Research

Towards Understanding Third-party Library Dependency in C/C++ Ecosystem

How can we effectively detect and address vulnerabilities introduced by third-party library dependencies in C/C++ code bases to enhance software security and reliability?

A Comprehensive Study on Quality Assurance Tools for Java

How can we effectively detect and address quality issues in Java code bases to improve software quality and maintainability?

Comparison and Evaluation on Static Application Security Testing (SAST) Tools for Java

How can we effectively detect and address known vulnerabilities in existing Java applications to enhance software security and reliability?

Empirical Analysis of Vulnerabilities Life Cycle in Golang Ecosystem

How can we effectively detect and address known vulnerabilities in existing Golang code bases to enhance software security and reliability?

TRACER- Finding Patches for Open Source Software Vulnerabilities

How can we effectively detect and address known vulnerabilities in existing OSS vulnerabilities to enhance software security and reliability?

Demystifying the Composition and Code Reuse in Solidity Smart Contracts

How do misclassifications of subcontract types, like libraries labeled as contracts, affect Solidity smart contract security and management?