A large-scale empirical study of security patches
… We did not consider using patch characteristics (such as those explored in Section 5.2) as
features as we aimed to understand how security and non-security bug fixes differed along …
features as we aimed to understand how security and non-security bug fixes differed along …
How long do vulnerabilities live in the code? a {Large-Scale} empirical measurement study on {FOSS} vulnerability lifetimes
… that vulnerability lifetimes and their types are correlated. In our study, we focus on how
lifetimes differ … Thus, we believe vulnerability lifetime to be a promising software security metric. …
lifetimes differ … Thus, we believe vulnerability lifetime to be a promising software security metric. …
[PDF][PDF] Amit Levy
K Cook - 2017 - usenix.org
… Kees Cook has written about security improvements to the Linux kernel. Kees works on the
… With the average lifetime of security bugs being five years [2], kernel development needs to …
… With the average lifetime of security bugs being five years [2], kernel development needs to …