VulinOSS: A Dataset of Security Vulnerabilities in Open-source Systems

Published in ACM Mining Software Repositories conference (MSR'18), 2018

Recommended citation: Antonios Gkortzis, Dimitris Mitropoulos, Diomidis Spinellis. "VulinOSS: A Dataset of Security Vulnerabilities in Open-source Systems." ACM Mining Software Repositories conference (MSR'18). https://antonisgkortzis.github.io/files/GMS_MSR_18.pdf

Abstract

Examining the different characteristics of open-source software in relation to security vulnerabilities, can provide the research community with findings that can lead to the development of more secure systems. We present a dataset where the reported vulnerabilities of 8694 open-source project versions, can be correlated with the corresponding source code and a number of software metrics. The metrics were obtained by analyzing the project’s source code via well-established tools. Apart from commonly used metrics (e.g. loc), we also provide data related to modern development trends such as continuous integration and testing. We outline motivational examples based on the dataset we describe.

Download paper here