Antonino Sabetta

Latest

• Secure Software Development in the Era of Fluid Multi-party Open Software and Services
• The Used, the Bloated, and the Vulnerable: Reducing the Attack Surface of an Industrial Application
• LastPyMile: Identifying the Discrepancy between Sources and Packages
• Detecting Security Fixes in Open-Source Repositories using Static Code Analyzers
• Toward Automated Exploit Generation for Known Vulnerabilities in Open-Source Libraries
• Automated Mapping of Vulnerability Advisories onto their Fix Commits in Open Source Repositories
• Commit2Vec: Learning Distributed Representations of Code Changes
• Towards Using Source Code Repositories to Identify Software Supply Chain Attacks
• Vuln4Real: A methodology for counting actually vulnerable dependencies
• Typosquatting and combosquatting attacks on the python ecosystem
• Detection, assessment and mitigation of vulnerabilities in open source dependencies
• A Manually-Curated Dataset of Fixes to Vulnerabilities of Open-Source Software
• Beyond Metadata: Code-centric and Usage-based Analysis of Known Vulnerabilities in Open-source Software
• A Practical Approach to the Automatic Classification of Security-Relevant Commits
• Vulnerable Open Source Dependencies: Counting Those That Matter
• TESTREX: a Testbed for Repeatable Exploits
• Impact Assessment for Vulnerabilities in Open-Source Software Libraries
• CONNECT Challenges: Towards Emergent Connectors for Eternal Networked Systems
• VCR: Virtual Capture and Replay for Performance Testing
• Scaling up SLA monitoring in pervasive environments
• Filling the gap between design and performance/reliability models of component-based systems: A model-driven approach