The third International Workshop on Secure Software: Challenges, Opportunities and Lessons Learned.

Co-located with 27th International Conference on Evaluation and Assessment in Software Engineering (EASE 2023), 14-16 June 2023 Oulu, Finland.

   
  Accepted Papers [Workshop Date: June 16, 2023] - EASE Complete Program: https://conf.researchr.org/program/ease-2023/program-ease-2023/
09:00-12:00 - Room: Linna Cabinet
 Time  
9:00 - 10:00 Keynote: Organizational response to cyber attacks: An evidence-based study of an exemplar firm
  Atif Ahmad, University of Melbourne
   
10:00 - 10:30 Coffee Break
   
10:30 - 10:50 Toward Successful Secure Software Deployment: An Empirical Study
  Azzah  Alghamdi, Mahmood  Niazi
   
10:50 - 11:10 A Survey on Botnets Attack Detection Utilizing Machine and Deep Learning Models
  Dorieh Alomari, Fatima Anis, Maryam Alabdullatif, Hamoud Aljamaan
   
11:10 - 11:30 Arabic Cyberbullying Detecton Using Machine Learning: State of the Art Survey
  Norah Alsunaidi, Sara Aljbali, Yasmin Yasin, Hamoud Aljamaan
   
11:30 - 11:50 A Complete Review on 6G Technologies based on its Applications, Research Challenges and Problems
  Muhammad Mustafa Qureshi, Muhammad Tanveer Riaz, Saba Waseem, Muhammad Abbas Khan, Sidra Riaz
   
 

About the Workshop

Over the last decade, an increasing number of organizations have started focusing on software security because modern applications typically operate in a hostile network-based environment. Traditionally, organizations have tried to address security concerns by finding and fixing security vulnerabilities once the software development cycle is completed. A software needs to be secured against any unauthorized users, and this can be achieved by incorporating security mechanisms into different phases of the software development lifecycle. However, incorporating security practices and processes into different phases of the software development life cycle remains a challenge. Software security area is evolving due to different factors such as increasing failure rates of software projects, economic downturn, and software development without security in mind, globalization and outsourcing. The empirical software engineering researchers need new approaches, models, and tools for addressing various emerging challenges of software security in this modern age. There is a need for using empirical evidence to support different new approaches in the software security research and practice which will provide researchers with innovative knowledge on which to develop different software security processes and practices. This will also help in improving existing software security approaches and processes in order to effectively develop secure software. This workshop will bring together and advance the work that has been undertaken on software security. The outcome of this workshop will provide researchers and practitioners with a firm basis on which to develop different practices/ tools/ techniques that are based on an understanding of how and where they fit into secure software development and research. New practices/ tools/ techniques could then be developed targeting secure software engineering community.

Aim of the workshop

The aim of this workshop is to provide a venue to discuss software security challenges, opportunities and lessons learned under the umbrella of empirical software engineering and software evaluation. This workshop will bring together researchers and practitioners from academia, industry and governments to report empirical studies and discuss the issues relating to software security. This workshop will seek submissions reporting original, unpublished research on software security covering any aspect of experimental, empirical and evidence-based software engineering, for example the use of quantitative and qualitative methods for empirical evaluation of software security techniques, processes, methods, tools and best practices. This will be a one-day paper-based presentations workshop, which will accept research and software industry papers on the topic of software security.

Call for Papers

This workshop aspires to provide an opportunity for the empirical software engineering researchers and practitioners to present the state of the art, state of the practice, and the future directions on the following topics of software security.

  • Systematic literature reviews and mapping studies on software security
  • Tertiary studies on software security
  • Empirically based decision making
  • Controlled experiments and quasi-experiments
  • Case studies, surveys, observational studies, Delphi studies, field studies on software security
  • Empirical studies on software security using qualitative, quantitative, and mixed methods
  • Evaluation of software security techniques, tools and models
  • Secure software requirements
  • Secure software design
  • Secure software coding
  • Secure software testing
  • Secure software acceptance
  • Secure software deployment, operations and maintenanc
  • Secure software acquisition
  • SProject management for secure software development
  • Software security in global projects
  • Secure software metrics
  • Best practices and lessons learned in secure software development projects

Paper Submission

The maximum page length for the workshop is 6 pages. Workshop proceedings will be integrated in the EASE 2020 conference companion proceedings. Submitted papers must be written in English, contain original unpublished work, and conform to the ACM proceedings format. Please submit manuscripts via EasyChair, and in pdf format: https://conf.researchr.org/home/ease-2023

Important Dates

Papers submission

March 10, 2023

Notifications to authors

April 14, 2023

Camera-ready

April 28, 2023

Early registration

May 5, 2023

Workshop date

June 16, 2023

Workshop Program Committee

  • Asif Gill, University of Technology Sydney, Australia
  • Azeem Akbar, Lappeeranta-Lahti University of Technology, Finland
  • Siffat Ullah Khan, Malakand University, Pakistan
  • Saqib Ali, Sultan Qaboos University, Oman
  • Samuel Ajila, Carleton University, Ottawa, Canada
  • Richard Lai, La Trobe University, Australia
  • Sajid Anwer, Griffith University, Australia

Workshop Chairs

Sajjad Mahmood

Associate Professor of software engineering at the Information and Computer Science Department, King Fahd University of Petroleum and Minerals, Saudi Arabia. He received his Ph.D. from La Trobe University, Melbourne, Australia. Prior to pursuing his Ph.D., he also worked as a software engineer in the United States and Australia. He is an active researcher in the field of software engineering and has published more than 80 articles in peer-reviewed journals and international conferences. He has worked as a principal and co-investigator in a number of research projects that investigate issues related to global software development and secure software development. His research interests include empirical software engineering, evidence-based software engineering, global software development, secure software development, and software process improvement in general.

Mohammad Alshayeb

Professor of software engineering at the Information and Computer Science Department, King Fahd University of Petroleum and Minerals, Saudi Arabia. He received his MS and Ph.D. in Computer Science and certificate of Software Engineering from the University of Alabama in Huntsville in 2000, 2002, and 1999 respectively. Dr. Alshayeb worked as a senior researcher and Software Engineer and managed software projects in the United States and the Middle East. Dr. Alshayeb taught and coordinated industrial training courses. He provided consulting services to major industrial and educational institutes. Dr. Alshayeb is a member of the editorial board of several Software Engineering Journals. Dr. Alshayeb received a number of certificates of excellence and appreciation from many companies. Dr. Alshayeb received Khalifa award for education as "the distinguished University Professor in the Field of Teaching within the Arab World", in 2016. He also received the "Excellence in Teaching", "Excellence in Advising" and "Instructional Technology" awards from KFUPM. Dr. He is a certified project manager (PMP). Dr. Alshayebأ¢â‚¬â„¢s research interests include empirical studies in Software Engineering, secure software, software quality, and software measurement and metrics

Mahmood Niazi

Professor of Software Engineering at the Information and Computer Science Department, King Fahd University of Petroleum and Minerals Saudi Arabia. He has received the MPhil degree from the University of Manchester, U.K., and the Ph.D. degree from the University of Technology Sydney, Australia. He has spent more than a decade with leading technology أ¯آ¬ظ¾rms and universities as a Process Analyst, a Senior Systems Analyst, a Project Manager, and a Professor. He has participated in and managed several software development projects. Dr. Niazi is an active researcher in the field of empirical software engineering. Dr. Niazi has published over 100 articles He is interested in developing sustainable processes in order to develop systems, which are reliable, secure, and fulfill customer needs. His research interests are evidence-based software engineering, requirements engineering, sustainable, reliable, and secure software engineering processes, global and distributed software engineering, software process improvement, and software engineering project management. Previously Dr. Niazi worked for Keele University UK, National ICT Australia, University of Technology Sydney Australia, University of Sydney Australia, and the University of Manchester UK.

CONTACT US

Sajjad Mahmood, Mohammad Alshayeb, Mahmood Niazi

  • Information and Computer Science Department, King Fahd University of Petroleum and Minerals Dhahran, Saudi Arabia
  • Interdisciplinary Research Center for Intelligent Secure Systems, King Fahd University of Petroleum and Minerals Dhahran, Saudi Arabia

  • smahmood@kfupm.edu.sa
  • alshayeb@kfupm.edu.sa
  • mkniazi@kfupm.edu.sa