Research Interests

During my Ph.D., my research mainly focused on the analysis and automated detection of Software Vulnerabilities. In this context, I developped several tools to automatically collect data on Software vulnerabilities and replicate existing approaches. I am now investigating various ways to improve the detection and the understanding of software vulnerabilities.

Vulnerability Prediction Modeling

Vulnerability Preidiction Modelling (VPM) has been the corner stone of my PhD and is still the main focus of my research. The idea of VPM is to guide the code review process by ordering the software components according to their likelihood of being vulnerable. Such ordering is traditionnaly performed by a trained machine learning model. A usual axis of research usually consists in finding interesting feature sets that correlate with vulnerability likelihood and could thus be used to train a model. A more recent trend consists in investigating the benefits of Deep learning techniques to create those models.

• Main publications:
  • (2019) The importance of accounting for real-world labelling when predicting software vulnerabilities FSE’19 Distinguished paper Award
  • (2018) Enabling the Continuous Analysis of Security Vulnerabilities with VulData7 SCAM’18

Naturalness of Software

• Main publications:
  • (2018) On the Impact of Tokenizer and Parameters on N-Gram Based Code Analysis
  • (2018) Are mutants really natural?: a study on how “naturalness” helps mutant selection

Misc

• (2017) Analyzing Complex Data in Motion at Scale with Temporal Graphs