SCIENCE CHINA Information Sciences, Volume 62 , Issue 1 : 019102(2019) https://doi.org/10.1007/s11432-017-9459-5

How security bugs are fixed and what can be improved: an empirical study with Mozilla

More info
  • ReceivedNov 20, 2017
  • AcceptedMar 30, 2018
  • PublishedDec 17, 2018


There is no abstract available for this article.


This work was supported partially by Natural Science Foundation of China (Grant Nos. 61872312, 61402396, 61611540347, 61472344), Jiangsu Qin Lan Project, China Postdoctoral Science Foundation (Grant No. 2015M571489), and Natural Science Foundation of Yangzhou City (Grant No. YZ2017113).


[1] Viega J, McGraw G. Building Secure Software: How to Avoid Security Problems the Right Way. 1st ed. London: Addison-Wesley, 2011. Google Scholar

[2] Cai Y, Jia C, Wu S. ASN: A Dynamic Barrier-Based Approach to Confirmation of Deadlocks from Warnings for Large-Scale Multithreaded Programs. IEEE Trans Parallel Distrib Syst, 2015, 26: 13-23 CrossRef Google Scholar

[3] Cai Y, Chan W K. Magiclock: Scalable Detection of Potential Deadlocks in Large-Scale Multithreaded Programs. IIEEE Trans Software Eng, 2014, 40: 266-281 CrossRef Google Scholar

[4] Shar L K, Tan H B K, Briand L C. Mining SQL injection and cross site scripting vulnerabilities using hybrid program analysis. In: Proceedings of the 35th International Conference on Software Engineering, San Francisco, 2013. 642--651. Google Scholar

[5] Felderer M, Büchler M, Johns M, et al. Chapter one - security testing: a survey. Adv Comput, 2016, 101: 1--51. Google Scholar

[6] Cai Y, Lu Q. Dynamic Testing for Deadlocks via Constraints. IIEEE Trans Software Eng, 2016, 42: 825-842 CrossRef Google Scholar

[7] Cai Y, Cao L. Fixing deadlocks via lock pre-acquisitions. In: Proceedings of the 38th International Conference on Software Engineering, Austin, 2016. 1109--1120. Google Scholar

[8] Wang L, Sun X, Wang J, et al. Construct bug knowledge graph for bug resolution: poster. In: Proceedings of IEEE/ACM International Conference on Software Engineering, 2017. 189--191. Google Scholar

[9] Zaman S, Adams B, Hassan A E. Security versus performance bugs: a case study on firefox. In: Proceedings of the 8th Working Conference on Mining Software Repositories, New York, 2011. 93--102. Google Scholar


Contact and support