Collection of Security Papers

ICSE 2021

Collection of Security Papers

All
IEEE S&P
IEEE S&P
- 2024
- 2023
- 2022
- 2021
- 2020
- 2019
- 2018
- 2017
- 2016
- 2015
ACM CCS
ACM CCS
- 2023
- 2022
- 2021
- 2020
- 2019
- 2018
- 2017
- 2016
- 2015
USENIX Sec
USENIX Sec
- 2024
- 2023
- 2022
- 2021
- 2020
- 2019
- 2018
- 2017
- 2016
- 2015
NDSS
NDSS
- 2024
- 2023
- 2022
- 2021
- 2020
- 2019
- 2018
- 2017
- 2016
- 2015
ICSE
ICSE
- 2024
- 2023
- 2022
- 2021
- 2020
- 2019
- 2018
- 2017
- 2016
- 2015-1
- 2015-2
ISSTA
ISSTA
- 2024
- 2023
- 2022
- 2021
- 2020
- 2019
- 2018
- 2017
- 2016
- 2015

ICSE 2021

138 papers accepted.

Updated on 2023-09-08.

You can find the lastest information here.

Playing Planning Poker in Crowds: Human Computation of Software Effort Estimates.

JEST: N+1 -version Differential Testing of Both JavaScript Engines and Specification.

Unrealizable Cores for Reactive Systems Specifications.

Verifying Determinism in Sequential Programs.

Domain-Specific Fixes for Flaky Tests with Wrong Assumptions on Underdetermined Specifications.

Studying Test Annotation Maintenance in the Wild.

Semantic Patches for Adaptation of JavaScript Programs to Evolving Libraries.

DepOwl: Detecting Dependency Bugs to Prevent Compatibility Failures.

HERO: On the Chaos When PATH Meets Modules.

SOAR: A Synthesis Approach for Data Science API Refactoring.

Are Machine Learning Cloud APIs Used Correctly?

Siri, Write the Next Method.

Code Prediction by Feeding Trees to Transformers.

Towards Automating Code Review Activities.

Resource-Guided Configuration Space Reduction for Deep Learning Models.

An Evolutionary Study of Configuration Design and Implementation in Cloud Systems.

AutoCCAG: An Automated Approach to Constrained Covering Array Generation.

What helped, and what did not? An Evaluation of the Strategies to Improve Continuous Integration.

Distribution-Aware Testing of Neural Networks Using Generative Models.

An Empirical Study of Refactorings and Technical Debt in Machine Learning Systems.

DeepLocalize: Fault Localization for Deep Neural Networks.

DeepPayload: Black-box Backdoor Attack on Deep Learning Models through Neural Payload Injection.

Reducing DNN Properties to Enable Falsification with Adversarial Attacks.

Graph-based Fuzz Testing for Deep Learning Inference Engines.

RobOT: Robustness-Oriented Testing for Deep Learning Systems.

Scalable Quantitative Verification For Deep Neural Networks.

Traceability Transformed: Generating more Accurate Links with Pre-Trained BERT Models.

Operation is the hardest teacher: estimating DNN accuracy looking for mispredictions.

AUTOTRAINER: An Automatic DNN Training Problem Detection and Repair System.

Self-Checking Deep Neural Networks in Deployment.

Measuring Discrimination to Boost Comparative Testing for Multiple Deep Learning Models.

Prioritizing Test Inputs for Deep Neural Networks via Mutation Analysis.

Testing Machine Translation via Referential Transparency.

Automatic Web Testing Using Curiosity-Driven Reinforcement Learning.

Evaluating SZZ Implementations Through a Developer-informed Oracle.

Early Life Cycle Software Defect Prediction. Why? How?

IoT Bugs and Development Challenges.

How Developers Optimize Virtual Reality Applications: A Study of Optimization Commits in Open Source Unity Projects.

"Do this! Do that!, And nothing will happen" Do specifications lead to securely stored passwords?

Why Don't Developers Detect Improper Input Validation? '; DROP TABLE Papers; -.

The Mind Is a Powerful Place: How Showing Code Comprehensibility Metrics Influences Code Understanding.

Program Comprehension and Code Complexity Metrics: An fMRI Study.

Do you really code? Designing and Evaluating Screening Questions for Online Surveys with Programmers.

How Gamification Affects Software Developers: Cautionary Evidence from a Natural Experiment on GitHub.

IdBench: Evaluating Semantic Representations of Identifier Names in Source Code.

A Context-based Automated Approach for Method Name Consistency Checking and Suggestion.

On the Naming of Methods: A Survey of Professional Developers.

Relating Reading, Visualization, and Coding for New Programmers: A Neuroimaging Study.

A Case Study of Onboarding in Software Teams: Tasks and Strategies.

"How Was Your Weekend?" Software Development Teams Working From Home During COVID-19.

FLACK: Counterexample-Guided Fault Localization for Alloy Models.

Improving Fault Localization by Integrating Value and Predicate Based Causal Inference Techniques.

Fault Localization with Code Coverage Representation Learning.

An Empirical Study on Deployment Faults of Deep Learning Based Mobile Applications.

Extracting Concise Bug-Fixing Patches from Human-Written Patches in Version Control Systems.

Input Algebras.

Fuzzing Symbolic Expressions.

Growing A Test Corpus with Bonsai Fuzzing.

We'll Fix It in Post: What Do Bug Fixes in Video Game Update Notes Tell Us?

GUIGAN: Learning to Generate GUI Designs Using Generative Adversarial Networks.

Don't Do That! Hunting Down Visual Design Smells in Complex UIs against Design Guidelines.

Same File, Different Changes: The Potential of Meta-Maintenance on GitHub.

Can Program Synthesis be Used to Learn Merge Conflict Resolutions? An Empirical Analysis.

Abacus: Precise Side-Channel Analysis.

Data-Driven Synthesis of Provably Sound Side Channel Analyses.

IMGDroid: Detecting Image Loading Defects in Android Applications.

Fast Parametric Model Checking through Model Fragmentation.

Trace-Checking CPS Properties: Bridging the Cyber-Physical Gap.

Centris: A Precise and Scalable Approach for Identifying Modified Open-Source Software Reuse.

Interpretation-enabled Software Reuse Detection Based on a Multi-Level Birthmark Model.

Fast Outage Analysis of Large-scale Production Clouds with Service Correlation Mining.

MuDelta: Delta-Oriented Mutation Testing at Commit Time.

Does mutation testing improve testing practices?

Identifying Key Features from App User Reviews.

CHAMP: Characterizing Undesired App Behaviors from User Comments based on Market Policies.

Prioritize Crowdsourced Test Reports via Deep Screenshot Understanding.

It Takes Two to TANGO: Combining Visual and Textual Information for Detecting Duplicate Video-Based Bug Reports.

What Makes a Great Maintainer of Open Source Projects?

Representation of Developer Expertise in Open Source Software.

Extracting Rationale for Open Source Software Development Decisions - A Study of Python Email Archives.

Onboarding vs. Diversity, Productivity, and Quality - Empirical Study of the OpenStack Ecosystem.

The Shifting Sands of Motivation: Revisiting What Drives Contributors in Open Source.

White-Box Performance-Influence Models: A Profiling and Learning Approach.

White-Box Analysis over Machine Learning: Modeling Performance of Configurable Systems.

An Empirical Assessment of Global COVID-19 Contact Tracing Applications.

Sustainable Solving: Reducing The Memory Footprint of IFDS-Based Data Flow Analyses Using Intelligent Garbage Collection.

Synthesizing Object State Transformers for Dynamic Software Updates.

Fast and Precise On-the-fly Patch Validation for All.

Bounded Exhaustive Search of Alloy Specification Repairs.

Shipwright: A Human-in-the-Loop System for Dockerfile Repair.

CURE: Code-Aware Neural Machine Translation for Automatic Program Repair.

A Differential Testing Approach for Evaluating Abstract Syntax Tree Mapping Algorithms.

InferCode: Self-Supervised Learning of Code Representations by Predicting Subtrees.

Efficient Compiler Autotuning via Bayesian Optimization.

EvoSpex: An Evolutionary Algorithm for Learning Postconditions.

Interface Compliance of Inline Assembly: Automatically Check, Patch and Refine.

Enabling Software Resilience in GPGPU Applications via Partial Thread Protection.

Automatic Extraction of Opinion-based Q&A from Online Developer Chats.

Automated Query Reformulation for Efficient Search based on Query Logs From Stack Overflow.

Automatic Solution Summarization for Crash Bugs.

Supporting Quality Assurance with Automated Process-Centric Quality Constraints Checking.

Understanding Bounding Functions in Safety-Critical UAV Software.

Enhancing Genetic Improvement of Software with Regression Test Selection.

Containing Malicious Package Updates in npm with a Lightweight Permission System.

Too Quiet in the Library: An Empirical Study of Security Updates in Android Apps' Native Code.

If It's Not Secure, It Should Not Compile: Preventing DOM-Based XSS in Large-Scale Web Development with API Hardening.

Why Security Defects Go Unnoticed during Code Reviews? A Case-Control Study of the Chromium OS Project.

Technical Leverage in a Software Ecosystem: Development Opportunities and Security Risks.

RAICC: Revealing Atypical Inter-Component Communication in Android Apps.

Smart Contract Security: a Practitioners' Perspective.

AID: An automated detector for gender-inclusivity bugs in OSS project pages.

"Ignorance and Prejudice" in Software Fairness.

Semi-supervised Log-based Anomaly Detection via Probabilistic Label Estimation.

DeepLV: Suggesting Log Levels Using Ordinal Based Neural Networks.

How to Identify Boundary Conditions with Contrasty Metric?

Using Domain-specific Corpora for Improved Handling of Ambiguity in Requirements.

On Indirectly Dependent Documentation in the Context of Code Evolution: A Study.

CodeShovel: Constructing Method-Level Source Code Histories.

Evaluating Unit Testing Practices in R Packages.

Data-Oriented Differential Testing of Object-Relational Mapping Systems.

Automatic Unit Test Generation for Machine Learning Libraries: How Far Are We?

Layout and Image Recognition Driving Cross-Platform Automated Mobile Testing.

FlakeFlagger: Predicting Flakiness Without Rerunning Tests.

An Empirical Analysis of UI-based Flaky Tests.

GenTree: Using Decision Trees to Learn Interactions for Configurable Software.

Semantic Web Accessibility Testing via Hierarchical Visual Analysis.

Restoring Execution Environments of Jupyter Notebooks.

PyART: Python API Recommendation in Real-Time.

PyCG: Practical Call Graph Generation in Python.

Seamless Variability Management With the Virtual Platform.

Fine with "1234"? An Analysis of SMS One-Time Password Randomness in Android Apps.

ATVHUNTER: Reliable Version Detection of Third-Party Libraries for Vulnerability Identification in Android Applications.

JUSTGen: Effective Test Generation for Unspecified JNI Behaviors on JVMs.