Title:
Automated Vulnerability Repair for Java: from Challenges to Innovation
Abstract:
The goal of Automatic Vulnerability Repair (AVR) techniques is produce patches for software vulnerabilities, while keeping the human intervention to a minimum. This sounds great, in theory. In practice, the state of the art has still a long way to go, especially when it comes to the Java programming language. An obstacle for researchers, in this context, is the lack of large datasets to develop and test new techniques. This talk will provide an overview of existing techniques and discuss how to benchmark the performance of these approaches. Furthermore, we will discuss the potential of a novel technique that mimic the activity of human developers and leverage the potential of machine learning. Finally, we will discuss how repository mining techniques could come to the rescue of researchers and be employed to create larger, better datasets.
Bio:
Riccardo Scandariato received his PhD in Computer Science in 2004 from Politecnico di Torino, Italy. In his academic career he had the opportunity to work in several countries, including the United States (University of Virginia, 2003), Italy (Politecnico di Torino, 2004-2005), Belgium (KU Leuven, 2006-2014) and Sweden (University of Gothenburg, 2014-2020). Since late 2020, He is the head of the Institute of Software Security at the Hamburg University of Technology (TUHH), in Germany.
Speaker:
Prof. Riccardo Scandariato
Head of the Institute of Software Security
Hamburg University of Technology (TUHH)
Friday, July 05, 2024
12:00 - 13:30 CEST
Room: Online (Webex)
and
ITSC meeting room, building 64, 1st floor, room 035