Securing Software Ecosystems through Repository Mining

Abstract

Through the incessant reuse of code fragments, the worldwide software ecosystem has become highly connected. This provides advantages, such as faster software engineering, however, it also provides new challenges, such as easier spreading of vulnerabilities. The world depends on software and the proliferation of code also causes the proliferation of vulnerabilities. In this PhD project, we explore the use of a code clone hashing and storing technique to enable fast searches of abstract code clones in the worldwide software ecosystem, called SearchSECO. With SearchSECO, we can rapidly identify code, code clones, vulnerabilities, license conflicts, and other aspects of code cloning. With SearchSECO as a platform, we hope to move forward the art and science of repository mining.