Dimitris
22 records found
1
Authored
A Replication Package for PyCG
Practical Call Graph Generation in Python
Well-typed programs can go wrong
A study of typing-related bugs in JVM compilers
Despite the substantial progress in compiler testing, research endeavors have mainly focused on detecting compiler crashes and subtle miscompilations caused by bugs in the implementation of compiler optimizations. Surprisingly, this growing body of work neglects other compiler ...
Incremental and parallel builds are crucial features of modern build systems. Parallelism enables fast builds by running independent tasks simultaneously, while incrementality saves time and computing resources by processing the build operations that were affected by a particu ...
Puppet is a popular computer system configuration management tool. By providing abstractions that model system resources it allows administrators to set up computer systems in a reliable, predictable, and documented fashion. Its use suffers from two potential pitfalls. First, ...
PDGuard
An architecture for the control and secure processing of personal data
Online personal data are rarely, if ever, effectively controlled by the users they concern. Worse, as demonstrated by the numerous leaks reported each week, the organizations that store and process them fail to adequately safeguard the required confidentiality. In this paper, ...
Time present and time past
Analyzing the evolution of javascript code in the wild
JavaScript is one of the web's key building blocks. It is used by the majority of web sites and it is supported by all modern browsers. We present the first large-scale study of client-side JavaScript code over time. Specifically, we have collected and analyzed a dataset conta ...
VulinOSS
A dataset of security vulnerabilities in open-source systems
Examining the different characteristics of open-source software in relation to security vulnerabilities, can provide the research community with findings that can lead to the development of more secure systems. We present a dataset where the reported vulnerabilities of 8694 op ...
Fatal injection
A survey of modern code injection attack countermeasures
With a code injection attack (CIA) an attacker can introduce malicious code into a computer program or system that fails to properly encode data that comes from an untrusted source. A CIA can have different forms depending on the execution context of the application and the lo ...
How to train your browser
Preventing XSS attacks using contextual script fingerprints
Programs draw significant parts of their functionality through the use of Application Programming Interfaces (APIs). Apart from the way developers incorporate APIs in their software, the stability of these programs depends on the design and implementation of the APIs. In this ...
J% is an extension of the Java programming language that efficiently supports the integration of domain-specific languages. In particular, J% allows the embedding of domain-specific language code into Java programs in a syntax-checked and type-safe manner. This paper presents ...
Examining a large number of software artifacts can provide the research community with data regarding quality and design. We present a dataset obtained by statically analyzing 22730 jar files taken from the Maven central archive, which is the de-facto application library repos ...
TRACER
A platform for securing legacy code
Dismal code
Studying the evolution of security bugs
Modern programs depend on apis to implement a significant part of their functionality. Apart from the way developers use apis to build their software, the stability of these programs relies on the apis design and implementation. In this work, we evaluate the reliability of api ...