Automated identification of libraries from vulnerability data-Reference-Cited by-同舟云学术

Automated identification of libraries from vulnerability data

Published:2020-06-27 Issue: Volume: Page:
ISSN:
Container-title:Proceedings of the ACM/IEEE 42nd International Conference on Software Engineering: Software Engineering in Practice
language:
Short-container-title:

Author:

Chen Yang¹,Santosa Andrew E.¹,Sharma Asankhaya¹,Lo David²

Affiliation:

1. Veracode

2. Singapore Management University

Funder

Ministry of Education - Singapore

Publisher

ACM

Link

https://dl.acm.org/doi/pdf/10.1145/3377813.3381360

Reference55 articles.

1. [n.d.]. Black Duck Software Composition Analysis. https://www.synopsys.com/software-integrity/security-testing/software-composition-analysis.html. [n.d.]. Black Duck Software Composition Analysis. https://www.synopsys.com/software-integrity/security-testing/software-composition-analysis.html.

2. [n.d.]. FastXML / PFastXML / PFastreXML - Fast and Accurate Tree Extreme Multi-label Classifier. https://github.com/refefer/fastxml. [n.d.]. FastXML / PFastXML / PFastreXML - Fast and Accurate Tree Extreme Multi-label Classifier. https://github.com/refefer/fastxml.

3. [n.d.]. Natural Language Toolkit. https://www.nltk.org/. [n.d.]. Natural Language Toolkit. https://www.nltk.org/.

4. [n.d.]. NVD - CVE-2011-0448. https://nvd.nist.gov/vuln/detail/CVE-2011-0448. [n.d.]. NVD - CVE-2011-0448. https://nvd.nist.gov/vuln/detail/CVE-2011-0448.

5. [n.d.]. NVD - CVE-2015-7318. https://nvd.nist.gov/vuln/detail/CVE-2015-7318. [n.d.]. NVD - CVE-2015-7318. https://nvd.nist.gov/vuln/detail/CVE-2015-7318.

Cited by 15 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Are We There Yet? Filling the Gap Between Binary Similarity Analysis and Binary Software Composition Analysis;2024 IEEE 9th European Symposium on Security and Privacy (EuroS&P);2024-07-08

2. Vulnerability Root Cause Function Locating For Java Vulnerabilities;Proceedings of the 2024 IEEE/ACM 46th International Conference on Software Engineering: Companion Proceedings;2024-04-14

3. Exploiting Library Vulnerability via Migration Based Automating Test Generation;Proceedings of the IEEE/ACM 46th International Conference on Software Engineering;2024-04-12

4. Identifying Affected Libraries and Their Ecosystems for Open Source Software Vulnerabilities;Proceedings of the IEEE/ACM 46th International Conference on Software Engineering;2024-04-12

5. Where is it? Tracing the Vulnerability-relevant Files from Vulnerability Reports;Proceedings of the IEEE/ACM 46th International Conference on Software Engineering;2024-04-12