Machine learning-based software vulnerability detection requires high-quality datasets, which is essential for training effective models. To address challenges related to data label quality, diversity, and comprehensiveness, we constructed ICVul, a dataset emphasizing data quality and enriched with comprehensive metadata, including Vulnerability-Contributing Commits (VCCs). We began by filtering Common Vulnerabilities and Exposures from the NVD, retaining only those linked to GitHub fix commits. Then we extracted functions and files along with relevant metadata from these commits and used the SZZ algorithm to trace VCCs. To further enhance label reliability, we developed the ESC (Eliminate Suspicious Commit) technique, ensuring credible data labels. The dataset is stored in a relationallike database for improved usability and data integrity. Both ICVul and its construction framework are publicly accessible on GitHub, supporting research in related field.
Chaomeng Lu, Tianyu Li, Toon Dehaene, Bert Lagaisse
Open-source software is widely used by developers and businesses, but assessing its security posture is challenging due to the lack of time and specialized expertise. Existing visual security analysis tools for open-source projects primarily focus on vulnerabilities within the source code, lacking a comprehensive assessment of the project’s overall security posture. To address these issues, we propose a multi-dimensional visual analytics tool for evaluating the security posture of open-source projects. Our tool integrates data from code commits, contributor activity, and historical vulnerability duration, providing a holistic view of project security.Our tool integrates data from multiple sources, including the National Vulnerability Database (NVD) and GitHub commit histories, and applies the SZZ algorithm to identify both vulnerability-fixing and inducing commits. We tested the dashboard on two popular GitHub projects, each containing thousands of commits and hundreds of vulnerabilities, allowing users to easily track development and vulnerability management within each project. An evaluation study with experienced developers confirmed the dashboard’s effectiveness in helping users quickly understand developer interactions and the project’s overall approach to security management. Our contributions include a diverse vulnerability dataset and a visual dashboard that offers a multi-dimensional perspective on open-source project security, meeting the needs of various stakeholders.
Tianyu Li, Chaomeng Lu, Bert Lagaisse
ICVul: a well-labeled C/C++ vulnerability dataset with comprehensive metadata and VCCS
Chaomeng Lu, Tianyu Li, Toon Dehaene, Bert Lagaisse
Paper DOI
A Multi-Dimensional Visual Analytics Tool for the Security Posture of Open-Source Software
Tianyu Li, Chaomeng Lu, Bert Lagaisse
Paper DOI
PrivacyBuddy: An Android Privacy Dashboard for Detecting Excessive Data Collection with a Focus on Location Data, Mobile Devices and Multimedia: Enabling Technologies, Algorithms, and Applications
Toon Dehaene, Maxime Bellis, Tristan Pelgrims, Vincent Naessens, Bert Lagaisse
Paper DOI
From Lab to Reality: A Practical Evaluation of Deep Learning Models and LLMs for Vulnerability Detection
Chaomeng Lu, Bert Lagaisse
arXive Link
Enhancing Effective Bidirectional Isolation for Function Fusion in Serverless Architectures
Tianyu Li, Chen Yingpeng, Donghui Yu, Yuanyuan Zhang, Bert Lagaisse
Paper DOI
BeauForT: Robust Byzantine Fault Tolerance for Client-centric Mobile Web Application
Kristof Jannes, Emad Heydari Beni, Bert Lagaisse, Wouter Joosen
Paper DOI
DEDACS: Decentralized and dynamic access control for smart contracts in a policy-based manner
Kristof Jannes, Vincent Reniers, Wouter Lenaerts, Bert Lagaisse, Wouter Joosen
Paper DOI
Masking Location Streams in the Presence of Colluding Service Providers
Toon Dehaene, Michiel Willocx, Bert Lagaisse, Vincent Naessens
Paper DOI
Poster: Privacy-Preserving Heat Map Generation through Spatial and Temporal Local Perturbation
Toon Dehaene, Michiel Willocx, Bert Lagaisse, Vincent Naessens
Poster DOI
Replication Data for: Penetration Testing in Wind Farms: Detection and Impact Analysis
Can Özkan, Dave Singelée, Amirreza Jafari anarjan, Rick Loenders, Hakan Ergun
Replication Package DOI
Replication Data for: A Novel Evidence-Based Threat Enumeration Methodology for ICS
Can Özkan, Dave Singelée
Replication Package DOI
CCAM-DI: Reinforcement Learning-Based Autonomous Intersection Control
Árpád Huszák, Takahito Yoshizawa, Alireza Aghabagherloo, Dave Singelée, Bart Preneel
Paper DOI
Replication Data for: One Tap to Hijack Them All: A Security Analysis of the Google Fast Pair Protocol
Sayon Duttagupta, Seppe Wyns, Nikola Antonijević, Dave Singelée, Bart Preneel
Replication Package DOI
Certificate revocation-search for a way forward
Takahito Yoshizawa, Himanshu Agarwal, Dave Singelee, Bart Preneel
Paper DOI
Replication Data for: CovFUZZ: Coverage-based fuzzer for 4G&5G protocols
Ilja Siroš, Dave Singelée, Bart Preneel
Replication Package DOI
ZeroTouch: Reinforcing RSS for Secure Geofencing
Nikola Antonijević, Sayon Duttagupta, Dave Singelée, Enrique Argones Rúa, Bart Preneel
Paper DOI
A Survey of Security and Privacy Issues in V2X Communication Systems
Takahito Yoshizawa, Dave Singelée, Jan Tobias Mühlberg, STÉPHANE Delbruel, Amir Taherkordi, Danny Hughes, Bart Preneel
Paper DOI
Security of Distance-Bounding: A Survey
Gildas Avoine, Muhammed Ali Bingol, Ioana Boureanu, Srdjan Capkun, Gerhard Hancke, Suleyman Kardas, Chong Hee Kim, Cedric Lauradoux, Benjamin Martin, Jorge Munilla, Alberto Peinado-Dominguez, Kasper B Rasmussen, Dave Singelée, Aslan Tchamkerten, Rolando Trujillo-Rasua, Serge Vaudenay
Paper DOI