2022 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)最新文献_第3页

A Stochastic Petri net Model of Continuous Integration and Continuous Delivery 持续集成与持续交付的随机Petri网模型

2022 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW) Pub Date : 2022-10-01 DOI: 10.1109/ISSREW55968.2022.00050

Sushovan Bhadra

引用次数: 0

Autonomic ZTA-based Network Management Engine (AZNME) 基于zta的自主网络管理引擎(AZNME)

2022 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW) Pub Date : 2022-10-01 DOI: 10.1109/ISSREW55968.2022.00034

Cihan Tunc, James Durflinger, C. Mahmoudi, Valerio Formicola

引用次数: 0

Investigating Novel Approaches to Defend Software Supply Chain Attacks 研究防御软件供应链攻击的新方法

2022 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW) Pub Date : 2022-10-01 DOI: 10.1109/ISSREW55968.2022.00081

Md Jobair Hossain Faruk, Masrura Tasnim, H. Shahriar, Maria Valero, A. Rahman, Fan Wu

{"title":"Investigating Novel Approaches to Defend Software Supply Chain Attacks","authors":"Md Jobair Hossain Faruk, Masrura Tasnim, H. Shahriar, Maria Valero, A. Rahman, Fan Wu","doi":"10.1109/ISSREW55968.2022.00081","DOIUrl":"https://doi.org/10.1109/ISSREW55968.2022.00081","url":null,"abstract":"Software supply chain attacks occur during the processes of producing software is compromised, resulting in vulnerabilities that target downstream customers. While the number of successful exploits is limited, the impact of these attacks is significant. Despite increased awareness and research into software supply chain attacks, there is limited information available on mitigating or architecting for these risks, and existing information is focused on singular and independent elements of the supply chain. In this paper, we extensively review software supply chain security using software development tools and infrastructure. We investigate the path that attackers find is least resistant followed by adapting and finding the next best way to complete an attack. We also provide a thorough discussion on how common software supply chain attacks can be prevented, preventing malicious hackers from gaining access to an organization's development tools and infrastructure including the development environment. We considered various SSC attacks on stolen code-sign certificates by malicious attackers and prevented unnoticed malware from passing by security scanners. We are aiming to extend our research to contribute to preventing software supply chain attacks by proposing novel techniques and frameworks.","PeriodicalId":178302,"journal":{"name":"2022 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130613532","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 4

Investigating Bugs in AI-Infused Systems: Analysis and Proposed Taxonomy

2022 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW) Pub Date : 2022-10-01 DOI: 10.1109/ISSREW55968.2022.00094

M. Kassab, J. Defranco, P. Laplante

引用次数: 1

ISSRE 2022 Fast Abstracts Track Committee: ISSREW 2022 快速摘要跟踪委员会:ISSREW 2022

2022 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW) Pub Date : 2022-10-01 DOI: 10.1109/issrew55968.2022.00011

引用次数: 0

An unsupervised approach to discover filtering rules from diagnostic logs 从诊断日志中发现过滤规则的无监督方法

2022 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW) Pub Date : 2022-10-01 DOI: 10.1109/ISSREW55968.2022.00030

M. Cinque, Raffaele Della Corte, Giorgio Farina, Stefano Rosiello

引用次数: 0

Message from the IWSF & SHIFT 2022 Chairs: ISSREW 2022 来自IWSF和SHIFT 2022主席的信息:ISSREW 2022

2022 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW) Pub Date : 2022-10-01 DOI: 10.1109/issrew55968.2022.00021

引用次数: 0

WoSoCer 2022 Workshop Committee: ISSREW 2022 2022年世界足球锦标赛工作坊委员会:ISSREW 2022

2022 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW) Pub Date : 2022-10-01 DOI: 10.1109/issrew55968.2022.00016

引用次数: 0

RAIS 2022 Workshop Committee: ISSREW 2022 RAIS 2022工作坊委员会:ISSREW 2022

2022 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW) Pub Date : 2022-10-01 DOI: 10.1109/issrew55968.2022.00027

引用次数: 0

Detecting and Defending CSRF at API-Level 在api级检测和防御CSRF

2022 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW) Pub Date : 2022-10-01 DOI: 10.1109/ISSREW55968.2022.00043

Shun Wang, Chao Ni, Jianbo Wang, Changhai Nie

引用次数: 0