Akond Ashfaque Ur Rahman

Shazibul Islam Shamim

Rahul Pandita

ACM Trans. Softw. Eng. Methodol., July, 2023

Detecting and Characterizing Propagation of Security Weaknesses in Puppet-Based Infrastructure Management.

[BibT_eX]

[DOI]

Chris Parnin

IEEE Trans. Software Eng., June, 2023

Log-related Coding Patterns to Conduct Postmortems of Attacks in Supervised Learning-based Projects.

[BibT_eX]

[DOI]

Juanjose Rodriguez-Cardenas

ACM Trans. Priv. Secur., May, 2023

Come for syntax, stay for speed, understand defects: an empirical study of defects in Julia programs.

[BibT_eX]

[DOI]

Empir. Softw. Eng., 2023

Teaching DevOps Security Education with Hands-on Labware: Automated Detection of Security Weakness in Python.

[BibT_eX]

[DOI]

Mst. Shapna Akter

CoRR, 2023

Software Supply Chain Vulnerabilities Detection in Source Code: Performance Comparison between Traditional and Quantum Machine Learning Algorithms.

[BibT_eX]

[DOI]

Mst. Shapna Akter

CoRR, 2023

Case Study-Based Approach of Quantum Machine Learning in Cybersecurity: Quantum Support Vector Machine for Malware Classification and Protection.

[BibT_eX]

[DOI]

Muhammad Asadur Rahman

CoRR, 2023

Characterizing Static Analysis Alerts for Terraform Manifests: An Experience Report.

[BibT_eX]

[DOI]

Proceedings of the IEEE Secure Development Conference, 2023

Practitioner Perceptions of Ansible Test Smells.

[BibT_eX]

[DOI]

Yue Zhang

Proceedings of the 20th International Conference on Software Architecture, 2023

Quality Assurance for Infrastructure Orchestrators: Emerging Results from Ansible.

[BibT_eX]

[DOI]

Proceedings of the 20th International Conference on Software Architecture, 2023

A Plugin for Kotlin based Android Apps to Detect Security Breaches through Dataflow.

[BibT_eX]

[DOI]

Md Arabin Islam Talukder

Sumaiya Farzana Mishu

ABM Kamrul Islam Riad

Jonathan Alexander Gibson

Proceedings of the 47th IEEE Annual Computers, Software, and Applications Conference, 2023

Case Study-Based Approach of Quantum Machine Learning in Cybersecurity: Quantum Support Vector Machine for Malware Classification and Protection.

[BibT_eX]

[DOI]

Proceedings of the 47th IEEE Annual Computers, Software, and Applications Conference, 2023

2022

Benefits, Challenges, and Research Topics: A Multi-vocal Literature Review of Kubernetes.

[BibT_eX]

[DOI]

Shazibul Islam Shamim

CoRR, 2022

Lessons from Research to Practice on Writing Better Quality Puppet Scripts.

[BibT_eX]

[DOI]

Tushar Sharma

Proceedings of the IEEE International Conference on Software Analysis, 2022

Development of Blockchain-based e-Voting System: Requirements, Design and Security Perspective.

[BibT_eX]

[DOI]

Md. Zakirul Alam Bhuiyan

Proceedings of the IEEE International Conference on Trust, 2022

Can We use Authentic Learning to Educate Students about Secure Infrastructure as Code Development?

[BibT_eX]

[DOI]

Proceedings of the ITiCSE 2022: Innovation and Technology in Computer Science Education, Dublin, Ireland, July 8, 2022

Investigating Novel Approaches to Defend Software Supply Chain Attacks.

[BibT_eX]

[DOI]

Proceedings of the IEEE International Symposium on Software Reliability Engineering Workshops, 2022

As Code Testing: Characterizing Test Quality in Open Source Ansible Development.

[BibT_eX]

[DOI]

Mohammad Mehedi Hassan

Proceedings of the 15th IEEE Conference on Software Testing, Verification and Validation, 2022

Evolution of Quantum Computing: A Systematic Survey on the Use of Quantum Computing Tools.

[BibT_eX]

[DOI]

Paramita Basak Upama

Proceedings of the 46th IEEE Annual Computers, Software, and Applications Conferenc, 2022

Towards Automation for MLOps: An Exploratory Study of Bot Usage in Deep Learning Libraries.

[BibT_eX]

[DOI]

Mohammad Mehedi Hassan

Proceedings of the 46th IEEE Annual Computers, Software, and Applications Conferenc, 2022

Quantum Machine Learning for Software Supply Chain Attacks: How Far Can We Go?

[BibT_eX]

[DOI]

Mohammad Masum

Mohammad Nazim

Maria Valero

Md Abdullah Hafiz Khan

Proceedings of the 46th IEEE Annual Computers, Software, and Applications Conferenc, 2022

Shifting Left for Machine Learning: An Empirical Study of Security Weaknesses in Supervised Learning-based Projects.

[BibT_eX]

[DOI]

Proceedings of the 46th IEEE Annual Computers, Software, and Applications Conferenc, 2022

A Novel Machine Learning Based Framework for Bridge Condition Analysis.

[BibT_eX]

[DOI]

Mohammad Masum

Nafisa Anjum

Proceedings of the IEEE International Conference on Big Data, 2022

Software Supply Chain Vulnerabilities Detection in Source Code: Performance Comparison between Traditional and Quantum Machine Learning Algorithms.

[BibT_eX]

[DOI]

Mst. Shapna Akter

Proceedings of the IEEE International Conference on Big Data, 2022

Bie Vote: A Biometric Identification Enabled Blockchain-Based Secure and Transparent Voting Framework.

[BibT_eX]

[DOI]

Proceedings of the Fourth International Conference on Blockchain Computing and Applications, 2022

What questions do developers ask about Julia?

[BibT_eX]

[DOI]

Proceedings of the ACM SE '22: 2022 ACM Southeast Conference, Virtual Event, April 18, 2022

Vision for a secure Elixir ecosystem: an empirical study of vulnerabilities in Elixir programs.

[BibT_eX]

[DOI]

Kaitlyn Cottrell

Proceedings of the ACM SE '22: 2022 ACM Southeast Conference, Virtual Event, April 18, 2022

2021

Security Smells in Ansible and Chef Scripts: A Replication Study.

[BibT_eX]

[DOI]

ACM Trans. Softw. Eng. Methodol., 2021

An Empirical Study of Bugs in COVID-19 Software Projects.

[BibT_eX]

[DOI]

J. Softw. Eng. Res. Dev., 2021

Different Kind of Smells: Security Smells in Infrastructure as Code Scripts.

[BibT_eX]

[DOI]

IEEE Secur. Priv., 2021

Security Bug Report Usage for Software Vulnerability Research: A Systematic Mapping Study.

[BibT_eX]

[DOI]

Md Bulbul Sharif

IEEE Access, 2021

Shhh!: 12 Practices for Secret Management in Infrastructure as Code.

[BibT_eX]

[DOI]

Farhat Lamia Barsha

Proceedings of the IEEE Secure Development Conference, 2021

Exercise Perceptions: Experience Report from a Secure Software Development Course.

[BibT_eX]

[DOI]

Proceedings of the Quality of Information and Communications Technology, 2021

'Under-reported' Security Defects in Kubernetes Manifests.

[BibT_eX]

[DOI]

Proceedings of the 2nd IEEE/ACM International Workshop on Engineering and Cybersecurity of Critical Systems, 2021

Practitioner Perception of Vulnerability Discovery Strategies.

[BibT_eX]

[DOI]

Justin Murphy

Proceedings of the 2nd IEEE/ACM International Workshop on Engineering and Cybersecurity of Critical Systems, 2021

How Do Students Feel About Automated Security Static Analysis Exercises?

[BibT_eX]

[DOI]

Proceedings of the IEEE Frontiers in Education Conference, 2021

An Empirical Study of Vulnerabilities in Robotics.

[BibT_eX]

[DOI]

Proceedings of the IEEE 45th Annual Computers, Software, and Applications Conference, 2021

Malware Detection and Prevention using Artificial Intelligence Techniques.

[BibT_eX]

[DOI]

Proceedings of the 2021 IEEE International Conference on Big Data (Big Data), 2021

2020

The 'as code' activities: development anti-patterns for infrastructure as code.

[BibT_eX]

[DOI]

Empir. Softw. Eng., 2020

An Exploratory Characterization of Bugs in COVID-19 Software Projects.

[BibT_eX]

[DOI]

CoRR, 2020

XI Commandments of Kubernetes Security: A Systematization of Knowledge Related to Kubernetes Security Practices.

[BibT_eX]

[DOI]

Proceedings of the IEEE Secure Development, SecDev 2020, Atlanta, GA, USA, 2020

A vision to mitigate bioinformatics software development challenges.

[BibT_eX]

[DOI]

Proceedings of the 35th IEEE/ACM International Conference on Automated Software Engineering Workshops, 2020

Vulnerability discovery strategies used in software projects.

[BibT_eX]

[DOI]

Proceedings of the 35th IEEE/ACM International Conference on Automated Software Engineering Workshops, 2020

Characterizing co-located insecure coding patterns in infrastructure as code scripts.

[BibT_eX]

[DOI]

Proceedings of the 35th IEEE/ACM International Conference on Automated Software Engineering Workshops, 2020

Gang of eight: a defect taxonomy for infrastructure as code scripts.

[BibT_eX]

[DOI]

Proceedings of the ICSE '20: 42nd International Conference on Software Engineering, Seoul, South Korea, 27 June, 2020

A preliminary taxonomy of techniques used in software fuzzing.

[BibT_eX]

[DOI]

Raunak Shakya

Proceedings of the 7th Annual Symposium on Hot Topics in the Science of Security, 2020

A curated dataset of security defects in scientific software projects.

[BibT_eX]

[DOI]

Justin Murphy

Elias T. Brady

Proceedings of the 7th Annual Symposium on Hot Topics in the Science of Security, 2020

Can we use software bug reports to identify vulnerability discovery strategies?

[BibT_eX]

[DOI]

Raunak Shakya

Proceedings of the 7th Annual Symposium on Hot Topics in the Science of Security, 2020

2019

Source code properties of defective infrastructure as code scripts.

[BibT_eX]

[DOI]

Inf. Softw. Technol., 2019

A systematic mapping study of infrastructure as code research.

[BibT_eX]

[DOI]

Rezvan Mahdavi-Hezaveh

Inf. Softw. Technol., 2019

Security Smells in Infrastructure as Code Scripts.

[BibT_eX]

[DOI]

CoRR, 2019

Snakes in paradise?: insecure python-related coding practices in stack overflow.

[BibT_eX]

[DOI]

Nasif Imtiaz

Proceedings of the 16th International Conference on Mining Software Repositories, 2019

Challenges with responding to static analysis tool alerts.

[BibT_eX]

[DOI]

Proceedings of the 16th International Conference on Mining Software Repositories, 2019

Share, But be Aware: Security Smells in Python Gists.

[BibT_eX]

[DOI]

Md. Rayhanur Rahman

Proceedings of the 2019 IEEE International Conference on Software Maintenance and Evolution, 2019

Synthesizing Program Execution Time Discrepancies in Julia Used for Scientific Software.

[BibT_eX]

[DOI]

Nasif Imtiaz

Proceedings of the 2019 IEEE International Conference on Software Maintenance and Evolution, 2019

The seven sins: security smells in infrastructure as code scripts.

[BibT_eX]

[DOI]

Chris Parnin

Proceedings of the 41st International Conference on Software Engineering, 2019

A bird's eye view of knowledge needs related to penetration testing.

[BibT_eX]

[DOI]

Venkata Sitaramagiridharganesh Ganapavarapu

Proceedings of the 6th Annual Symposium on Hot Topics in the Science of Security, 2019

Characterizing Attacker Behavior in a Cybersecurity Penetration Testing Competition.

[BibT_eX]

[DOI]

Proceedings of the 2019 ACM/IEEE International Symposium on Empirical Software Engineering and Measurement, 2019

Blockchain Enabled AI Marketplace: The Price You Pay for Trust.

[BibT_eX]

[DOI]

Kanthi K. Sarpatwar

Karthikeyan Shanmugam

Roman Vaculín

Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition Workshops, 2019

2018

Categorizing Defects in Infrastructure as Code.

[BibT_eX]

[DOI]

Sarah Elder

Faysal Hossain Shezan

Vanessa Frost

Jonathan Stallings

CoRR, 2018

Where Are The Gaps? A Systematic Mapping Study of Infrastructure as Code Research.

[BibT_eX]

[DOI]

Rezvan Mahdavi-Hezaveh

CoRR, 2018

Characterizing the influence of continuous integration: empirical results from 250+ open source and proprietary projects.

[BibT_eX]

[DOI]

Proceedings of the 4th ACM SIGSOFT International Workshop on Software Analytics, 2018

Comprehension effort and programming activities: related? or not related?

[BibT_eX]

[DOI]

Proceedings of the 15th International Conference on Mining Software Repositories, 2018

Characterizing Defective Configuration Scripts Used for Continuous Deployment.

[BibT_eX]

[DOI]

Proceedings of the 11th IEEE International Conference on Software Testing, 2018

Anti-Patterns in Infrastructure as Code.

[BibT_eX]

[DOI]

Proceedings of the 11th IEEE International Conference on Software Testing, 2018

Defect prediction metrics for infrastructure as code scripts in DevOps.

[BibT_eX]

[DOI]

Jonathan Stallings

Proceedings of the 40th International Conference on Software Engineering: Companion Proceeedings, 2018

What questions do programmers ask about configuration as code?

[BibT_eX]

[DOI]

Proceedings of the 4th International Workshop on Rapid Continuous Software Engineering, 2018

Characteristics of defective infrastructure as code scripts in DevOps.

[BibT_eX]

[DOI]

Proceedings of the 40th International Conference on Software Engineering: Companion Proceeedings, 2018

What is the connection between issues, bugs, and enhancements?: lessons learned from 800+ software projects.

[BibT_eX]

[DOI]

Proceedings of the 40th International Conference on Software Engineering: Software Engineering in Practice, 2018

We don't need another hero?: the impact of "heroes" on software development.

[BibT_eX]

[DOI]

Proceedings of the 40th International Conference on Software Engineering: Software Engineering in Practice, 2018

2017

Continuous Integration: The Silver Bullet?

[BibT_eX]

[DOI]

CoRR, 2017

Predicting Android Application Security and Privacy Risk with Static Code Metrics.

[BibT_eX]

[DOI]

Proceedings of the 4th IEEE/ACM International Conference on Mobile Software Engineering and Systems, 2017

Which Factors Influence Practitioners' Usage of Build Automation Tools?

[BibT_eX]

[DOI]

Proceedings of the 3rd IEEE/ACM International Workshop on Rapid Continuous Software Engineering, 2017

Characterizing Scientific Reporting in Security Literature: An analysis of ACM CCS and IEEE S&P Papers.

[BibT_eX]

[DOI]

Morgan Burcham

Mahran Al-Zyoud

Jeffrey C. Carver

Mohammed Noraden Alsaleh

Proceedings of the Hot Topics in Science of Security: Symposium and Bootcamp, HoTSoS 2017, 2017

2016

Software security in DevOps: synthesizing practitioners' perceptions and practices.

[BibT_eX]

[DOI]

Proceedings of the International Workshop on Continuous Software Evolution and Delivery, 2016

Security practices in DevOps.

[BibT_eX]

[DOI]

Proceedings of the Symposium and Bootcamp on the Science of Security, 2016

2015

Synthesizing Continuous Deployment Practices Used in Software Development.

[BibT_eX]

[DOI]

Eric Helms

Chris Parnin

Proceedings of the 2015 Agile Conference, 2015

2011

Multiple Targets Tracking Using Kinematics in Wireless Sensor Networks.

[BibT_eX]

[DOI]