Mariano Ceccato

Orcid: 0000-0001-7325-0316

Affiliations:
  • University of Verona, Italy


According to our database1, Mariano Ceccato authored at least 105 papers between 2004 and 2024.

Collaborative distances:

Timeline

Legend:

Book 
In proceedings 
Article 
PhD thesis 
Dataset
Other 

Links

Online presence:

On csauthors.net:

Bibliography

2024
Mitigating Debugger-based Attacks to Java Applications with Self-debugging.
ACM Trans. Softw. Eng. Methodol., May, 2024

DeepREST: Automated Test Case Generation for REST APIs Exploiting Deep Reinforcement Learning.
CoRR, 2024

Hypertesting of Programs: Theoretical Foundation and Automated Test Generation.
Proceedings of the 46th IEEE/ACM International Conference on Software Engineering, 2024


2023
Experimental comparison of features, analyses, and classifiers for Android malware detection.
Empir. Softw. Eng., November, 2023

Enhancing Ethereum smart-contracts static analysis by computing a precise Control-Flow Graph of Ethereum bytecode.
J. Syst. Softw., June, 2023

NEUROPULS: NEUROmorphic energy-efficient secure accelerators based on Phase change materials aUgmented siLicon photonicS.
CoRR, 2023

Assessing the security of inter-app communications in android through reinforcement learning.
Comput. Secur., 2023

Enhancing REST API Testing with NLP Techniques.
Proceedings of the 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis, 2023

Automated Black-Box Testing of Mass Assignment Vulnerabilities in RESTful APIs.
Proceedings of the 45th IEEE/ACM International Conference on Software Engineering, 2023


Remote Attestation of IoT Devices using Physically Unclonable Functions: Recent Advancements and Open Research Challenges.
Proceedings of the 5th Workshop on CPS&IoT Security and Privacy, 2023

2022
Deep Reinforcement Learning for Black-box Testing of Android Apps.
ACM Trans. Softw. Eng. Methodol., 2022

Automated black-box testing of nominal and error scenarios in RESTful APIs.
Softw. Test. Verification Reliab., 2022

Empirical Validation on the Usability of Security Reports for Patching TLS Misconfigurations: User- and Case-Studies on Actionable Mitigations.
J. Wirel. Mob. Networks Ubiquitous Comput. Dependable Appl., 2022

Message from the General Chair and Program Co-Chairs SCAM 2022.
Proceedings of the 22nd IEEE International Working Conference on Source Code Analysis and Manipulation, 2022

Integrating Smart Contracts in Manufacturing for Automated Assessment of Production Quality.
Proceedings of the IECON 2022, 2022

IFRIT: Focused Testing through Deep Reinforcement Learning.
Proceedings of the 15th IEEE Conference on Software Testing, Verification and Validation, 2022

RestTestGen: An Extensible Framework for Automated Black-box Testing of RESTful APIs.
Proceedings of the IEEE International Conference on Software Maintenance and Evolution, 2022

Towards Reverse Engineering of Industrial Physical Processes.
Proceedings of the Computer Security. ESORICS 2022 International Workshops, 2022

2021
Empirical Comparison of Black-box Test Case Generation Tools for RESTful APIs.
Proceedings of the 21st IEEE International Working Conference on Source Code Analysis and Manipulation, 2021

EtherSolve: Computing an Accurate Control-Flow Graph from Ethereum Bytecode.
Proceedings of the 29th IEEE/ACM International Conference on Program Comprehension, 2021

Summary of: A Federated Society of Bots for Smart Contract Testing.
Proceedings of the 14th IEEE Conference on Software Testing, Verification and Validation, 2021

COSMO: Code Coverage Made Easier for Android.
Proceedings of the 14th IEEE Conference on Software Testing, Verification and Validation, 2021

Restats: A Test Coverage Tool for RESTful APIs.
Proceedings of the IEEE International Conference on Software Maintenance and Evolution, 2021

Do Security Reports Meet Usability?: Lessons Learned from Using Actionable Mitigations for Patching TLS Misconfigurations.
Proceedings of the ARES 2021: The 16th International Conference on Availability, 2021

2020
A federated society of bots for smart contract testing.
J. Syst. Softw., 2020

Experimental assessment of XOR-Masking data obfuscation based on K-Clique opaque constants.
J. Syst. Softw., 2020

A large-scale study on the adoption of anti-debugging and anti-tampering protections in android apps.
J. Inf. Secur. Appl., 2020

Empirical assessment of the effort needed to attack programs protected with client/server code splitting.
Empir. Softw. Eng., 2020

Security analysis of permission re-delegation vulnerabilities in Android apps.
Empir. Softw. Eng., 2020

RESTTESTGEN: Automated Black-Box Testing of RESTful APIs.
Proceedings of the 13th IEEE International Conference on Software Testing, 2020

A Family of Experiments to Assess the Impact of Page Object Pattern in Web Test Suite Development.
Proceedings of the 13th IEEE International Conference on Software Testing, 2020

A Framework for In-Vivo Testing of Mobile Applications.
Proceedings of the 13th IEEE International Conference on Software Testing, 2020

Experimental comparison of features and classifiers for Android malware detection.
Proceedings of the MOBILESoft '20: IEEE/ACM 7th International Conference on Mobile Software Engineering and Systems, 2020

Security testing of second order permission re-delegation vulnerabilities in Android apps.
Proceedings of the MOBILESoft '20: IEEE/ACM 7th International Conference on Mobile Software Engineering and Systems, 2020

2019
Understanding the behaviour of hackers while performing attack tasks in a professional setting and in a public challenge.
Empir. Softw. Eng., 2019

Obfuscating Java Programs by Translating Selected Portions of Bytecode to Native Libraries.
CoRR, 2019

OBLIVE: Seamless Code Obfuscation for Java Programs and Android Apps.
Proceedings of the 26th IEEE International Conference on Software Analysis, 2019

Toward In-Vivo Testing of Mobile Applications.
Proceedings of the IEEE International Symposium on Software Reliability Engineering Workshops, 2019

2018
[Research Paper] Obfuscating Java Programs by Translating Selected Portions of Bytecode to Native Libraries.
Proceedings of the 18th IEEE International Working Conference on Source Code Analysis and Manipulation, 2018

AnFlo: detecting anomalous sensitive information flows in Android apps.
Proceedings of the 5th International Conference on Mobile Software Engineering and Systems, MOBILESoft@ICSE 2018, Gothenburg, Sweden, May 27, 2018

2017
Automatic generation of opaque constants based on the k-clique problem for resilient data obfuscation.
Proceedings of the IEEE 24th International Conference on Software Analysis, 2017

How professional hackers understand protected code while performing attack tasks.
Proceedings of the 25th International Conference on Program Comprehension, 2017

2016
A Reference Architecture for Software Protection.
Proceedings of the 13th Working IEEE/IFIP Conference on Software Architecture, 2016

Search Based Clustering for Protecting Software with Diversified Updates.
Proceedings of the Search Based Software Engineering - 8th International Symposium, 2016

Assessment of Source Code Obfuscation Techniques.
Proceedings of the 16th IEEE International Working Conference on Source Code Analysis and Manipulation, 2016

SOFIA: an automated security oracle for black-box testing of SQL-injection vulnerabilities.
Proceedings of the 31st IEEE/ACM International Conference on Automated Software Engineering, 2016

Identifying Android inter app communication vulnerabilities using static and dynamic analysis.
Proceedings of the International Conference on Mobile Software Engineering and Systems, 2016

Static Analysis and Penetration Testing from the Perspective of Maintenance Teams.
Proceedings of the 10th ACM/IEEE International Symposium on Empirical Software Engineering and Measurement, 2016

Reactive Attestation: Automatic Detection and Reaction to Software Tampering Attacks.
Proceedings of the 2016 ACM Workshop on Software PROtection, 2016

The ASPIRE Framework for Software Protection.
Proceedings of the 2016 ACM Workshop on Software PROtection, 2016

2015
Do Automatically Generated Test Cases Make Debugging Easier? An Experimental Assessment of Debugging Effectiveness and Efficiency.
ACM Trans. Softw. Eng. Methodol., 2015

Ahab's legs in scenario-based requirements validation: An experiment to study communication mistakes.
J. Syst. Softw., 2015

A large study on the effect of code obfuscation on the quality of java code.
Empir. Softw. Eng., 2015

Assessment of Data Obfuscation with Residue Number Coding.
Proceedings of the 1st IEEE/ACM International Workshop on Software Protection, 2015

2014
Guest editorial for the special issue on source code analysis and manipulation, SCAM 2012.
J. Softw. Evol. Process., 2014

A family of experiments to assess the effectiveness and efficiency of source code obfuscation techniques.
Empir. Softw. Eng., 2014

How smartphone users assess the value/risk trade-off of apps: An observational study.
Proceedings of the 4th IEEE International Workshop on Empirical Requirements Engineering, 2014

POSTER: A Measurement Framework to Quantify Software Protections.
Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, 2014

Towards Supporting the Analysis of Online Discussions in OSS Communities: A Speech-Act Based Approach.
Proceedings of the Information Systems Engineering in Complex Environments, 2014

2013
Comparison and integration of genetic algorithms and dynamic symbolic execution for security testing of cross-site scripting vulnerabilities.
Inf. Softw. Technol., 2013

Circe: A grammar-based oracle for testing Cross-site scripting in web applications.
Proceedings of the 20th Working Conference on Reverse Engineering, 2013

Towards a unified software attack model to assess software protections.
Proceedings of the IEEE 21st International Conference on Program Comprehension, 2013

Security testing of the communication among Android applications.
Proceedings of the 8th International Workshop on Automation of Software Test, 2013

2012
An empirical study about the effectiveness of debugging when random test cases are used.
Proceedings of the 34th International Conference on Software Engineering, 2012

Grammar based oracle for security testing of web applications.
Proceedings of the 7th International Workshop on Automation of Software Test, 2012

Security Oracle Based on Tree Kernel Methods.
Proceedings of the Trustworthy Eternal Systems via Evolving Software, Data and Knowledge, 2012

2011
CodeBender: Remote Software Protection Using Orthogonal Replacement.
IEEE Softw., 2011

Security Testing of Web Applications: A Search-Based Approach for Cross-Site Scripting Vulnerabilities.
Proceedings of the 11th IEEE Working Conference on Source Code Analysis and Manipulation, 2011

Ahab's Leg dilemma: On the design of a controlled experiment.
Proceedings of the First International Workshop on Empirical Requirements Engineering, 2011

2010
How Developers' Experience and Ability Influence Web Application Comprehension Tasks Supported by UML Stereotypes: A Series of Four Experiments.
IEEE Trans. Software Eng., 2010

Migrating legacy data structures based on variable overlay to Java.
J. Softw. Maintenance Res. Pract., 2010

Static analysis for enforcing intra-thread consistent locks in the migration of a legacy system.
Proceedings of the 26th IEEE International Conference on Software Maintenance (ICSM 2010), 2010

Towards security testing with taint analysis and genetic algorithms.
Proceedings of the ICSE Workshop on Software Engineering for Secure Systems, 2010

2009
Using acceptance tests as a support for clarifying requirements: A series of experiments.
Inf. Softw. Technol., 2009

Recovering structured data types from a legacy data model with overlays.
Inf. Softw. Technol., 2009

Dynamic aspect mining.
IET Softw., 2009

Trading-off security and performance in barrier slicing for remote software entrusting.
Autom. Softw. Eng., 2009

Remote software protection by orthogonal client replacement.
Proceedings of the 2009 ACM Symposium on Applied Computing (SAC), 2009

The effectiveness of source code obfuscation: An experimental assessment.
Proceedings of the 17th IEEE International Conference on Program Comprehension, 2009

Workshop on Maintenance of Aspect Oriented Systems.
Proceedings of the 13th European Conference on Software Maintenance and Reengineering, 2009

2008
Data Model Reverse Engineering in Migrating a Legacy System to Java.
Proceedings of the WCRE 2008, 2008

Remote Entrusting by Run-Time Software Authentication.
Proceedings of the SOFSEM 2008: Theory and Practice of Computer Science, 2008

Using Program Transformations to Add Structure to a Legacy Data Model.
Proceedings of the Eighth IEEE International Working Conference on Source Code Analysis and Manipulation (SCAM 2008), 2008

Distributing Trust Verification to Increase Application Performance.
Proceedings of the 16th Euromicro International Conference on Parallel, 2008

Are fit tables really talking?: a series of experiments to understand whether fit tables are useful during evolution tasks.
Proceedings of the 30th International Conference on Software Engineering (ICSE 2008), 2008

Goto Elimination Strategies in the Migration of Legacy Code to Java.
Proceedings of the 12th European Conference on Software Maintenance and Reengineering, 2008

Automatic Support for the Migration Towards Aspects.
Proceedings of the 12th European Conference on Software Maintenance and Reengineering, 2008

Towards experimental evaluation of code obfuscation techniques.
Proceedings of the 4th ACM Workshop on Quality of Protection, 2008

2007
How design notations affect the comprehension of Web applications.
J. Softw. Maintenance Res. Pract., 2007

The Use of Executable FIT Tables to support Maintenance and Evolution Tasks.
Electron. Commun. Eur. Assoc. Softw. Sci. Technol., 2007

Barrier Slicing for Remote Software Trusting.
Proceedings of the Seventh IEEE International Workshop on Source Code Analysis and Manipulation (SCAM 2007), September 30, 2007

Talking tests: an empirical assessment of the role of fit acceptance tests in clarifying requirements.
Proceedings of the 9th International Workshop on Principles of Software Evolution (IWPSE 2007), 2007

Migrating Object Oriented code to Aspect Oriented Programming.
Proceedings of the 23rd IEEE International Conference on Software Maintenance (ICSM 2007), 2007

The Role of Experience and Ability in Comprehension Tasks Supported by UML Stereotypes.
Proceedings of the 29th International Conference on Software Engineering (ICSE 2007), 2007

2006
Tool-Supported Refactoring of Existing Object-Oriented Code into Aspects.
IEEE Trans. Software Eng., 2006

Applying and combining three different aspect Mining Techniques.
Softw. Qual. J., 2006

An empirical study on the usefulness of Conallen's stereotypes inWeb application comprehension.
Proceedings of the Eighth IEEE International Workshop on Web Site Evolution (WSE 2006), 2006

2005
Refactoring the Aspectizable Interfaces: An Empirical Assessment.
IEEE Trans. Software Eng., 2005

A Qualitative Comparison of Three Aspect Mining Techniques.
Proceedings of the 13th International Workshop on Program Comprehension (IWPC 2005), 2005

Automated Refactoring of Object Oriented Code into Aspects.
Proceedings of the 21st IEEE International Conference on Software Maintenance (ICSM 2005), 2005

2004
Aspect Mining through the Formal Concept Analysis of Execution Traces.
Proceedings of the 11th Working Conference on Reverse Engineering, 2004

Adding Distribution to Existing Applications by Means of Aspect Oriented Programming.
Proceedings of the 4th IEEE International Workshop on Source Code Analysis and Manipulation (SCAM 2004), 2004

Migrating Interface Implementation to Aspects.
Proceedings of the 20th International Conference on Software Maintenance (ICSM 2004), 2004


  Loading...