A C/C++ Code Vulnerability Dataset with Code Changes and CVE SummariesMSR - Data Showcase
In this paper, we collected a C/C++ code vulnerability dataset from open-source projects. We crawled the public Common Vulnerabilities and Exposures (CVE) database and CVE-related code repositories. From the CVE database, we collected the descriptive information of the vulnerabilities, e.g., CVE IDs, CVE severity scores, and CVE summaries. With the CVE information and its related published Git code repository links, we downloaded all of the code repositories and extract vulnerability related code changes. In total, our dataset contains 3754 code vulnerabilities spanning 91 different vulnerability types. All these code vulnerabilities are extracted from 348 Git projects. All this information has been stored in CSV format with clear structure. The code changes and CVE descriptive information were mapped to each other so that the dataset could be used for many research areas, e.g., vulnerability detection and vulnerability fixing patches identification.
Tue 30 Jun Times are displayed in time zone: (UTC) Coordinated Universal Time change
11:00 - 12:00: SecurityTechnical Papers / Data Showcase at MSR:Zoom2 Chair(s): Dimitris MitropoulosAthens University of Economics and Business Q/A & Discussion of Session Papers over Zoom (Joining info available on Slack) | |||
| 11:00 - 11:12 Live Q&A | Did You Remember To Test Your Tokens?MSR - Technical Paper Technical Papers Danielle GonzalezRochester Institute of Technology, USA, Michael RathTechnische Universität Ilmenau, Mehdi MirakhorliRochester Institute of Technology DOI Pre-print Media Attached | ||
| 11:12 - 11:24 Live Q&A | Automatically Granted Permissions in Android appsMSR - Technical Paper Technical Papers Paolo Calciati IMDEA Software Institute, Konstantin KuznetsovSaarland University, CISPA, Alessandra GorlaIMDEA Software Institute, Andreas ZellerCISPA Helmholtz Center for Information Security Media Attached | ||
| 11:24 - 11:36 Live Q&A | PUMiner: Mining Security Posts from Developer Question and Answer Websites with PU LearningMSR - Technical Paper Technical Papers Triet Le Huynh MinhThe University of Adelaide, David Hin, Roland Croft, Muhammad Ali BabarThe University of Adelaide DOI Pre-print Media Attached | ||
| 11:36 - 11:48 Live Q&A | A C/C++ Code Vulnerability Dataset with Code Changes and CVE SummariesMSR - Data Showcase Data Showcase A: Jiahao FanNew Jersey Institute of Technology, USA, A: Yi LiNew Jersey Institute of Technology, USA, A: Shaohua WangNew Jersey Institute of Technology, USA, A: Tien N. NguyenUniversity of Texas at Dallas Media Attached | ||
| 11:48 - 12:00 Live Q&A | The Impact of a Major Security Event on an Open Source Project: The Case of OpenSSLMSR - Technical Paper Technical Papers James WaldenNorthern Kentucky University Pre-print Media Attached | ||