The Secret Life of CVEs (MSR 2023 - Mining Challenge)

Dates to be announced Melbourne, Australia

co-located with ICSE 2023

Who

Piotr Przymus, Mikołaj Fejzer, Jakub Narębski, Krzysztof Stencel

Track

MSR 2023 Mining Challenge

Time Zone

The program is currently displayed in (GMT+11:00) Hobart.

Use conference time zone: (GMT+11:00) HobartSelect other time zone

The GMT offsets shown reflect the offsets at the moment of the conference.

Time Band

By setting a time band, the program will dim events that are outside this time window. This is useful for (virtual) conferences with a continuous program (with repeated sessions).
The time band will also limit the events that are included in the personal iCalendar subscription service.

Display full programSpecify a time band

Save

When

Tue 16 May 2023 10:02 - 10:08 at Meeting Room 110 - Mining Challenge Chair(s): Audris Mockus

Abstract

The Common Vulnerabilities and Exposures (CVEs) system is a reference method for documenting publicly known information security weaknesses and exposures. This paper presents a study of the lifetime of CVEs in software projects and the risk factors affecting their existence. The study uses survival analysis to examine how features of programming languages, projects and CVEs themselves impact the lifetime of CVEs. We suggest avenues for future research to investigate the effect of various factors on the resolution of vulnerabilities.

Link to Preprint

https://przymus.dev/papers/msr2023.pdf

Piotr Przymus

Nicolaus Copernicus University in Toruń

Poland

Mikołaj Fejzer

Nicolaus Copernicus University in Toruń

Poland

Jakub Narębski

Nicolaus Copernicus University in Toruń

Poland

Krzysztof Stencel

University of Warsaw

Poland

Time Zone

The program is currently displayed in (GMT+11:00) Hobart.

Use conference time zone: (GMT+11:00) HobartSelect other time zone

The GMT offsets shown reflect the offsets at the moment of the conference.

Time Band

Display full programSpecify a time band

Save

Session Program

Tue 16 May
Displayed time zone: Hobart change

09:50 - 10:30	Mining ChallengeMining Challenge at Meeting Room 110 Chair(s): Audris Mockus The University of Tennessee

09:50 6m Talk		An Empirical Study to Investigate Collaboration Among Developers in Open Source Software (OSS) Mining Challenge Weijie Sun University of Alberta, Samuel Iwuchukwu University of Alberta, Abdul Ali Bangash University of Alberta, Canada, Abram Hindle University of Alberta Pre-print
09:56 6m Talk		Insights into Female Contributions in Open-Source Projects Mining Challenge Arifa Islam Champa Idaho State University, Md Fazle Rabbi Idaho State University, Minhaz F. Zibran Idaho State University, Md Rakibul Islam University of Wisconsin - Eau Claire Pre-print
10:02 6m Talk		The Secret Life of CVEs Mining Challenge Piotr Przymus Nicolaus Copernicus University in Toruń, Mikołaj Fejzer Nicolaus Copernicus University in Toruń, Jakub Narębski Nicolaus Copernicus University in Toruń, Krzysztof Stencel University of Warsaw Pre-print
10:08 6m Talk		Evolution of the Practice of Software Testing in Java Projects Mining Challenge Anisha Islam Department of Computing Science, University of Alberta, Nipuni Tharushika Hewage Department of Computing Science, University of Alberta, Abdul Ali Bangash University of Alberta, Canada, Abram Hindle University of Alberta Pre-print
10:14 6m Talk		Keep the Ball Rolling: Analyzing Release Cadence in GitHub Projects Mining Challenge Oz Kilic Carleton University, Nathaniel Bowness University of Ottawa, Olga Baysal Carleton University Pre-print