M. Jiménez scite author profile

Previous work on vulnerability prediction assume that predictive models are trained with respect to perfect labelling information (includes labels from future, as yet undiscovered vulnerabilities). In this paper we present results from a comprehensive empirical study of 1,898 real-world vulnerabilities reported in 74 releases of three security-critical open source systems (Linux Kernel, OpenSSL and Wiresark). Our study investigates the effectiveness of three previously proposed vulnerability prediction approaches, in two settings: with and without the unrealistic labelling assumption. The results reveal that the unrealistic labelling assumption can profoundly mislead the scientific conclusions drawn; suggesting highly effective and deployable prediction results vanish when we fully account for realistically available labelling in the experimental methodology. More precisely, MCC mean values of predictive effectiveness drop from 0.77, 0.65 and 0.43 to 0.08, 0.22, 0.10 for Linux Kernel, OpenSSL and Wiresark, respectively. Similar results are also obtained for precision, recall and other assessments of predictive efficacy. The community therefore needs to upgrade experimental and empirical methodology for vulnerability prediction evaluation and development to ensure robust and actionable scientific findings. CCS CONCEPTS • Software and its engineering → Software defect analysis.

show abstract

An Architecture to Support the Collection of Big Data in the Internet of Things

Cecchinel

Jiménez

Mosser

et al. 2014

127

View full text Add to dashboard Cite

International audienceThe Internet of Things (IoT) relies on physical objects interconnected between each others, creating a mesh of devices producing information. In this context, sensors are surrounding our environment (e.g., cars, buildings, smartphones) and continuously collect data about our living environment. Thus, the IoT is a prototypical example of Big Data. The contribution of this paper is to define a software architecture supporting the collection of sensor-based data in the context of the IoT. The architecture goes from the physical dimension of sensors to the storage of data in a cloud-based system. It supports Big Data research effort as its instantiation supports a user while collecting data from the IoT for experimental or production purposes. The results are instantiated and validated on a project named SMARTCAMPUS, which aims to equip the SophiaTech campus with sensors to build innovative applications that supports end-users

show abstract

Analyzing Complex Data in Motion at Scale with Temporal Graphs

Hartmann¹,

Fouquet²,

Jiménez³

et al. 2017

View full text Add to dashboard Cite

Abstract-Modern analytics solutions succeed to understand and predict phenomenons in a large diversity of software systems, from social networks to Internet-of-Things platforms. This success challenges analytics algorithms to deal with more and more complex data, which can be structured as graphs and evolve over time. However, the underlying data storage systems that support large-scale data analytics, such as time-series or graph databases, fail to accommodate both dimensions, which limits the integration of more advanced analysis taking into account the history of complex graphs, for example. This paper therefore introduces a formal and practical definition of temporal graphs. Temporal graphs provide a compact representation of time-evolving graphs that can be used to analyze complex data in motion. In particular, we demonstrate with our open-source implementation, named GREYCAT, that the performance of temporal graphs allows analytics solutions to deal with rapidly evolving large-scale graphs.

show abstract

Vulnerability Prediction Models: A Case Study on the Linux Kernel

Jiménez

Papadakis

Traon

2016

View full text Add to dashboard Cite

Abstract-To assist the vulnerability identification process, researchers proposed prediction models that highlight (for inspection) the most likely to be vulnerable parts of a system. In this paper we aim at making a reliable replication and comparison of the main vulnerability prediction models. Thus, we seek for determining their effectiveness, i.e., their ability to distinguish between vulnerable and non-vulnerable components, in the context of the Linux Kernel, under different scenarios. To achieve the above-mentioned aims, we mined vulnerabilities reported in the National Vulnerability Database and created a large dataset with all vulnerable components of Linux from 2005 to 2016. Based on this, we then built and evaluated the prediction models. We observe that an approach based on the header files included and on function calls performs best when aiming at future vulnerabilities, while text mining is the best technique when aiming at random instances. We also found that models based on code metrics perform poorly. We show that in the context of the Linux kernel, vulnerability prediction models can be superior to random selection and relatively precise. Thus, we conclude that practitioners have a valuable tool for prioritizing their security inspection efforts.

show abstract

Inhibitory Effect of Piquerol A on the Growth of Epimastigotes ofTrypanosoma cruzi

Castro¹,

Jiménez²,

Parra³

1992

Planta Med

View full text Add to dashboard Cite

show abstract

[Engineering Paper] Enabling the Continuous Analysis of Security Vulnerabilities with VulData7

Jiménez

Traon

Papadakis

2018

View full text Add to dashboard Cite

Autosomal dominant inheritance in adiposis dolorosa (Dercum's disease)

et al. 1973

View full text Add to dashboard Cite

Inhibition of Oxygen Evolution by Cacalol and Its Derivatives

Lotina‐Hennsen

Roque-Reséndiz

Jiménez

et al. 1991

View full text Add to dashboard Cite

The inhibition of ATP synthesis, proton uptake and electron transport (basal, phosphory-lating and uncoupled) from water to methylviologen indicates that cacalol and its derivatives act as electron transport inhibitors. Since on one hand photosystem I is not affected and electron transport from DPC to QA is midly affected and on the other hand the electron transport from water to DCIP, and water to silicomolibdate are inhibited, we conclude that the site of inhibition of cacalol is located at the oxygen evolution level. Cacalol derivatives inhibit electron flow between P680 to QA and probably also the QB site.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

334 Leonard St

Brooklyn, NY 11211

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

M. Jiménez

The importance of accounting for real-world labelling when predicting software vulnerabilities

An Architecture to Support the Collection of Big Data in the Internet of Things

Analyzing Complex Data in Motion at Scale with Temporal Graphs

Vulnerability Prediction Models: A Case Study on the Linux Kernel

Inhibitory Effect of Piquerol A on the Growth of Epimastigotes ofTrypanosoma cruzi

[Engineering Paper] Enabling the Continuous Analysis of Security Vulnerabilities with VulData7

Autosomal dominant inheritance in adiposis dolorosa (Dercum's disease)

Inhibition of Oxygen Evolution by Cacalol and Its Derivatives

Contact Info

Product

Resources

About