@article{MTMT:34499877, title = {Known Vulnerabilities of Open Source Projects: Where Are the Fixes?}, url = {https://m2.mtmt.hu/api/publication/34499877}, author = {Sabetta, Antonino and Ponta, Serena Elisa and Lozoya, Rocio Cabrera and Bezzi, Michele and Sacchetti, Tommaso and Greco, Matteo and Balogh, Gergő and Hegedűs, Péter and Ferenc, Rudolf and Paramitha, Ranindya and Pashchenko, Ivan and Papotti, Aurora and Milánkovich, Ákos and Massacci, Fabio}, doi = {10.1109/MSEC.2023.3343836}, journal-iso = {IEEE SECUR PRIV}, journal = {IEEE SECURITY & PRIVACY}, unique-id = {34499877}, issn = {1540-7993}, year = {2024}, eissn = {1558-4046}, orcid-numbers = {Sabetta, Antonino/0000-0003-3506-8374; Ponta, Serena Elisa/0000-0002-6208-4743; Lozoya, Rocio Cabrera/0000-0001-8911-7392; Bezzi, Michele/0000-0003-2084-0675; Balogh, Gergő/0000-0002-6781-5453; Hegedűs, Péter/0000-0003-4592-6504; Ferenc, Rudolf/0000-0001-8897-7403; Paramitha, Ranindya/0000-0002-6682-4243; Pashchenko, Ivan/0000-0001-8202-576X; Papotti, Aurora/0000-0003-3207-7662; Massacci, Fabio/0000-0002-1091-8486} } @article{MTMT:34448268, title = {CrySyS dataset of CAN traffic logs containing fabrication and masquerade attacks}, url = {https://m2.mtmt.hu/api/publication/34448268}, author = {Gazdag, András Gábor and Ferenc, Rudolf and Buttyán, Levente}, doi = {10.1038/s41597-023-02716-9}, journal-iso = {SCI DATA}, journal = {SCIENTIFIC DATA}, volume = {10}, unique-id = {34448268}, abstract = {Despite their known security shortcomings, Controller Area Networks are widely used in modern vehicles. Research in the field has already proposed several solutions to increase the security of CAN networks, such as using anomaly detection methods to identify attacks. Modern anomaly detection procedures typically use machine learning solutions that require a large amount of data to be trained. This paper presents a novel CAN dataset specifically collected and generated to support the development of machine learning based anomaly detection systems. Our dataset contains 26 recordings of benign network traffic, amounting to more than 2.5 hours of traffic. We performed two types of attack on the benign data to create an attacked dataset representing most of the attacks previously proposed in the academic literature. As a novelty, we performed all attacks in two versions, modifying either one or two signals simultaneously. Along with the raw data, we also publish the source code used to generate the attacks to allow easy customization and extension of the dataset. © 2023, The Author(s).}, year = {2023}, eissn = {2052-4463}, orcid-numbers = {Gazdag, András Gábor/0000-0002-4481-3308; Ferenc, Rudolf/0000-0001-8897-7403} } @{MTMT:34066580, title = {An AST-Based Code Change Representation and Its Performance in Just-in-Time Vulnerability Prediction}, url = {https://m2.mtmt.hu/api/publication/34066580}, author = {Aladics, Tamás and Hegedűs, Péter and Ferenc, Rudolf}, booktitle = {Software Technologies}, doi = {10.1007/978-3-031-37231-5_8}, unique-id = {34066580}, year = {2023}, pages = {169-186}, orcid-numbers = {Hegedűs, Péter/0000-0003-4592-6504; Ferenc, Rudolf/0000-0001-8897-7403} } @article{MTMT:33695960, title = {Is JavaScript Call Graph Extraction Solved Yet? A Comparative Study of Static and Dynamic Tools}, url = {https://m2.mtmt.hu/api/publication/33695960}, author = {Antal, Gábor and Hegedűs, Péter and Herczeg, Zoltán and Lóki, Gábor and Ferenc, Rudolf}, doi = {10.1109/ACCESS.2023.3255984}, journal-iso = {IEEE ACCESS}, journal = {IEEE ACCESS}, volume = {11}, unique-id = {33695960}, issn = {2169-3536}, year = {2023}, eissn = {2169-3536}, pages = {25266-25284}, orcid-numbers = {Hegedűs, Péter/0000-0003-4592-6504; Lóki, Gábor/0000-0002-2843-827X; Ferenc, Rudolf/0000-0001-8897-7403} } @inproceedings{MTMT:33573801, title = {Don't DIY: Automatically transform legacy Python code to support structural pattern matching}, url = {https://m2.mtmt.hu/api/publication/33573801}, author = {Rozsa, Balazs and Antal, Gábor and Ferenc, Rudolf}, booktitle = {Proceedings of the 22nd IEEE International Working Conference on Source Code Analysis and Manipulation}, doi = {10.1109/SCAM55253.2022.00024}, unique-id = {33573801}, year = {2022}, pages = {164-169}, orcid-numbers = {Ferenc, Rudolf/0000-0001-8897-7403} } @inproceedings{MTMT:33550532, title = {An End-to-End Framework for Repairing Potentially Vulnerable Source Code}, url = {https://m2.mtmt.hu/api/publication/33550532}, author = {Jász, Judit and Hegedűs, Péter and Milánkovich, Ákos and Ferenc, Rudolf}, booktitle = {Proceedings of the 22nd IEEE International Working Conference on Source Code Analysis and Manipulation}, doi = {10.1109/SCAM55253.2022.00034}, unique-id = {33550532}, year = {2022}, pages = {242-247}, orcid-numbers = {Jász, Judit/0000-0001-6176-9401; Hegedűs, Péter/0000-0003-4592-6504; Milánkovich, Ákos/0000-0002-8954-7605; Ferenc, Rudolf/0000-0001-8897-7403} } @article{MTMT:33547978, title = {Static Call Graph Combination to Simulate Dynamic Call Graph Behavior}, url = {https://m2.mtmt.hu/api/publication/33547978}, author = {Ságodi, Zoltán and Pengő, Edit and Jász, Judit and Siket, István and Ferenc, Rudolf}, doi = {10.1109/ACCESS.2022.3229182}, journal-iso = {IEEE ACCESS}, journal = {IEEE ACCESS}, volume = {10}, unique-id = {33547978}, issn = {2169-3536}, year = {2022}, eissn = {2169-3536}, pages = {131829-131840}, orcid-numbers = {Pengő, Edit/0000-0002-4500-8693; Jász, Judit/0000-0001-6176-9401; Siket, István/0000-0003-4064-1489; Ferenc, Rudolf/0000-0001-8897-7403} } @article{MTMT:33038183, title = {A Line-Level Explainable Vulnerability Detection Approach for Java}, url = {https://m2.mtmt.hu/api/publication/33038183}, author = {Mosolygó, Balázs and Vándor, Norbert Rudolf and Hegedűs, Péter and Ferenc, Rudolf}, doi = {10.1007/978-3-031-10542-5_8}, journal-iso = {LECT NOTES COMPUT SC}, journal = {LECTURE NOTES IN COMPUTER SCIENCE}, volume = {13380}, unique-id = {33038183}, issn = {0302-9743}, year = {2022}, eissn = {1611-3349}, pages = {106-122}, orcid-numbers = {Mosolygó, Balázs/0000-0003-2166-4255; Hegedűs, Péter/0000-0003-4592-6504; Ferenc, Rudolf/0000-0001-8897-7403} } @inproceedings{MTMT:33036709, title = {A Vulnerability Introducing Commit Dataset for Java: An Improved SZZ based Approach}, url = {https://m2.mtmt.hu/api/publication/33036709}, author = {Aladics, Tamás and Hegedűs, Péter and Ferenc, Rudolf}, booktitle = {Proceedings of the 17th International Conference on Software Technologies}, doi = {10.5220/0011275200003266}, unique-id = {33036709}, year = {2022}, pages = {68-78}, orcid-numbers = {Hegedűs, Péter/0000-0003-4592-6504; Ferenc, Rudolf/0000-0001-8897-7403} } @article{MTMT:32863084, title = {Static Code Analysis Alarms Filtering Reloaded: A New Real-World Dataset and its ML-Based Utilization}, url = {https://m2.mtmt.hu/api/publication/32863084}, author = {Hegedűs, Péter and Ferenc, Rudolf}, doi = {10.1109/ACCESS.2022.3176865}, journal-iso = {IEEE ACCESS}, journal = {IEEE ACCESS}, volume = {10}, unique-id = {32863084}, issn = {2169-3536}, year = {2022}, eissn = {2169-3536}, pages = {55090-55101}, orcid-numbers = {Hegedűs, Péter/0000-0003-4592-6504; Ferenc, Rudolf/0000-0001-8897-7403} }