecture of Application Systems (IAAS), University of Stuttgart
13:30
30m
Talk
Mole: Efficient Crash Reproduction in Android Applications With Enforcing Necessary UI Events
Journal-first Papers
Maryam Masoudian Sharif University of Technology, Hong Kong University of Science and Technology (HKUST), Heqing Huang City University of Hong Kong, Morteza Amini Sharif University of Technology, Charles Zhang Hong Kong University of Science and Technology
13:30
30m
Talk
Automated Testing Linguistic Capabilities of NLP Models
Journal-first Papers
Jaeseong Lee The University of Texas at Dallas, Simin Chen University of Texas at Dallas, Austin Mordahl University of Illinois Chicago, Cong Liu University of California, Riverside, Wei Yang UT Dallas, Shiyi Wei University of Texas at Dallas
13:30
30m
Poster
BSan: A Powerful Identifier-Based Hardware-Independent Memory Error Detector for COTS BinariesArtifact-FunctionalArtifact-Available
Research Track
Wen Zhang University of Georgia, Botang Xiao University of Georgia, Qingchen Kong University of Georgia, Le Guan University of Georgia, Wenwen Wang University of Georgia
13:30
30m
Talk
A Unit Proofing Framework for Code-level Verification: A Research AgendaFormal Methods
New Ideas and Emerging Results (NIER)
Paschal Amusuo Purdue University, Parth Vinod Patil Purdue University, Owen Cochell Michigan State University, Taylor Le Lievre Purdue University, James C. Davis Purdue University
Pre-print
13:30
30m
Talk
Listening to the Firehose: Sonifying Z3’s BehaviorArtifact-FunctionalArtifact-ReusableArtifact-AvailableFormal Methods
New Ideas and Emerging Results (NIER)
Finn Hackett University of British Columbia, Ivan Beschastnikh University of British Columbia
13:30
30m
Talk
Towards Early Warning and Migration of High-Risk Dormant Open-Source Software DependenciesSecurity
New Ideas and Emerging Results (NIER)
Zijie Huang Shanghai Key Laboratory of Computer Software Testing and Evaluation, Lizhi Cai Shanghai Key Laboratory of Computer Software Testing & Evaluating, Shanghai Software Center, Xuan Mao Department of Computer Science and Engineering, East China University of Science and Technology, Shanghai, China, Kang Yang Shanghai Key Laboratory of Computer Software Testing and Evaluating, Shanghai Development Center of Computer Software Technology
13:30
30m
Poster
SimClone: Detecting Tabular Data Clones using Value Similarity
Journal-first Papers
Xu Yang University of Manitoba, Gopi Krishnan Rajbahadur Centre for Software Excellence, Huawei, Canada, Dayi Lin Centre for Software Excellence, Huawei Canada, Shaowei Wang University of Manitoba, Zhen Ming (Jack) Jiang York University
13:30
30m
Talk
SolSearch: An LLM-Driven Framework for Efficient SAT-Solving Code GenerationFormal Methods
New Ideas and Emerging Results (NIER)
Junjie Sheng East China Normal University, Yanqiu Lin East China Normal University, Jiehao Wu East China Normal University, Yanhong Huang East China Normal University, Jianqi Shi East China Normal University, Min Zhang East China Normal University, Xiangfeng Wang East China Normal University

Thu 1 May

Displayed time zone: Eastern Time (US & Canada) change

15:30 - 16:00
15:30
30m
Talk
Mole: Efficient Crash Reproduction in Android Applications With Enforcing Necessary UI Events
Journal-first Papers
Maryam Masoudian Sharif University of Technology, Hong Kong University of Science and Technology (HKUST), Heqing Huang City University of Hong Kong, Morteza Amini Sharif University of Technology, Charles Zhang Hong Kong University of Science and Technology
15:30
30m
Talk
Best ends by the best means: ethical concerns in app reviews
Journal-first Papers
Neelam Tjikhoeri Vrije Universiteit Amsterdam, Lauren Olson Vrije Universiteit Amsterdam, Emitzá Guzmán Vrije Universiteit Amsterdam
15:30
30m
Talk
Shaken, Not Stirred. How Developers Like Their Amplified Tests
Journal-first Papers
Carolin Brandt TU Delft, Ali Khatami Delft University of Technology, Mairieli Wessel Radboud University, Andy Zaidman TU Delft
Pre-print
15:30
30m
Poster
BSan: A Powerful Identifier-Based Hardware-Independent Memory Error Detector for COTS BinariesArtifact-FunctionalArtifact-Available
Research Track
Wen Zhang University of Georgia, Botang Xiao University of Georgia, Qingchen Kong University of Georgia, Le Guan University of Georgia, Wenwen Wang University of Georgia
15:30
30m
Talk
Towards Early Warning and Migration of High-Risk Dormant Open-Source Software DependenciesSecurity
New Ideas and Emerging Results (NIER)
Zijie Huang Shanghai Key Laboratory of Computer Software Testing and Evaluation, Lizhi Cai Shanghai Key Laboratory of Computer Software Testing & Evaluating, Shanghai Software Center, Xuan Mao Department of Computer Science and Engineering, East China University of Science and Technology, Shanghai, China, Kang Yang Shanghai Key Laboratory of Computer Software Testing and Evaluating, Shanghai Development Center of Computer Software Technology
15:30
30m
Talk
Exploring User Privacy Awareness on GitHub: An Empirical Study
Journal-first Papers
Costanza Alfieri Università degli Studi dell'Aquila, Juri Di Rocco University of L'Aquila, Paola Inverardi Gran Sasso Science Institute, Phuong T. Nguyen University of L’Aquila
15:30
30m
Poster
SimClone: Detecting Tabular Data Clones using Value Similarity
Journal-first Papers
Xu Yang University of Manitoba, Gopi Krishnan Rajbahadur Centre for Software Excellence, Huawei, Canada, Dayi Lin Centre for Software Excellence, Huawei Canada, Shaowei Wang University of Manitoba, Zhen Ming (Jack) Jiang York University
15:30
30m
Talk
Strategies to Embed Human Values in Mobile Apps: What do End-Users and Practitioners Think?
SE in Society (SEIS)
Rifat Ara Shams CSIRO's Data61, Mojtaba Shahin RMIT University, Gillian Oliver Monash University, Jon Whittle CSIRO's Data61 and Monash University, Waqar Hussain Data61, CSIRO, Harsha Perera CSIRO's Data61, Arif Nurwidyantoro Universitas Gadjah Mada

Fri 2 May

Displayed time zone: Eastern Time (US & Canada) change

16:00 - 17:30
AI for Security 3Research Track / New Ideas and Emerging Results (NIER) at 213
Chair(s): Tien N. Nguyen University of Texas at Dallas
16:00
15m
Talk
GVI: Guided Vulnerability Imagination for Boosting Deep Vulnerability DetectorsSecurity
Research Track
Heng Yong Nanjing University, Zhong Li , Minxue Pan Nanjing University, Tian Zhang Nanjing University, Jianhua Zhao Nanjing University, China, Xuandong Li Nanjing University
16:15
15m
Talk
Decoding Secret Memorization in Code LLMs Through Token-Level CharacterizationSecurity
Research Track
Yuqing Nie Beijing University of Posts and Telecommunications, Chong Wang Nanyang Technological University, Kailong Wang Huazhong University of Science and Technology, Guoai Xu Harbin Institute of Technology, Shenzhen, Guosheng Xu Key Laboratory of Trustworthy Distributed Computing and Service (MoE), Beijing University of Posts and Telecommunications, Haoyu Wang Huazhong University of Science and Technology
16:30
15m
Talk
Are We Learning the Right Features? A Framework for Evaluating DL-Based Software Vulnerability Detection SolutionsSecurityArtifact-FunctionalArtifact-AvailableArtifact-Reusable
Research Track
Satyaki Das University of Southern California, Syeda Tasnim Fabiha University of Southern California, Saad Shafiq University of Southern California, Nenad Medvidović University of Southern California
Pre-print Media Attached File Attached
16:45
15m
Talk
Boosting Static Resource Leak Detection via LLM-based Resource-Oriented Intention InferenceSecurity
Research Track
Chong Wang Nanyang Technological University, Jianan Liu Fudan University, Xin Peng Fudan University, Yang Liu Nanyang Technological University, Yiling Lou Fudan University
17:00
15m
Talk
Weakly-supervised Log-based Anomaly Detection with Inexact Labels via Multi-instance LearningSecurity
Research Track
Minghua He Peking University, Tong Jia Institute for Artificial Intelligence, Peking University, Beijing, China, Chiming Duan Peking University, Huaqian Cai Peking University, Ying Li School of Software and Microelectronics, Peking University, Beijing, China, Gang Huang Peking University
17:15
7m
Talk
Towards Early Warning and Migration of High-Risk Dormant Open-Source Software DependenciesSecurity
New Ideas and Emerging Results (NIER)
Zijie Huang Shanghai Key Laboratory of Computer Software Testing and Evaluation, Lizhi Cai Shanghai Key Laboratory of Computer Software Testing & Evaluating, Shanghai Software Center, Xuan Mao Department of Computer Science and Engineering, East China University of Science and Technology, Shanghai, China, Kang Yang Shanghai Key Laboratory of Computer Software Testing and Evaluating, Shanghai Development Center of Computer Software Technology
:
:
:
: