Stephan Neuhaus scite author profile

Where do most vulnerabilities occur in software? Our Vulture tool automatically mines existing vulnerability databases and version archives to map past vulnerabilities to components. The resulting ranking of the most vulnerable components is a perfect base for further investigations on what makes components vulnerable.In an investigation of the Mozilla vulnerability history, we surprisingly found that components that had a single vulnerability in the past were generally not likely to have further vulnerabilities. However, components that had similar imports or function calls were likely to be vulnerable.Based on this observation, we were able to extend Vulture by a simple predictor that correctly predicts about half of all vulnerable components, and about two thirds of all predictions are correct. This allows developers and project managers to focus their their efforts where it is needed most: "We should look at nsXPInstallManager because it is likely to contain yet unknown vulnerabilities."

show abstract

A Novel Lubricant Based on Covalent Functionalized Graphene Oxide Quantum Dots

Wolk

Rosenthal

Neuhaus

et al. 2018

Sci Rep

View full text Add to dashboard Cite

Dodecyl amine edge functionalized few-layer graphene oxide quantum dots were synthesized in good yields. The covalent functionalization was demonstrated with NMR and AFM-IR. The resulting structure and particle size was measured with AFM and HRTEM. The thermal stability of the compound was investigated and showed a stability of up to 220 °C. The modified graphene oxide quantum dots showed excellent solubility in various organic solvents, including ethers, methanol, toluene, n-hexane, heptane, xylene, dichloromethane and toluene. The stability of a resulting toluene solution was also proven by static light scattering measurements over several days. The excellent solubility gives the possibility of an efficient and fast spray application of the functionalized graphene oxide quantum dots to steel surfaces. Hence, the macroscopic friction behavior was investigated with a Thwing-Albert FP-2250 friction tester. A thin film of the dodecyl amine functionalized graphene oxide quantum dots on steel lowered the friction coefficient from 0.17 to 0.11 and revealed a significant corrosion inhibition effect.

show abstract

Security Trend Analysis with CVE Topic Models

Neuhaus

Zimmermann

2010

View full text Add to dashboard Cite

show abstract

After-Life Vulnerabilities: A Study on Firefox Evolution, Its Vulnerabilities, and Fixes

Massacci¹,

Neuhaus²,

Nguyễn³

2011

View full text Add to dashboard Cite

xESB: An Enterprise Service Bus for Access and Usage Control Policy Enforcement

Gheorghe

Neuhaus

Crispo

2010

View full text Add to dashboard Cite

Enforcing complex policies that span organizational domains is an open challenge. Current work on SOA policy enforcement splits security in logical components that can be distributed across domains, but does not offer any concrete solution to integrate this security functionality so that it works across security services for organization-wide policies. In this paper, we propose xESB, an enhanced version of an Enterprise Message Bus (ESB), where we monitor and enforce preventive and reactive policies, both for access control and usage control policies, and both inside one domain and between domains. In addition, we introduce indicators that help SOA administrators assess the effectiveness of their policies. Our performance measurements show that policy enforcement at the ESB level comes with only moderate penalties.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Stephan Neuhaus

Predicting vulnerable software components

A Novel Lubricant Based on Covalent Functionalized Graphene Oxide Quantum Dots

Security Trend Analysis with CVE Topic Models

After-Life Vulnerabilities: A Study on Firefox Evolution, Its Vulnerabilities, and Fixes

xESB: An Enterprise Service Bus for Access and Usage Control Policy Enforcement

Contact Info

Product

Resources

About