Skip to content

fzuo/Patch-Commits-Study

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

72 Commits

code/SERA23_commit_message

code/SERA23_commit_message

 
 

figs

figs

 
 

papers

papers

 
 

README.md

README.md

 
 

Repository files navigation

Source Code Patch Commit Mining Papers and Resources

A Survey on Source Code Patch Commit Mining in OSS

Overview

Zuo, F., Rhee, J. Vulnerability discovery based on source code patch commit mining: a systematic literature review.

International Journal of Information Security. (2024). https://doi.org/10.1007/s10207-023-00795-8

Paper: [link1] [link2]

  • [2] SSPCATCHER: Learning to catch security patches, Empirical Software Engineering, 2022

Paper: [link1] [link2]

Code & Dataset

  • [3] PatchRNN: A Deep Learning-Based System for Security Patch Identification, MILCOM, 2021

Paper: [link1] [link2]

Resource

  • [13] Identifying Linux Bug Fixing Patches, ICSE, 2012

Paper: [link1] [link2]

  • [14] Detecting “0-Day” Vulnerability: An Empirical Study of Secret Security Patch in OSS, DSN, 2019

Paper: [link1] [link2]

Dataset

  • [15] Vulnerability identification technology research based on project version difference, Chinese Journal of Network and Information Security, 2022

Paper: [link1]

Dataset

  • [16] Finding A Needle in a Haystack: Automated Mining of Silent Vulnerability Fixes, ASE, 2021

Paper: [link1] [link2]

  • [17] SPI: Automated Identification of Security Patches via Commits, TOSEM, 2021

Paper: [link1] [link2]

  • [18] Enhancing Security Patch Identification by Capturing Structures in Commits, TDSC, 2022

Paper: [link1] [link2]

  • [33] VCMATCH: A Ranking-based Approach for Automatic Security Patches Localization for OSS Vulnerabilities, SANER, 2022

Paper: [link1] [link2]

  • [35] VCCFinder: Finding Potential Vulnerabilities in Open-Source Projects to Assist Code Audits, CCS, 2015

Paper: [link1] [link2]

  • [36] Identifying Supplementary Bug-fix Commits, COMPSAC, 2018

Paper: [link1]

  • [37] A Machine Learning Approach to Classify Security Patches into Vulnerability Types, CNS, 2020

Paper: [link1] [link2]

  • [38] Revisiting the VCCFinder approach for the identification of vulnerability-contributing commits, Empirical Software Engineering, 2021

Paper: [link1] [link2]

  • [39] Locating the Security Patches for Disclosed OSS Vulnerabilities with Vulnerability-Commit Correlation Ranking, CCS, 2021

Paper: [link1] [link2]

  • [41] GraphSPD: Graph-Based Security Patch Detection with Enriched Code Semantics, S&P, 2023

Paper: [link1] [link2]

  • [42] TMVDPatch: A Trusted Multi-View Decision System for Security Patch Identification, Applied Sciences, 2023

Paper: [link1]

  • [43] A Practical Approach to the Automatic Classification of Security Relevant Commits, ICSME, 2018

Paper: [link1] [link2]

  • [44] PatchNet: Hierarchical Deep Learning-Based Stable Patch Identification for the Linux Kernel, TSE, 2021

Paper: [link1]

  • [46] Commit Message Can Help: Security Patch Detection in Open Source Software via Transformer, SERA, 2023

Paper: [link1] [link2]

  • [48] Automated Identification of Security Issues from Commit Messages and Bug Reports, FSE, 2017

Paper: [link1] [link2]

  • [49] Sentiment Analysis of Software Bug Related Commit Messages, SEDE, 2018

Paper: [link1]

  • [50] PatchDB: A Large-Scale Security Patch Dataset, DSN, 2021

Paper: [link1] [link2]

Dataset

  • [51] A ground-truth dataset of real security patches, ArXiv, 2021

Paper: [link1]

Resource

About

A Survey on Patch Commits Mining in OSS

Resources

Readme
Activity

Stars

2 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages