Publications

Full Conference Papers

  • Data Quality for Software Vulnerability Datasets (2023)
    Roland Croft, M. Ali Babar, Mehdi Kholoosi
    In Proceedings of the 45th International Conference on Software Engineering (ICSE)
    [PDF] [GitHub]

  • Noisy Label Learning for Security Defects (2022)
    Roland Croft, M. Ali Babar, Huaming Chen
    In Proceedings of the 19th International Conference on Mining Software Repositories (MSR)
    [PDF] [Video] [GitHub]

  • An Investigation into Inconsistency of Software Vulnerability Severity across Data Sources (2022)
    Roland Croft, M. Ali Babar, Li Li
    In Proceedings of the 29th International Conference on Software Analysis, Evolution and Reengineering (SANER)
    [PDF] [Video] [GitHub]

  • An Empirical Study of Rule-Based and Learning-Based Approaches for Static Application Security Testing (2021)
    Roland Croft, Dominic Newlands, Ziyu Chen, M. Ali Babar
    In Proceedings of the 15th International Symposium on Empirical Software Engineering and Measurement (ESEM)
    [PDF] [Video]

  • DeepCVA: Automated Commit-level Vulnerability Assessment with Deep Multi-task Learning (2021)
    Triet Le, David Hin, Roland Croft, M. Ali Babar
    In Proceedings of the 36th International Conference on Automated Software Engineering (ASE)
    [PDF] [Video] [GitHub]

  • A Large-scale Study of Security Vulnerability Support on Developer Q&A Websites (2021)
    Triet Le, Roland Croft, David Hin, M. Ali Babar
    In Proceedings of the 25th International Conference on Evaluation and Assessment in Software Engineering (EASE)
    [PDF] [Video] [GitHub]

  • PUMiner: Mining Security Posts from Developer Question and Answer Websites with PU Learning (2020)
    Triet Le, David Hin, Roland Croft, M. Ali Babar
    In Proceedings of the 17th International Conference on Mining Software Repositories (MSR)
    [PDF] [Video] [GitHub]

Journal Papers

  • SmartValidator: A framework for automatic identification and classification of cyber threat data (2022)
    Chadni Islam, M. Ali Babar, Roland Croft, Helge Janicke
    Journal of Network and Computer Applications (JNCA)
    [PDF]

  • An Empirical Study of Developers’ Discussions about Security Challenges of Different Programming Languages (2022)
    Roland Croft, Yongzheng Xie, Mansooreh Zahedi, M. Ali Babar, Christoph Treude
    Empirical Software Engineering (EMSE)
    [PDF] [Video]

  • Data Preparation for Software Vulnerability Prediction: A Systematic Literature Review (2021)
    Roland Croft, Yongzheng Xie, M. Ali Babar
    Transactions on Software Engineering (TSE)
    [PDF]