From ab24e746c72d51e4bd42818f72f8339fcc83842e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jakub=20Nar=C4=99bski?= Date: Fri, 15 Dec 2023 20:19:06 +0100 Subject: [PATCH] Create CITATION.cff --- CITATION.cff | 77 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 77 insertions(+) create mode 100644 CITATION.cff diff --git a/CITATION.cff b/CITATION.cff new file mode 100644 index 0000000..61e4d1e --- /dev/null +++ b/CITATION.cff @@ -0,0 +1,77 @@ +cff-version: 1.2.0 +title: secret_life_of_CVEs +message: >- + Please cite this software using the metadata from + 'preferred-citation'. +type: software +authors: + - given-names: Mikołaj + family-names: Fejzer + email: mfejzer@mat.umk.pl + - given-names: Jakub + family-names: Narębski + email: jnareb@mat.umk.pl + - given-names: Piotr + family-names: Przymus + email: eror@mat.umk.pl + - given-names: Krzysztof + family-names: Stencel + email: stencel@mimuw.edu.pl +abstract: >- + This repository contains scripts to process and join data from the World of Code dataset + (see https://arxiv.org/abs/2010.16196) and CVE (Common Vulnerabilities and Exposures) dataset + (gathered using the cve-search project), that were used in the "The Secret Life of CVEs" + paper submission, accepted to MSR 2023 Challenge, and published as DOI:10.1109/MSR59073.2023.00056. + + Results were analyzed with the help of Jupyter Notebooks, available in the 'notebooks/' subdirectory. +license: MIT +preferred-citation: + type: conference-paper + authors: + - given-names: Mikołaj + family-names: Fejzer + email: mfejzer@mat.umk.pl + affiliation: >- + Faculty of Mathematics and Computer Science, + Nicolaus Copernicus University, Toruń, Poland + orcid: 'https://orcid.org/0000-0003-1496-2289' + - given-names: Jakub + family-names: Narębski + email: jnareb@mat.umk.pl + affiliation: >- + Faculty of Mathematics and Computer Science, + Nicolaus Copernicus University, Toruń, Poland + orcid: 'https://orcid.org/0000-0002-3296-3915' + - given-names: Piotr + family-names: Przymus + email: eror@mat.umk.pl + affiliation: >- + Faculty of Mathematics and Computer Science, + Nicolaus Copernicus University, Toruń, Poland + orcid: 'https://orcid.org/0000-0001-9548-2388' + - given-names: Krzysztof + family-names: Stencel + email: stencel@mimuw.edu.pl + affiliation: >- + Faculty of Mathematics, Informatics and Mechanics, + University of Warsaw, Warsaw, Poland + orcid: 'https://orcid.org/0000-0001-6356-4872' + title: "The Secret Life of CVEs" + journal: "2023 IEEE/ACM 20th International Conference on Mining Software Repositories (MSR)" + doi: "10.1109/MSR59073.2023.00056" + start: 362 # First page number + end: 366 # Last page number + year: 2023 + abstract: >- + The Common Vulnerabilities and Exposures (CVEs) system is a reference method for documenting + publicly known information security weaknesses and exposures. This paper presents a study + of the lifetime of CVEs in software projects and the risk factors affecting their existence. + The study uses survival analysis to examine how features of programming languages, projects, + and CVEs themselves impact the lifetime of CVEs. We suggest avenues for future research + to investigate the effect of various factors on the resolution of vulnerabilities. + conference: + name: "2023 IEEE/ACM 20th International Conference on Mining Software Repositories (MSR)" + date-start: "2023-05-15" + date-end: "2023-05-16" + city: Melbourne + country: AU