Collection of Security Papers

ICSE 2018

Collection of Security Papers

All
IEEE S&P
IEEE S&P
- 2024
- 2023
- 2022
- 2021
- 2020
- 2019
- 2018
- 2017
- 2016
- 2015
ACM CCS
ACM CCS
- 2023
- 2022
- 2021
- 2020
- 2019
- 2018
- 2017
- 2016
- 2015
USENIX Sec
USENIX Sec
- 2024
- 2023
- 2022
- 2021
- 2020
- 2019
- 2018
- 2017
- 2016
- 2015
NDSS
NDSS
- 2024
- 2023
- 2022
- 2021
- 2020
- 2019
- 2018
- 2017
- 2016
- 2015
ICSE
ICSE
- 2024
- 2023
- 2022
- 2021
- 2020
- 2019
- 2018
- 2017
- 2016
- 2015-1
- 2015-2
ISSTA
ISSTA
- 2024
- 2023
- 2022
- 2021
- 2020
- 2019
- 2018
- 2017
- 2016
- 2015

ICSE 2018

153 papers accepted.

Updated on 2023-09-08.

You can find the lastest information here.

Context-aware patch generation for better automated program repair.

Towards practical program repair with on-demand candidate generation.

A correlation study between automated program repair and test-suite metrics.

Do automated program repair techniques repair hard and important bugs?

Software protection on the go: a large-scale empirical study on mobile app obfuscation.

GUILeak: tracing privacy policy claims on user input data for Android applications.

Online app review analysis for identifying emerging issues.

EARMO: an energy-aware refactoring approach for mobile apps.

Neuro-symbolic program corrector for introductory programming assignments.

Automated localization for unreproducible builds.

Enlightened debugging.

Experiences and challenges in building a data intensive system for data migration.

Sentiment analysis for software engineering: how far can we go?

Identifying features in forks.

Roles and impacts of hands-on software architects in five industrial case studies.

Sentiment polarity detection for software development.

Semantic program repair using a reference implementation.

Automated repair of mobile friendly problems in web pages.

Static automated program repair for heap properties.

Overfitting in semantics-based automated program repair.

Studying the dialogue between users and developers of free apps in the google play store.

Automated reporting of GUI design violations for mobile apps.

Leveraging program analysis to reduce user-perceived latency in mobile applications.

Repairing crashes in Android apps.

Hybrid regression test selection.

Fine-grained test minimization.

FAST approaches to scalable similarity-based test case prioritization.

Towards refactoring-aware regression test selection.

Inheritance usage patterns in open-source systems.

Almost there: a study on quasi-contributors in open source software projects.

Analyzing a decade of Linux system calls.

To distribute or not to distribute?: why licensing bugs matter.

Augusto: exploiting popular functionalities for the generation of semantic GUI tests with Oracles.

Towards optimal concolic testing.

DeepTest: automated testing of deep-neural-network-driven autonomous cars.

Precise concolic unit testing of C programs using extended units and symbolic alarm filtering.

Spatio-temporal context reduction: a pointer-analysis-based static approach for detecting use-after-free vulnerabilities.

Program splicing.

Chopped symbolic execution.

Perses: syntax-guided program reduction.

Secure coding practices in Java: challenges and vulnerabilities.

EnMobile: entity-based characterization and analysis of mobile malware.

Model comprehension for security risk assessment: an empirical comparison of tabular vs. graphical representations.

Privacy by designers: software developers' privacy mindset.

Does the propagation of artifact changes across tasks reflect work dependencies?

Large-scale analysis of framework-specific exceptions in Android apps.

Effect sizes and their variance for AB/BA crossover design studies.

A large-scale empirical study on the effects of code obfuscations on Android apps and anti-malware products.

An empirical study on the interplay between semantic coupling and co-change of software classes.

DeFlaker: automatically detecting flaky tests.

DetReduce: minimizing Android GUI test suites for regression testing.

Time to clean your test objectives.

Prioritizing browser environments for web application test execution.

An empirical study of early access games on the steam platform.

Correctness attraction: a study of stability of software behavior under runtime perturbation.

On the diffuseness and the impact on maintainability of code smells: a large scale empirical investigation.

Accurate and efficient refactoring detection in commit history.

ENTRUST: engineering trustworthy self-adaptive software with dynamic assurance cases.

The good, the bad and the ugly: a study of security decisions in a cyber-physical systems game.

Lightweight, obfuscation-resilient detection and family identification of Android malware.

Are vulnerabilities discovered and resolved like other defects?

"Was my contribution fairly reviewed?": a framework to study the perception of fairness in modern code reviews.

Collaborative model-driven software engineering: a classification framework and a research map.

ChangeLocator: locate crash-inducing changes based on crash reports.

Are mutation scores correlated with real fault detection?: a large scale empirical study on the relationship between mutants and real faults.

Efficient sampling of SAT solutions for testing.

Are fix-inducing changes a moving target?: a longitudinal case study of just-in-time defect prediction.

Understanding developers' needs on deprecation as a language feature.

On the dichotomy of debugging behavior among programmers.

Measuring program comprehension: a large-scale field study with professionals.

Data scientists in software teams: state of the art and challenges.

Dataflow tunneling: mining inter-request data dependencies for request-based applications.

Launch-mode-aware context-sensitive activity transition analysis.

UFO: predictive concurrency use-after-free detection.

Collective program analysis.

Statistical learning of API fully qualified names in code snippets of online forums.

When not to comment: questions and tradeoffs with API documentation for C++ projects.

Deuce: a lightweight user interface for structured editing.

From UI design image to GUI skeleton: a neural machine translator to bootstrap mobile GUI implementation.

When testing meets code review: why and how developers review tests.

Redefining prioritization: continuous prioritization for continuous integration.

MAHAKIL: diversity based oversampling approach to alleviate the class imbalance issue in software defect prediction.

On the use of hidden Markov model to predict the time to fix bugs.

What makes a great manager of software engineers?

Older adults and hackathons: a qualitative study.

Does syntax highlighting help programming novices?

Do programmers work at night or during the weekend?

Multi-granular conflict and dependency analysis in software engineering based on graph transformation.

Self-hiding behavior in Android apps: detection and characterization.

The scent of a smell: an extensive comparison between textual and structural smells.

ConflictJS: finding and understanding conflicts between JavaScript libraries.

Debugging data flows in reactive programs.

Do you remember this source code?

Inferring hierarchical motifs from execution traces.

Identifying patch correctness in test-based program repair.

How not to structure your database-backed web applications: a study of performance bugs in the wild.

Speedoo: prioritizing performance optimization opportunities.

Empirical study on the discrepancy between performance testing results from virtual and physical environments.

The evolution of requirements practices in software startups.

Traceability in the wild: automatically augmenting incomplete trace links.

A temporal permission analysis and enforcement framework for Android.

Global-aware recommendations for repairing violations in exception handling.

RFC-directed differential testing of certificate validation in SSL/TLS implementations.

Symbolic verification of regular properties.

Metamorphic testing of RESTful web APIs.

Integrating technical debt management and software quality management processes: a framework and field tests.

Understanding the factors for fast answers in technical Q&A websites: an empirical study of four stack exchange websites.

Towards reusing hints from past fixes: an exploratory study on thousands of real samples.

Are code examples on an online Q&A forum reliable?: a study of API misuse on stack overflow.

Inference of development activities from interaction with uninstrumented applications.

A combinatorial approach for exposing off-nominal behaviors.

Identifying design problems in the source code: a grounded theory.

Predicting future developer behavior in the IDE using topic models.

Deep code search.

Augmenting and structuring user queries to support efficient free-form code search.

FaCoY: a code-to-code search engine.

Generalized data structure synthesis.

A graph solver for the automated generation of consistent domain-specific models.

Automatically finding bugs in a commercial cyber-physical system development tool chain with SLforge.

Context-aware conversational developer assistants.

Open source barriers to entry, revisited: a sociotechnical perspective.

Testing vision-based control systems using learnable evolutionary algorithms.

To preserve or not to preserve invalid solutions in search-based software engineering: a case study in software product lines.

Nemo: multi-criteria test-suite minimization with integer nonlinear programming.

Is "better data" better than "better data miners"?: on the benefits of tuning SMOTE for defect prediction.

Analyzing the effects of test driven development in GitHub.

A comparative study to benchmark cross-project defect prediction approaches.

MSeer: an advanced technique for locating multiple bugs in parallel.

Journal first presentation of an experience report on applying software testing academic results in industry: we need usable automated test generation.

CCAligner: a token based large-gap clone detector.

HireBuild: an automatic approach to history-driven repair of build scripts.

The road to live programming: insights from the practice.

Assessing the threat of untracked changes in software evolution.

Programming not only by example.

Goal-conflict likelihood assessment based on model counting.

A posteriori typing for model-driven engineering: concepts, analysis, and applications.

A static verification framework for message passing in Go using behavioural types.

Inferring and asserting distributed system invariants.

DroidStar: callback typestates for Android classes.

Debugging with intelligence via probabilistic inference.

Reducer-based construction of conditional verifiers.

Challenges and pitfalls on surveying evidence in the software engineering technical literature: an exploratory study with novices.

Statistical errors in software engineering experiments: a preliminary literature review.

Synthesizing qualitative research in software engineering: a critical review.

Automatic software repair: a survey.

Search-based test data generation for SQL queries.

Multi-objective integer programming approaches for solving optimal feature selection problem: a new perspective on multi-objective optimization problems in SBSE.

Automated refactoring of OCL constraints with search.

Automatically generating search heuristics for concolic testing.