VulinOSS: A dataset of security vulnerabilities in open-source systems

Antonios Gkortzis, Dimitris Mitropoulos, Diomidis Spinellis

Research output: Chapter in Book/Conference proceedings/Edited volumeConference contributionScientificpeer-review

16 Citations (Scopus)

Abstract

Examining the different characteristics of open-source software in relation to security vulnerabilities, can provide the research community with findings that can lead to the development of more secure systems. We present a dataset where the reported vulnerabilities of 8694 open-source project versions, can be correlated with the corresponding source code and a number of software metrics. The metrics were obtained by analyzing the project's source code via well-established tools. Apart from commonly used metrics (e.g. loc), we also provide data related to modern development trends such as continuous integration and testing. We outline motivational examples based on the dataset we describe.

Original languageEnglish
Title of host publicationProceedings - 2018 ACM/IEEE 15th International Conference on Mining Software Repositories, MSR 2018
PublisherIEEE
Pages18-21
Number of pages4
ISBN (Print)9781450357166
DOIs
Publication statusPublished - 28 May 2018
Externally publishedYes
Event15th ACM/IEEE International Conference on Mining Software Repositories, MSR 2018, co-located with the 40th International Conference on Software Engineering, ICSE 2018 - Gothenburg, Sweden
Duration: 28 May 201829 May 2018

Publication series

NameProceedings - International Conference on Software Engineering
ISSN (Print)0270-5257

Conference

Conference15th ACM/IEEE International Conference on Mining Software Repositories, MSR 2018, co-located with the 40th International Conference on Software Engineering, ICSE 2018
CountrySweden
CityGothenburg
Period28/05/1829/05/18

Keywords

  • continuous integration
  • open-source software
  • security vulnerabilities
  • testing

Fingerprint Dive into the research topics of 'VulinOSS: A dataset of security vulnerabilities in open-source systems'. Together they form a unique fingerprint.

Cite this