We stand with Ukraine  

Serena Elisa Ponta

Orcid: 0000-0002-6208-4743

According to our database1, Serena Elisa Ponta authored at least 38 papers between 2009 and 2024.

Collaborative distances:

Timeline

Legend:

Book 
In proceedings 
Article 
PhD thesis 
Dataset
Other 

Links

Online presence:

On csauthors.net:

Bibliography

2024
Known Vulnerabilities of Open Source Projects: Where Are the Fixes?
[BibTeX]
[DOI]
Antonino Sabetta
,
Serena Elisa Ponta
,
Rocío Cabrera Lozoya
,
Michele Bezzi
,
Tommaso Sacchetti
,
Matteo Greco
,
Gergö Balogh
,
Péter Hegedüs
,
Rudolf Ferenc
,
Ranindya Paramitha
,
Ivan Pashchenko
,
Aurora Papotti
,
Ákos Milánkovich
,
Fabio Massacci
IEEE Secur. Priv., 2024

Java Bytecode Normalization for Code Similarity Analysis (Artifact).
[BibTeX]
[DOI]
Stefan Schott
,
Serena Elisa Ponta
,
Wolfram Fischer
,
Jonas Klauke
,
Eric Bodden
Dagstuhl Artifacts Ser., 2024

Compilation of Commit Changes within Java Source Code Repositories.
[BibTeX]
[DOI]
Stefan Schott
,
Wolfram Fischer
,
Serena Elisa Ponta
,
Jonas Klauke
,
Eric Bodden
CoRR, 2024

Java Bytecode Normalization for Code Similarity Analysis.
[BibTeX]
[DOI]
Stefan Schott
,
Serena Elisa Ponta
,
Wolfram Fischer
,
Jonas Klauke
,
Eric Bodden
Proceedings of the 38th European Conference on Object-Oriented Programming, 2024

2023
Journey to the Center of Software Supply Chain Attacks.
[BibTeX]
[DOI]
Piergiorgio Ladisa
,
Serena Elisa Ponta
,
Antonino Sabetta
,
Matias Martinez
,
Olivier Barais
IEEE Secur. Priv., 2023

The Hitchhiker's Guide to Malicious Third-Party Dependencies.
[BibTeX]
[DOI]
Piergiorgio Ladisa
,
Merve Sahin
,
Serena Elisa Ponta
,
Marco Rosa
,
Matias Martinez
,
Olivier Barais
Proceedings of the 2023 Workshop on Software Supply Chain Offensive Research and Ecosystem Defenses, 2023

On the Feasibility of Cross-Language Detection of Malicious Packages in npm and PyPI.
[BibTeX]
[DOI]
Piergiorgio Ladisa
,
Serena Elisa Ponta
,
Nicola Ronzoni
,
Matias Martinez
,
Olivier Barais
Proceedings of the Annual Computer Security Applications Conference, 2023

2022
Vuln4Real: A Methodology for Counting Actually Vulnerable Dependencies.
[BibTeX]
[DOI]
Ivan Pashchenko
,
Henrik Plate
,
Serena Elisa Ponta
,
Antonino Sabetta
,
Fabio Massacci
IEEE Trans. Software Eng., 2022

Identifying Challenges for OSS Vulnerability Scanners - A Study & Test Suite.
[BibTeX]
[DOI]
Andreas Dann
,
Henrik Plate
,
Ben Hermann
,
Serena Elisa Ponta
,
Eric Bodden
IEEE Trans. Software Eng., 2022

Identifying Challenges for OSS Vulnerability Scanners - A Study & Test Suite (Short Summary).
[BibTeX]
[DOI]
Andreas Dann
,
Henrik Plate
,
Ben Hermann
,
Serena Elisa Ponta
,
Eric Bodden
Proceedings of the Software Engineering 2022, 2022

Towards the Detection of Malicious Java Packages.
[BibTeX]
[DOI]
Piergiorgio Ladisa
,
Henrik Plate
,
Matias Martinez
,
Olivier Barais
,
Serena Elisa Ponta
Proceedings of the 2022 ACM Workshop on Software Supply Chain Offensive Research and Ecosystem Defenses, 2022

Risk Explorer for Software Supply Chains: Understanding the Attack Surface of Open-Source based Software Development.
[BibTeX]
[DOI]
Piergiorgio Ladisa
,
Henrik Plate
,
Matias Martinez
,
Olivier Barais
,
Serena Elisa Ponta
Proceedings of the 2022 ACM Workshop on Software Supply Chain Offensive Research and Ecosystem Defenses, 2022

2021
The Used, the Bloated, and the Vulnerable: Reducing the Attack Surface of an Industrial Application.
[BibTeX]
[DOI]
Serena Elisa Ponta
,
Wolfram Fischer
,
Henrik Plate
,
Antonino Sabetta
Proceedings of the IEEE International Conference on Software Maintenance and Evolution, 2021

2020
Detection, assessment and mitigation of vulnerabilities in open source dependencies.
[BibTeX]
[DOI]
Serena Elisa Ponta
,
Henrik Plate
,
Antonino Sabetta
Empir. Softw. Eng., 2020

Code-Based Vulnerability Detection in Node.js Applications: How far are we?
[BibTeX]
[DOI]
Bodin Chinthanet
,
Serena Elisa Ponta
,
Henrik Plate
,
Antonino Sabetta
,
Raula Gaikovina Kula
,
Takashi Ishio
,
Kenichi Matsumoto
Proceedings of the 35th IEEE/ACM International Conference on Automated Software Engineering, 2020

2019
A manually-curated dataset of fixes to vulnerabilities of open-source software.
[BibTeX]
[DOI]
Serena Elisa Ponta
,
Henrik Plate
,
Antonino Sabetta
,
Michele Bezzi
,
Cédric Dangremont
Proceedings of the 16th International Conference on Mining Software Repositories, 2019

2018
Beyond Metadata: Code-Centric and Usage-Based Analysis of Known Vulnerabilities in Open-Source Software.
[BibTeX]
[DOI]
Serena Elisa Ponta
,
Henrik Plate
,
Antonino Sabetta
Proceedings of the 2018 IEEE International Conference on Software Maintenance and Evolution, 2018

Vulnerable open source dependencies: counting those that matter.
[BibTeX]
[DOI]
Ivan Pashchenko
,
Henrik Plate
,
Serena Elisa Ponta
,
Antonino Sabetta
,
Fabio Massacci
Proceedings of the 12th ACM/IEEE International Symposium on Empirical Software Engineering and Measurement, 2018

2017
Automatically finding execution scenarios to deploy security-sensitive workflows.
[BibTeX]
[DOI]
Daniel Ricardo dos Santos
,
Silvio Ranise
,
Luca Compagna
,
Serena Elisa Ponta
J. Comput. Secur., 2017

Aegis: Automatic Enforcement of Security Policies in Workflow-driven Web Applications.
[BibTeX]
[DOI]
Luca Compagna
,
Daniel Ricardo dos Santos
,
Serena Elisa Ponta
,
Silvio Ranise
Proceedings of the Seventh ACM Conference on Data and Application Security and Privacy, 2017

2016
Cerberus: Automated Synthesis of Enforcement Mechanisms for Security-Sensitive Business Processes.
[BibTeX]
[DOI]
Luca Compagna
,
Daniel Ricardo dos Santos
,
Serena Elisa Ponta
,
Silvio Ranise
Proceedings of the Tools and Algorithms for the Construction and Analysis of Systems, 2016

Modular Synthesis of Enforcement Mechanisms for the Workflow Satisfiability Problem: Scalability and Reusability.
[BibTeX]
[DOI]
Daniel Ricardo dos Santos
,
Serena Elisa Ponta
,
Silvio Ranise
Proceedings of the 21st ACM on Symposium on Access Control Models and Technologies, 2016

2015
Modularity for Security-Sensitive Workflows.
[BibTeX]
[DOI]
Daniel Ricardo dos Santos
,
Silvio Ranise
,
Serena Elisa Ponta
CoRR, 2015

Security Threat Identification and Testing.
[BibTeX]
[DOI]
Roberto Carbone
,
Luca Compagna
,
Annibale Panichella
,
Serena Elisa Ponta
Proceedings of the 8th IEEE International Conference on Software Testing, 2015

Impact assessment for vulnerabilities in open-source software libraries.
[BibTeX]
[DOI]
Henrik Plate
,
Serena Elisa Ponta
,
Antonino Sabetta
Proceedings of the 2015 IEEE International Conference on Software Maintenance and Evolution, 2015

Assisting the Deployment of Security-Sensitive Workflows by Finding Execution Scenarios.
[BibTeX]
[DOI]
Daniel Ricardo dos Santos
,
Silvio Ranise
,
Luca Compagna
,
Serena Elisa Ponta
Proceedings of the Data and Applications Security and Privacy XXIX, 2015

2014
Model checking authorization requirements in business processes.
[BibTeX]
[DOI]
Alessandro Armando
,
Serena Elisa Ponta
Comput. Secur., 2014

Increasing Trust in the Cloud through Configuration Validation.
[BibTeX]
[DOI]
Matteo Maria Casalino
,
Henrik Plate
,
Serena Elisa Ponta
Proceedings of the On the Move to Meaningful Internet Systems: OTM 2014 Workshops, 2014

2013
Modeling and Reasoning about Business Processes under Authorization Constraints: A Planning-Based Approach.
[BibTeX]
[DOI]
Alessandro Armando
,
Enrico Giunchiglia
,
Marco Maratea
,
Serena Elisa Ponta
Proceedings of the Twenty-Third International Conference on Automated Planning and Scheduling, 2013

2012
An action-based approach to the formal specification and automatic analysis of business processes under authorization constraints.
[BibTeX]
[DOI]
Alessandro Armando
,
Enrico Giunchiglia
,
Marco Maratea
,
Serena Elisa Ponta
J. Comput. Syst. Sci., 2012

The AVANTSSAR Platform for the Automated Validation of Trust and Security of Service-Oriented Architectures.
[BibTeX]
[DOI]
Alessandro Armando
,
Wihem Arsac
,
Tigran Avanesov
,
Michele Barletta
,
Alberto Calvi
,
Alessandro Cappai
,
Roberto Carbone
,
Yannick Chevalier
,
Luca Compagna
,
Jorge Cuéllar
,
Gabriel Erzse
,
Simone Frau
,
Marius Minea
,
Sebastian Mödersheim
,
David von Oheimb
,
Giancarlo Pellegrino
,
Serena Elisa Ponta
,
Marco Rocchetto
,
Michaël Rusinowitch
,
Mohammad Torabi Dashti
,
Mathieu Turuani
,
Luca Viganò
Proceedings of the Tools and Algorithms for the Construction and Analysis of Systems, 2012

Detection of Configuration Vulnerabilities in Distributed (Web) Environments.
[BibTeX]
[DOI]
Matteo Maria Casalino
,
Michele Mangili
,
Henrik Plate
,
Serena Elisa Ponta
Proceedings of the Security and Privacy in Communication Networks, 2012

Configuration Assessment as a Service.
[BibTeX]
[DOI]
Matteo Maria Casalino
,
Henrik Plate
,
Serena Elisa Ponta
Proceedings of the Data Privacy Management and Autonomous Spontaneous Security, 2012

2011
Security validation tool for business processes.
[BibTeX]
[DOI]
Wihem Arsac
,
Luca Compagna
,
Samuel Paul Kaluvuri
,
Serena Elisa Ponta
Proceedings of the 16th ACM Symposium on Access Control Models and Technologies, 2011

Towards Formal Validation of Trust and Security in the Internet of Services.
[BibTeX]
[DOI]
Roberto Carbone
,
Marius Minea
,
Sebastian Mödersheim
,
Serena Elisa Ponta
,
Mathieu Turuani
,
Luca Viganò
Proceedings of the Future Internet, 2011

Security Validation of Business Processes via Model-Checking.
[BibTeX]
[DOI]
Wihem Arsac
,
Luca Compagna
,
Giancarlo Pellegrino
,
Serena Elisa Ponta
Proceedings of the Engineering Secure Software and Systems - Third International Symposium, 2011

2009
Formal Specification and Automatic Analysis of Business Processes under Authorization Constraints: An Action-Based Approach.
[BibTeX]
[DOI]
Alessandro Armando
,
Enrico Giunchiglia
,
Serena Elisa Ponta
Proceedings of the Trust, 2009

Model Checking of Security-Sensitive Business Processes.
[BibTeX]
[DOI]
Alessandro Armando
,
Serena Elisa Ponta
Proceedings of the Formal Aspects in Security and Trust, 6th International Workshop, 2009


  Loading...