Differences

This shows you the differences between two versions of the page.

--- datasets [2016/03/22 10:06] – [How to Access the Data] luca.allodi@unitn.it
+++ datasets [2021/01/29 10:58] (current) – external edit 127.0.0.1
@@ Line 19: / Line 19: @@
   * **ASV** Vulnerabilities of the Safari Web Browser extracted from the Apple Knowledge Base and integrated with the NVD to reconstruct affected versions.
   * **ESEJ** is the list of vulnerabilities in Google Chrome and Mozilla Firefox along with ranges of major versions affected by each vulnerability. For each vulnerability, the dataset contains two affected version ranges: (1) vulnerable versions according to the NVD (“version X and all previous versions”); (2) vulnerable versions based on the vulnerable code evidence (identified by our algorithm).
+  * **COMPR**ehension is a dataset collected in a series of controlled experiments on Model Comprehension for Security Risk Assessment.
+  * **Delta-Bench** collects revisions of Apache Tomcat 6.0 - 8.5 with security fixes of various CVEs.
 ==== How to Access the Data  ====
   - Write us at <security-dataREMOVESPAM@disi.unitn.it> to see if the data is what you actually want (the email alias will expand to the researchers who worked on the datasets);
   - Specify the initial purpose for which you would like to use the data (this will go in the formal licence and in the web page with your name attached to it);
-  - We will fill the licensing agreement {{:unitn_license_v4.0.pdf|(License template)}} with your data and the head of department (or a tenured full professor of department) should sign it;
+  - We will fill the licensing agreement {{:unitn_license_v4.0.pdf|(see uncompiled license)}} with your data and the head of department (or a tenured full professor of department) should sign it;
   - We will return the signed copy of the agreement and the excel file;
   - Report to us at <security-dataREMOVESPAM@disi.unitn.it> the publications based on the data which should be include the citation to our appropriate paper;
@@ Line 60: / Line 62: @@
     * Investigation on which CVEs are exploited by malicious exploit kits. [Scientist in charge: Aaron Powell]
-. **MIT Sloan School of Management **
+. **MIT Sloan School of Management (Massachusetts Institute of Technology) **
     * Evaluation of security practice use in relation to how and when vulnerabilities are discovered and resolved in software development projects; evolution of the vulnerability discovery and resolution process over time in software development projects.[Scientists in charge: Stuart Madnick, Michael Siegel, James Houghton].
@@ Line 67: / Line 69: @@
   * Investigating the probability that a given vulnerability will be exploited as a function of (a) its CVSS base score as well as (b) other possible markers which are available at the time the vulnerability is first noted.
+. ** NCSU (North Carolina State University)**
+  * Evaluation of security practice use in relation to how and when vulnerabilities are discovered and resolved in software development projects; evolution of the vulnerability discovery and resolution process over time in so[Users] ftware development projects [Scientists in charge: Laurie Williams, Patrick Morrison, Rahul Pandita]
+. ** ECNU (East China Normal University) **
+  *   Research on building vulnerability prediction models and comparing the experimental results with previous studies conducted by DISI Security Research Group [Scientists in charge: Xiangxue Li, Liang He, Limin Yang]
+. ** GWU (George Washington University) **
+  * Dissertation research regarding vulnerability discovery modeling [Scientists in charge: Reuben Johnston, Thomas Mazzuchi].
+. ** IIIT-Delhi (Indraprastha Institute of Information Technology, Delhi) **
+  * Understanding and predicting vulnerabilities by leveraging online contents (Scientists in charge: Baani Leen Kaur Jolly, Tanmoy Chakraborty)