Serena Elisa Ponta

57 papers A* 2A 12B 2C 4Journal 27Unranked 10

Year	Rank	Type	Title / Venue / Authors
2026	J	`jnl`	Uncovering Hidden Inclusions of Vulnerable Dependencies in Real-World Java Projects. CoRR Stefan Schott, Serena Elisa Ponta, Wolfram Fischer, Jonas Klauke, Eric Bodden
2025	—	`conf`	A First Appraisal of NIS2 and CRA Compliance Leveraging Open Source Tools. REW Giovanni Corti, Gianluca Sassetti, Amir Sharif, Serena Elisa Ponta, Matteo Rizzi, Pietro De Matteis, Luca Piras, Roberto Carbone, Silvio Ranise
2025	J	`jnl`	A Soundness and Precision Benchmark for Java Debloating Tools. CoRR Jonas Klauke, Tom Ohlmer, Stefan Schott, Serena Elisa Ponta, Wolfram Fischer, Eric Bodden
2025	J	`jnl`	Bytecode-centric Detection of Known-to-be-vulnerable Dependencies in Java Projects. CoRR Stefan Schott, Serena Elisa Ponta, Wolfram Fischer, Jonas Klauke, Eric Bodden
2025	A	`conf`	One Detector Fits All: Robust and Adaptive Detection of Malicious Packages from PyPI to Enterprises. ACSAC Biagio Montaruli, Luca Compagna, Serena Elisa Ponta, Davide Balzarotti
2025	J	`jnl`	One Detector Fits All: Robust and Adaptive Detection of Malicious Packages from PyPI to Enterprises. CoRR Biagio Montaruli, Luca Compagna, Serena Elisa Ponta, Davide Balzarotti
2025	J	`jnl`	SourceBroken: A large-scale analysis on the (un)reliability of SourceRank in the PyPI ecosystem. CoRR Biagio Montaruli, Serena Elisa Ponta, Luca Compagna, Davide Balzarotti
2024	A	`conf`	Compilation of Commit Changes Within Java Source Code Repositories. ICSME Stefan Schott, Wolfram Fischer, Serena Elisa Ponta, Jonas Klauke, Eric Bodden
2024	J	`jnl`	Compilation of Commit Changes within Java Source Code Repositories. CoRR Stefan Schott, Wolfram Fischer, Serena Elisa Ponta, Jonas Klauke, Eric Bodden
2024	J	`jnl`	Java Bytecode Normalization for Code Similarity Analysis (Artifact). Dagstuhl Artifacts Ser. Stefan Schott, Serena Elisa Ponta, Wolfram Fischer, Jonas Klauke, Eric Bodden
2024	A	`conf`	Java Bytecode Normalization for Code Similarity Analysis. ECOOP Stefan Schott, Serena Elisa Ponta, Wolfram Fischer, Jonas Klauke, Eric Bodden
2024	J	`jnl`	Known Vulnerabilities of Open Source Projects: Where Are the Fixes? IEEE Secur. Priv. Antonino Sabetta, Serena Elisa Ponta, Rocío Cabrera Lozoya, Michele Bezzi, Tommaso Sacchetti, Matteo Greco, Gergö Balogh, Péter Hegedüs, Rudolf Ferenc, Ranindya Paramitha, Ivan Pashchenko, Aurora Papotti, Ákos Milánkovich, Fabio Massacci
2023	J	`jnl`	Journey to the Center of Software Supply Chain Attacks. CoRR Piergiorgio Ladisa, Serena Elisa Ponta, Antonino Sabetta, Matias Martinez, Olivier Barais
2023	J	`jnl`	Journey to the Center of Software Supply Chain Attacks. IEEE Secur. Priv. Piergiorgio Ladisa, Serena Elisa Ponta, Antonino Sabetta, Matias Martinez, Olivier Barais
2023	A	`conf`	On the Feasibility of Cross-Language Detection of Malicious Packages in npm and PyPI. ACSAC Piergiorgio Ladisa, Serena Elisa Ponta, Nicola Ronzoni, Matias Martinez, Olivier Barais
2023	J	`jnl`	On the Feasibility of Cross-Language Detection of Malicious Packages in npm and PyPI. CoRR Piergiorgio Ladisa, Serena Elisa Ponta, Nicola Ronzoni, Matias Martinez, Olivier Barais
2023	—	`conf`	The Hitchhiker's Guide to Malicious Third-Party Dependencies. SCORED@CCS Piergiorgio Ladisa, Merve Sahin, Serena Elisa Ponta, Marco Rosa, Matias Martinez, Olivier Barais
2023	J	`jnl`	The Hitchhiker's Guide to Malicious Third-Party Dependencies. CoRR Piergiorgio Ladisa, Merve Sahin, Serena Elisa Ponta, Marco Rosa, Matias Martinez, Olivier Barais
2022	C	`conf`	Identifying Challenges for OSS Vulnerability Scanners - A Study & Test Suite (Short Summary). Software Engineering Andreas Dann, Henrik Plate, Ben Hermann, Serena Elisa Ponta, Eric Bodden
2022	J	`jnl`	Identifying Challenges for OSS Vulnerability Scanners - A Study & Test Suite. IEEE Trans. Software Eng. Andreas Dann, Henrik Plate, Ben Hermann, Serena Elisa Ponta, Eric Bodden
2022	—	`conf`	Risk Explorer for Software Supply Chains: Understanding the Attack Surface of Open-Source based Software Development. SCORED@CCS Piergiorgio Ladisa, Henrik Plate, Matias Martinez, Olivier Barais, Serena Elisa Ponta
2022	—	`conf`	Towards the Detection of Malicious Java Packages. SCORED@CCS Piergiorgio Ladisa, Henrik Plate, Matias Martinez, Olivier Barais, Serena Elisa Ponta
2022	J	`jnl`	Towards the Detection of Malicious Java Packages. CoRR Piergiorgio Ladisa, Henrik Plate, Matias Martinez, Olivier Barais, Serena Elisa Ponta
2022	J	`jnl`	Vuln4Real: A Methodology for Counting Actually Vulnerable Dependencies. IEEE Trans. Software Eng. Ivan Pashchenko, Henrik Plate, Serena Elisa Ponta, Antonino Sabetta, Fabio Massacci
2021	A	`conf`	The Used, the Bloated, and the Vulnerable: Reducing the Attack Surface of an Industrial Application. ICSME Serena Elisa Ponta, Wolfram Fischer, Henrik Plate, Antonino Sabetta
2021	J	`jnl`	The Used, the Bloated, and the Vulnerable: Reducing the Attack Surface of an Industrial Application. CoRR Serena Elisa Ponta, Wolfram Fischer, Henrik Plate, Antonino Sabetta
2020	A*	`conf`	Code-Based Vulnerability Detection in Node.js Applications: How far are we? ASE Bodin Chinthanet, Serena Elisa Ponta, Henrik Plate, Antonino Sabetta, Raula Gaikovina Kula, Takashi Ishio, Kenichi Matsumoto
2020	J	`jnl`	Code-based Vulnerability Detection in Node.js Applications: How far are we? CoRR Bodin Chinthanet, Serena Elisa Ponta, Henrik Plate, Antonino Sabetta, Raula Gaikovina Kula, Takashi Ishio, Kenichi Matsumoto
2020	J	`jnl`	Detection, assessment and mitigation of vulnerabilities in open source dependencies. Empir. Softw. Eng. Serena Elisa Ponta, Henrik Plate, Antonino Sabetta
2019	J	`jnl`	A Manually-Curated Dataset of Fixes to Vulnerabilities of Open-Source Software. CoRR Serena Elisa Ponta, Henrik Plate, Antonino Sabetta, Michele Bezzi, Cédric Dangremont
2019	A	`conf`	A manually-curated dataset of fixes to vulnerabilities of open-source software. MSR Serena Elisa Ponta, Henrik Plate, Antonino Sabetta, Michele Bezzi, Cédric Dangremont
2018	A	`conf`	Beyond Metadata: Code-Centric and Usage-Based Analysis of Known Vulnerabilities in Open-Source Software. ICSME Serena Elisa Ponta, Henrik Plate, Antonino Sabetta
2018	J	`jnl`	Beyond Metadata: Code-centric and Usage-based Analysis of Known Vulnerabilities in Open-source Software. CoRR Serena Elisa Ponta, Henrik Plate, Antonino Sabetta
2018	J	`jnl`	Vulnerable Open Source Dependencies: Counting Those That Matter. CoRR Ivan Pashchenko, Henrik Plate, Serena Elisa Ponta, Antonino Sabetta, Fabio Massacci
2018	A	`conf`	Vulnerable open source dependencies: counting those that matter. ESEM Ivan Pashchenko, Henrik Plate, Serena Elisa Ponta, Antonino Sabetta, Fabio Massacci
2017	—	`conf`	Aegis: Automatic Enforcement of Security Policies in Workflow-driven Web Applications. CODASPY Luca Compagna, Daniel Ricardo dos Santos, Serena Elisa Ponta, Silvio Ranise
2017	J	`jnl`	Automatically finding execution scenarios to deploy security-sensitive workflows. J. Comput. Secur. Daniel Ricardo dos Santos, Silvio Ranise, Luca Compagna, Serena Elisa Ponta
2016	A	`conf`	Cerberus: Automated Synthesis of Enforcement Mechanisms for Security-Sensitive Business Processes. TACAS Luca Compagna, Daniel Ricardo dos Santos, Serena Elisa Ponta, Silvio Ranise
2016	C	`conf`	Modular Synthesis of Enforcement Mechanisms for the Workflow Satisfiability Problem: Scalability and Reusability. SACMAT Daniel Ricardo dos Santos, Serena Elisa Ponta, Silvio Ranise
2015	B	`conf`	Assisting the Deployment of Security-Sensitive Workflows by Finding Execution Scenarios. DBSec Daniel Ricardo dos Santos, Silvio Ranise, Luca Compagna, Serena Elisa Ponta
2015	A	`conf`	Impact assessment for vulnerabilities in open-source software libraries. ICSME Henrik Plate, Serena Elisa Ponta, Antonino Sabetta
2015	J	`jnl`	Impact assessment for vulnerabilities in open-source software libraries. CoRR Henrik Plate, Serena Elisa Ponta, Antonino Sabetta
2015	J	`jnl`	Modularity for Security-Sensitive Workflows. CoRR Daniel Ricardo dos Santos, Silvio Ranise, Serena Elisa Ponta
2015	A	`conf`	Security Threat Identification and Testing. ICST Roberto Carbone, Luca Compagna, Annibale Panichella, Serena Elisa Ponta
2014	—	`conf`	Increasing Trust in the Cloud through Configuration Validation. OTM Workshops Matteo Maria Casalino, Henrik Plate, Serena Elisa Ponta
2014	J	`jnl`	Model checking authorization requirements in business processes. Comput. Secur. Alessandro Armando, Serena Elisa Ponta
2013	A*	`conf`	Modeling and Reasoning about Business Processes under Authorization Constraints: A Planning-Based Approach. ICAPS Alessandro Armando, Enrico Giunchiglia, Marco Maratea, Serena Elisa Ponta
2012	J	`jnl`	An action-based approach to the formal specification and automatic analysis of business processes under authorization constraints. J. Comput. Syst. Sci. Alessandro Armando, Enrico Giunchiglia, Marco Maratea, Serena Elisa Ponta
2012	—	`conf`	Configuration Assessment as a Service. DPM/SETOP Matteo Maria Casalino, Henrik Plate, Serena Elisa Ponta
2012	J	`jnl`	Detection of Configuration Vulnerabilities in Distributed (Web) Environments CoRR Matteo Maria Casalino, Michele Mangili, Henrik Plate, Serena Elisa Ponta
2012	C	`conf`	Detection of Configuration Vulnerabilities in Distributed (Web) Environments. SecureComm Matteo Maria Casalino, Michele Mangili, Henrik Plate, Serena Elisa Ponta
2012	A	`conf`	The AVANTSSAR Platform for the Automated Validation of Trust and Security of Service-Oriented Architectures. TACAS Alessandro Armando, Wihem Arsac, Tigran Avanesov, Michele Barletta, Alberto Calvi, Alessandro Cappai, Roberto Carbone, Yannick Chevalier, Luca Compagna, Jorge Cuéllar, Gabriel Erzse, Simone Frau, Marius Minea, Sebastian Mödersheim, David von Oheimb, Giancarlo Pellegrino, Serena Elisa Ponta, Marco Rocchetto, Michaël Rusinowitch, Mohammad Torabi Dashti, Mathieu Turuani, Luca Viganò
2011	—	`conf`	Security Validation of Business Processes via Model-Checking. ESSoS Wihem Arsac, Luca Compagna, Giancarlo Pellegrino, Serena Elisa Ponta
2011	C	`conf`	Security validation tool for business processes. SACMAT Wihem Arsac, Luca Compagna, Samuel Paul Kaluvuri, Serena Elisa Ponta
2011	—	`conf`	Towards Formal Validation of Trust and Security in the Internet of Services. Future Internet Assembly Roberto Carbone, Marius Minea, Sebastian Mödersheim, Serena Elisa Ponta, Mathieu Turuani, Luca Viganò
2009	B	`conf`	Formal Specification and Automatic Analysis of Business Processes under Authorization Constraints: An Action-Based Approach. TrustBus Alessandro Armando, Enrico Giunchiglia, Serena Elisa Ponta
2009	—	`conf`	Model Checking of Security-Sensitive Business Processes. Formal Aspects in Security and Trust Alessandro Armando, Serena Elisa Ponta