Skip to main content
SpringerLink
Log in

How security bugs are fixed and what can be improved: an empirical study with Mozilla

  • Letter
  • Published:
Science China Information Sciences Aims and scope Submit manuscript

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

References

  1. Viega J, McGraw G. Building Secure Software: How to Avoid Security Problems the Right Way. 1st ed. London: Addison-Wesley, 2011

    Google Scholar 

  2. Cai Y, Jia C, Wu S, et al. ASN: a dynamic barrier-based approach to confirmation of deadlocks from warnings for large-scale multithreaded programs. IEEE Trans Parallel Distrib Syst, 2015, 26: 13–23

    Article  Google Scholar 

  3. Cai Y, Chan W K. Magiclock: scalable detection of potential deadlocks in large-scale multithreaded programs. IEEE Trans Softw Eng, 2014, 40: 266–281

    Article  Google Scholar 

  4. Shar L K, Tan H B K, Briand L C. Mining SQL injection and cross site scripting vulnerabilities using hybrid program analysis. In: Proceedings of the 35th International Conference on Software Engineering, San Francisco, 2013. 642–651

    Google Scholar 

  5. Felderer M, B¨uchler M, Johns M, et al. Chapter one - security testing: a survey. Adv Comput, 2016, 101: 1–51

    Article  Google Scholar 

  6. Cai Y, Lu Q. Dynamic testing for deadlocks via constraints. IEEE Trans Softw Eng, 2016, 42: 825–842

    Article  Google Scholar 

  7. Cai Y, Cao L. Fixing deadlocks via lock preacquisitions. In: Proceedings of the 38th International Conference on Software Engineering, Austin, 2016. 1109–1120

    Google Scholar 

  8. Wang L, Sun X, Wang J, et al. Construct bug knowledge graph for bug resolution: poster. In: Proceedings of IEEE/ACM International Conference on Software Engineering, 2017. 189–191

    Google Scholar 

  9. Zaman S, Adams B, Hassan A E. Security versus performance bugs: a case study on firefox. In: Proceedings of the 8th Working Conference on Mining Software Repositories, New York, 2011. 93–102

    Chapter  Google Scholar 

Download references

Acknowledgements

This work was supported partially by Natural Science Foundation of China (Grant Nos. 61872312, 61402396, 61611540347, 61472344), Jiangsu Qin Lan Project, China Postdoctoral Science Foundation (Grant No. 2015M571489), and Natural Science Foundation of Yangzhou City (Grant No. YZ2017113).

Author information

Authors and Affiliations

  1. School of Computer Science, Fudan University, Shanghai, 201203, China

    Xiaobing Sun, Xin Peng & Kai Zhang

  2. Shanghai Key Laboratory of Data Science, Fudan University, Shanghai, 201203, China

    Xiaobing Sun, Xin Peng & Kai Zhang

  3. School of Information Engineering, Yangzhou University, Yangzhou, 225127, China

    Xiaobing Sun

  4. School of Computer Science and Engineering, Nanyang Technological University, Singapore, 639798, Singapore

    Yang Liu

  5. Department of Computer Science, Drexel University, Philadelphia, 19104, USA

    Yuanfang Cai

Authors
  1. Xiaobing Sun
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Xin Peng
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Kai Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Yang Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Yuanfang Cai
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Xiaobing Sun.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Sun, X., Peng, X., Zhang, K. et al. How security bugs are fixed and what can be improved: an empirical study with Mozilla. Sci. China Inf. Sci. 62, 19102 (2019). https://doi.org/10.1007/s11432-017-9459-5

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • DOI: https://doi.org/10.1007/s11432-017-9459-5

Search

Navigation