How security bugs are fixed and what can be improved : an empirical study with Mozilla

How security bugs are fixed and what can be improved : an empirical study with Mozilla

A bug is regarded as security related when it creates vulnerability in the software, which the malicious attackers could exploit to attack the system [1]. Security bugs widely exist in released software, and are serious threats to organizations, which can cause serious monetary loss and reputation d...

Full description

Saved in:

Bibliographic Details
Main Authors:	Sun, Xiaobing, Peng, Xin, Zhang, Kai, Liu, Yang, Cai, Yuanfang
Other Authors:	School of Computer Science and Engineering
Format:	Article
Language:	English
Published:	2021
Subjects:	Engineering::Computer science and engineering Deadlocks Security Bugs
Online Access:	https://hdl.handle.net/10356/151277
Tags:	Add Tag No Tags, Be the first to tag this record!
Institution:	Nanyang Technological University
Language:	English

Similar Items

Where should the bugs be fixed? More accurate information retrieval-based bug localization based on bug reports
by: ZHOU, Jian, et al.
Published: (2012)

Empirical evaluation of bug linking
by: BISSYANDE, Tegawende F., et al.
Published: (2013)

Software bug management from bug reports to bug signatures
by: SUN CHENGNIAN
Published: (2013)

How practitioners perceive automated bug report management techniques
by: ZOU, Weiqin, et al.
Published: (2020)

IFIX: Fixing concurrency bugs while they are introduced
by: WANG, Zan, et al.
Published: (2020)

Duplicate bug report detection: How far are we?
by: ZHANG, Ting, et al.
Published: (2023)

DigBug: Pre/post-processing operator selection for accurate bug localization
by: KIM, Kisub, et al.
Published: (2022)

Data quality matters: A case study on data label correctness for security bug report prediction
by: WU, Xiaoxue, et al.
Published: (2022)

An empirical study of bugs in software build systems
by: XIA, Xin, et al.
Published: (2013)

Bug characteristics in blockchain systems: A large-scale empirical study
by: WAN, Zhiyuan, et al.
Published: (2017)

High impact bug report identification with imbalanced learning strategies
by: YANG, Xinli, et al.
Published: (2017)

Learning to rank for bug report assignee recommendation
by: TIAN, Yuan, et al.
Published: (2016)

Mining software repositories for automatic software bug management from bug triaging to patch backporting
by: TIAN, Yuan
Published: (2017)

Adaptive randomized scheduling for concurrency bug detection
by: WANG, Zan, et al.
Published: (2019)

An effective change recommendation approach for supplementary bug fixes
by: XIA, Xin, et al.
Published: (2017)

To what extent could we detect field defects? An empirical study of false negatives in static bug finding tools
by: THUNG, Ferdian, et al.
Published: (2012)

The impact of bug localization based on crash report mining: A developers' perspective
by: MEDEIROS, Marcos, et al.
Published: (2024)

On deadlocks of exclusive AND-requests for resources
by: Tay, Y.C., et al.
Published: (2014)

Potential Biases in Bug Localization: Do they Matter?
by: Kochhar, Pavneet Singh, et al.
Published: (2014)

BugLocalizer: Integrated Tool Support for Bug Localization
by: THUNG, Ferdian, et al.
Published: (2014)

Cross-language bug localization
by: Xia, Xin, et al.
Published: (2014)

Predicting Effectiveness of IR-Based Bug Localization Techniques
by: LE, Tien-Duy B., et al.
Published: (2014)

Will this localization tool be effective for this bug? Mitigating the impact of unreliability of information retrieval based bug localization tools
by: LE, Tien-Duy B., et al.
Published: (2017)

To What Extent Could We Detect Field Defects? —An Empirical Study of False Negatives in Static Bug Finding Tools
by: Thung, Ferdian, et al.
Published: (2012)

On the influence of biases in bug localization: evaluation and benchmark
by: WIDYASARI, Ratnadira, et al.
Published: (2022)

BugsInPy: A database of existing bugs in Python programs to enable controlled testing and debugging studies
by: WIDYASARI, Ratnadira, et al.
Published: (2020)

To what extent could we detect field defects? An extended empirical study of false negatives in static bug finding tools
by: THUNG, Ferdian, et al.
Published: (2014)

PFix: Fixing concurrency bugs based on memory access patterns
by: LIN, Huarui, et al.
Published: (2018)

Context-based detection of clone-related bugs
by: JIANG, Lingxiao, et al.
Published: (2007)

DupFinder: Integrated tool support for duplicate bug report detection
by: THUNG, Ferdian, et al.
Published: (2014)

An expressive framework for verifying deadlock freedom
by: Le, D.-K., et al.
Published: (2014)

ELBlocker: Predicting blocking bugs with ensemble imbalance learning
by: XIA, Xin, et al.
Published: (2015)

Legion: Massively composing rankers for improved bug localization at Adobe
by: JARMAN, Darryl, et al.
Published: (2022)

Identifying Bug Signatures Using Discriminative Graph Mining
by: CHENG, Hong, et al.
Published: (2009)

An Empirical Study of Bug Fixing Rate
by: ZOU, Weiqin, et al.
Published: (2015)

Improving automated bug triaging with specialized topic model
by: XIA, Xin, et al.
Published: (2017)

Mining succinct predicated bug signatures
by: Sun, C., et al.
Published: (2014)

BOAT: An Experimental Platform for Researchers to Comparatively and Reproducibly Evaluate Bug Localization Techniques
by: WANG, Xinyu, et al.
Published: (2014)

On the unreliability of bug severity data
by: TIAN, Yuan, et al.
Published: (2015)

Information Retrieval and Spectrum Based Bug Localization: Better Together
by: LE, Tien-Duy B., et al.
Published: (2015)