The Common Vulnerabilities and Exposures (CVEs) system is a reference method for documenting publicly known information security weaknesses and exposures. This paper presents a study of the lifetime of CVEs in software projects and the risk factors affecting their existence. The study uses survival analysis to examine how features of programming languages, projects and CVEs themselves impact the lifetime of CVEs. We suggest avenues for future research to investigate the effect of various factors on the resolution of vulnerabilities.
Tue 16 MayDisplayed time zone: Hobart change
Tue 16 May
Displayed time zone: Hobart change
09:50 - 10:30 | Mining ChallengeMining Challenge at Meeting Room 110 Chair(s): Audris Mockus The University of Tennessee | ||
09:50 6mTalk | An Empirical Study to Investigate Collaboration Among Developers in Open Source Software (OSS) Mining Challenge Weijie Sun University of Alberta, Samuel Iwuchukwu University of Alberta, Abdul Ali Bangash University of Alberta, Canada, Abram Hindle University of Alberta Pre-print | ||
09:56 6mTalk | Insights into Female Contributions in Open-Source Projects Mining Challenge Arifa Islam Champa Idaho State University, Md Fazle Rabbi Idaho State University, Minhaz F. Zibran Idaho State University, Md Rakibul Islam University of Wisconsin - Eau Claire Pre-print | ||
10:02 6mTalk | The Secret Life of CVEs Mining Challenge Piotr Przymus Nicolaus Copernicus University in Toruń, Mikołaj Fejzer Nicolaus Copernicus University in Toruń, Jakub Narębski Nicolaus Copernicus University in Toruń, Krzysztof Stencel University of Warsaw Pre-print | ||
10:08 6mTalk | Evolution of the Practice of Software Testing in Java Projects Mining Challenge Anisha Islam Department of Computing Science, University of Alberta, Nipuni Tharushika Hewage Department of Computing Science, University of Alberta, Abdul Ali Bangash University of Alberta, Canada, Abram Hindle University of Alberta Pre-print | ||
10:14 6mTalk | Keep the Ball Rolling: Analyzing Release Cadence in GitHub Projects Mining Challenge Oz Kilic Carleton University, Nathaniel Bowness University of Ottawa, Olga Baysal Carleton University Pre-print |