Standard

The Vulnerability Dataset of a Large Software Ecosystem. / Mitropoulos, Dimitris; Gousios, Georgios; Papadopoulos, Panagiotis; Karakoidas, Vassilios; Louridas, Panagiotis; Spinellis, Diomidis.

Proceedings - 3rd International Workshop on Building Analysis Datasets and Gathering Experience Returns for Security, BADGERS 2014. 2016. p. 69-74.

Research output: Chapter in Book/Report/Conference proceedingConference contributionScientificpeer-review

Harvard

Mitropoulos, D, Gousios, G, Papadopoulos, P, Karakoidas, V, Louridas, P & Spinellis, D 2016, The Vulnerability Dataset of a Large Software Ecosystem. in Proceedings - 3rd International Workshop on Building Analysis Datasets and Gathering Experience Returns for Security, BADGERS 2014. pp. 69-74, 3rd International Workshop on Building Analysis Datasets and Gathering Experience Returns for Security, Wroclaw, Poland, 11/09/14. https://doi.org/10.1109/BADGERS.2014.8

APA

Mitropoulos, D., Gousios, G., Papadopoulos, P., Karakoidas, V., Louridas, P., & Spinellis, D. (2016). The Vulnerability Dataset of a Large Software Ecosystem. In Proceedings - 3rd International Workshop on Building Analysis Datasets and Gathering Experience Returns for Security, BADGERS 2014 (pp. 69-74) https://doi.org/10.1109/BADGERS.2014.8

Vancouver

Mitropoulos D, Gousios G, Papadopoulos P, Karakoidas V, Louridas P, Spinellis D. The Vulnerability Dataset of a Large Software Ecosystem. In Proceedings - 3rd International Workshop on Building Analysis Datasets and Gathering Experience Returns for Security, BADGERS 2014. 2016. p. 69-74 https://doi.org/10.1109/BADGERS.2014.8

Author

Mitropoulos, Dimitris ; Gousios, Georgios ; Papadopoulos, Panagiotis ; Karakoidas, Vassilios ; Louridas, Panagiotis ; Spinellis, Diomidis. / The Vulnerability Dataset of a Large Software Ecosystem. Proceedings - 3rd International Workshop on Building Analysis Datasets and Gathering Experience Returns for Security, BADGERS 2014. 2016. pp. 69-74

BibTeX

@inproceedings{82628f2f4ef04fd7b1fcbd065d97bc6e,
title = "The Vulnerability Dataset of a Large Software Ecosystem",
abstract = "Security bugs are critical programming errors that can lead to serious vulnerabilities in software. Examining their behaviour and characteristics within a software ecosystem can provide the research community with data regarding their evolution, persistence and others. We present a dataset that we produced by applying static analysis to the Maven Central Repository (approximately 265GB of data) in order to detect potential security bugs. For our analysis we used FindBugs, a tool that examines Java bytecode to detect numerous types of bugs. The dataset contains the metrics’ results that FindBugs reports for every project version (a JAR) included in the ecosystem. For every version in our data repository, we also store specific metadata, such as the JAR’s size, its dependencies and others. Our dataset can be used to produce interesting research results involving security bugs, as we show in specific examples.",
keywords = "FindBugs, Maven Repository, Security Bugs, Software Ecosystem, Software Evolution, Software Security, Static Analysis",
author = "Dimitris Mitropoulos and Georgios Gousios and Panagiotis Papadopoulos and Vassilios Karakoidas and Panagiotis Louridas and Diomidis Spinellis",
year = "2016",
month = "4",
day = "1",
doi = "10.1109/BADGERS.2014.8",
language = "English",
isbn = "9781479983100",
pages = "69--74",
booktitle = "Proceedings - 3rd International Workshop on Building Analysis Datasets and Gathering Experience Returns for Security, BADGERS 2014",

}

RIS

TY - GEN

T1 - The Vulnerability Dataset of a Large Software Ecosystem

AU - Mitropoulos, Dimitris

AU - Gousios, Georgios

AU - Papadopoulos, Panagiotis

AU - Karakoidas, Vassilios

AU - Louridas, Panagiotis

AU - Spinellis, Diomidis

PY - 2016/4/1

Y1 - 2016/4/1

N2 - Security bugs are critical programming errors that can lead to serious vulnerabilities in software. Examining their behaviour and characteristics within a software ecosystem can provide the research community with data regarding their evolution, persistence and others. We present a dataset that we produced by applying static analysis to the Maven Central Repository (approximately 265GB of data) in order to detect potential security bugs. For our analysis we used FindBugs, a tool that examines Java bytecode to detect numerous types of bugs. The dataset contains the metrics’ results that FindBugs reports for every project version (a JAR) included in the ecosystem. For every version in our data repository, we also store specific metadata, such as the JAR’s size, its dependencies and others. Our dataset can be used to produce interesting research results involving security bugs, as we show in specific examples.

AB - Security bugs are critical programming errors that can lead to serious vulnerabilities in software. Examining their behaviour and characteristics within a software ecosystem can provide the research community with data regarding their evolution, persistence and others. We present a dataset that we produced by applying static analysis to the Maven Central Repository (approximately 265GB of data) in order to detect potential security bugs. For our analysis we used FindBugs, a tool that examines Java bytecode to detect numerous types of bugs. The dataset contains the metrics’ results that FindBugs reports for every project version (a JAR) included in the ecosystem. For every version in our data repository, we also store specific metadata, such as the JAR’s size, its dependencies and others. Our dataset can be used to produce interesting research results involving security bugs, as we show in specific examples.

KW - FindBugs

KW - Maven Repository

KW - Security Bugs

KW - Software Ecosystem

KW - Software Evolution

KW - Software Security

KW - Static Analysis

UR - http://www.scopus.com/inward/record.url?scp=84968830358&partnerID=8YFLogxK

U2 - 10.1109/BADGERS.2014.8

DO - 10.1109/BADGERS.2014.8

M3 - Conference contribution

SN - 9781479983100

SP - 69

EP - 74

BT - Proceedings - 3rd International Workshop on Building Analysis Datasets and Gathering Experience Returns for Security, BADGERS 2014

ER -

ID: 40987829