| Software Security Metrics |
|
| An Investigation of Scientific Principles Involved in Software Security Engineering |
|
| Let's Play Poker: Effort and Software Security Risk Estimation in Software Engineering |
|
| Log Your CRUD: Design Principles for Software Logging Mechanisms |
|
| Access Control Policy Evolution: An Empirical Study (poster) |
|
| An Analysis of Fedora Security Profile (poster) |
|
| Access Control Policy Evolution: An Empirical Study (slides) |
|
| An Analysis of Fedora Security Profile (slides) |
|
| Lablet Summaries NCSU.pdf |
|
| Vulnerability and Resilience Prediction Models |
|
| Challenges with Applying Vulnerability Prediction Models |
|
| Enabling Forensics by Proposing Heuristics to Identify Mandatory Log Events |
|
| Building a Security Practices Evaluation Framework |
|
| Approximating Attack Surfaces with Stack Traces - May 2015 |
|
| NCSU Lablet Summary - July 2015 |
|
| Surveying Security Practice Adherence in Software Development |
|
| Advanced Metrics for Risk-Based Attack Surface Approximation |
|
| Exploring Defect Categories for Infrastructure as Code |
|
| 2017_MOBILESOFT.pdf |
|
| 2017_RCOSE.pdf |
|
| CameraReady_RandomSampling.pdf |
|
| NCSU Lablet Homepage |
|
| theisen_coverage_bp_rework.pdf |
|
| Science of Security Hard Problems: A Lablet Perspective |
|
| Software Security Metrics |
|