Publications

To appear

Quantum-Based SMT Solving for String Theory

Authors: Beatrice Casey, Joanna C. S. Santos, and Andrew Hennessee

In: QUASAR 2nd Workshop on Quantum Algorithms, Software and Applied Research. 2025.

To appear BibTex

To appear

A Survey of Source Code Representations for Machine Learning-Based Cybersecurity Tasks

Authors: Beatrice Casey, Joanna C. S. Santos, and George Perry

In: ACM CSUR ACM Computing Surveys. 2025.

To appear BibTex 10.1145/3721977

To appear

MojoBench: Language Modeling and Benchmarks for Mojo

Authors: Nishat Raihan, Joanna C. S. Santos, and Marcos Zampieri

In: NAACL'25 Findings Findings of the Association for Computational Linguistics: NAACL 2025. Albuquerque, New Mexico, United States. 2025.

To appear BibTex

To appear

Large Language Models in Computer Science Education: A Systematic Literature Review

Authors: Nishat Raihan, Mohammed Latif Siddiq, Joanna C. S. Santos, and Marcos Zampieri

In: SIGCSE'25 56th ACM Technical Symposium on Computer Science Education. Pittsburgh, Pennsylvania, United States. 2025.

To appear BibTex Preprint GitHub

To appear

SALLM: Security Assessment of Generated Code

Authors: Mohammed Latif Siddiq, Joanna C. S. Santos, Sajith Devareddy, and Anna Muller

In: ASYDE'24 6th International Workshop on Automated and verifiable Software sYstem Development. Sacramento, CA, USA. 2024.

To appear BibTex Preprint GitHub 10.1145/3691621.3694934

To appear

FRANC: A Lightweight Framework for High-Quality Code Generation

Authors: Mohammed Latif Siddiq, Beatrice Casey, and Joanna C. S. Santos

In: SCAM'24 24th IEEE International Conference on Source Code Analysis and Manipulation (SCAM). Flagstaff, AZ, USA. 2024.

To appear BibTex Preprint 10.1109/SCAM63643.2024.00020

To appear

The Fault in our Stars: Quality Assessment of Code Generation Benchmarks

Authors: Mohammed Latif Siddiq, Simantika Bhattacharjee Dristi, Joy Saha, and Joanna C. S. Santos

In: SCAM'24 24th IEEE International Conference on Source Code Analysis and Manipulation (SCAM). Flagstaff, AZ, USA. 2024.

To appear BibTex Preprint 10.1109/SCAM63643.2024.00028

Using Large Language Models to Generate JUnit Tests: An Empirical Study

Authors: Mohammed Latif Siddiq, Joanna C. S. Santos, Ridwanul Hasan Tanvir, Noshin Ulfat, Fahmid Al Rifat, and Vinicius Carvalho Lopes

In: EASE'24 28th International Conference on Evaluation and Assessment in Software Engineering (EASE). Salerno, Italy. 2024.

BibTex Preprint 10.1145/3661167.3661216

Understanding Regular Expression Denial of Service (ReDoS): Insights from LLM-Generated Regexes and Developer Forums

Authors: Mohammed Latif Siddiq, Jiahao Zhang, and Joanna C. S. Santos

In: ICPC'24 32nd IEEE/ACM International Conference on Program Comprehension (ICPC). Lisbon, Portugal. 2024.

BibTex Preprint GitHub 10.1145/3643916.3644424

To appear

Seneca: Taint-Based Call Graph Construction for Java Object Deserialization

Authors: Joanna C. S. Santos, Mehdi Mirakhorli, and Ali Shokri

In: OOPSLA ACM SIGPLAN International Conference on Object-Oriented Programming Systems, Languages, and Applications (OOPSLA). 2024.

To appear Preprint 10.1145/3649851

Re(gEx|DoS)Eval: Evaluating Generated Regular Expressions and their Proneness to DoS Attacks

Authors: Mohammed Latif Siddiq, Jiahao Zhang, Lindsay Roney, and Joanna C. S. Santos

In: ICSE NIER 46th International Conference on Software Engineering - New Ideas and Emerging Results Track (ICSE-NIER). 2024.

BibTex Preprint GitHub 10.1145/3639476.3639757

Quality Assessment of ChatGPT Generated Code and their Use by Developers

Authors: Mohammed Latif Siddiq, Lindsay Roney, Jiahao Zhang, and Joanna C. S. Santos

In: MSR MINING CHALLENGE 21st International Conference on Mining Software Repositories, Mining Challenge Track (MSR 2024). 2024.

BibTex Preprint GitHub 10.1145/3643991.3645071

Empirical Validation of Automated Vulnerability Curation and Characterization

Authors: Ahmet Okutan, Peter Mell, Mehdi Mirakhorli, Igor Khokholov, Joanna C. S. Santos, Danielle Gonzalez, and Steven Simmons

In: TSE IEEE Transactions on Software Engineering. 2023.

BibTex Preprint 10.1109/TSE.2023.3250479

Zero-shot Prompting for Code Complexity Prediction Using GitHub Copilot

Authors: Mohammed Latif Siddiq, Abdus Samee, Sk Ruhul Azgor, Md. Asif Haider, Shehabul Islam Sawraz, and Joanna C. S. Santos

In: NLBSE'23 2nd International Workshop on Natural Language-based Software Engineering (co-located with ICSE'23). Melbourne, Australia. 2023.

BibTex Preprint 10.1109/NLBSE59153.2023.00018

An Empirical Study of Code Smells in Transformer-based Code Generation Techniques

Authors: Mohammed Latif Siddiq, Shafayat Hossain Majumder, Maisha Rahman Mim, Sourov Jajodia, and Joanna C. S. Santos

In: SCAM'22 22nd IEEE International Working Conference on Source Code Analysis and Manipulation. Limassol, Cyprus. 2022.

BibTex Preprint GitHub 10.1109/SCAM55253.2022.00014

SecurityEval Dataset: Mining Vulnerability Examples to Evaluate Machine Learning-Based Code Generation Techniques

Authors: Mohammed Latif Siddiq, and Joanna C. S. Santos

In: MSR4P&S'22 1st International Workshop on Mining Software Repositories Applications for Privacy and Security (co-located with ESEC/FSE'22). Singapore. 2022.

BibTex Preprint Video GitHub 10.1145/3549035.3561184

Counterfeit Object-Oriented Programming Vulnerabilities: An Empirical Study in Java

Authors: Joanna C. S. Santos, Xueling Zhang, and Mehdi Mirakhorli

In: MSR4P&S'22 1st International Workshop on Mining Software Repositories Applications for Privacy and Security (co-located with ESEC/FSE'22). Singapore. 2022.

BibTex Preprint 10.1145/3549035.3561184

BERT-Based GitHub Issue Report Classification

Authors: Mohammed Latif Siddiq, and Joanna C. S. Santos

In: NLBSE'22 The 1st International Workshop on Natural Language-based Software Engineering (co-located with ICSE'22). Pittsburgh, PA, USA. 2022.

BibTex Preprint GitHub

A Methodological Approach to Verify Architecture Resiliency

Authors: Joanna C. S. Santos, Selma Suloglu, Nestor Catano, and Mehdi Mirakhorli

In: DeMeSSA'22 2nd International Workshop on Designing and Measuring Security in Software Architecture (co-located with ECSA'22). Prague, Czech Republic. 2022.

BibTex Preprint 10.1007/978-3-031-36889-9_22

Serialization-Aware Call Graph Construction

Authors: Joanna C. S. Santos, Reese A. Jones, Chinomso Ashiogwu, and Mehdi Mirakhorli

In: SOAP'21 10th ACM SIGPLAN International Workshop on the State of the Art in Program Analysis. Virtual Conference. 2021.

BibTex Preprint GitHub 10.1145/3460946.3464319

ArCode: Facilitating the Use of Application Frameworks to Implement Tactics and Patterns

Authors: Ali Shokri, Joanna C. S. Santos, and Mehdi Mirakhorli

In: ICSA'21 2021 IEEE International Conference on Software Architecture. Stuttgart, Germany (Virtual due to COVID-19). 2021.

BibTex Preprint Video 10.1109/ICSA51549.2021.00021

Looking for Software Defects? First Find the Nonconformists - An Outlier-Based Defect Prediction Approach

Authors: Sara Moshtari, Joanna C. S. Santos, Mehdi Mirakhorli, and Ahmet Okutan

In: SCAM'20 20th IEEE International Working Conference on Source Code Analysis and Manipulation. Adelaide, Australia (Virtual due to COVID-19). 2020.

BibTex Preprint Video 10.1109/SCAM51674.2020.00014

Salsa: Static Analysis of Serialization Features

Authors: Joanna C. S. Santos, Reese A. Jones, and Mehdi Mirakhorli

In: FTfJP'20 22th ACM SIGPLAN International Workshop on Formal Techniques for Java-Like Programs. Berlin, Germany (Virtual due to COVID-19). 2020.

BibTex Preprint GitHub 10.1145/3427761.3428343

Towards Automated Evidence Generation for Rapid and Continuous Software Certification

Authors: Joanna C. S. Santos, Ali Shokri, and Mehdi Mirakhorli

In: WoSoCer'20 10th IEEE International Workshop on Software Certification. Coimbra, Portugal (Virtual due to COVID-19). 2020.

BibTex Preprint Video 10.1109/ISSREW51248.2020.00087

Towards an Automated Approach for Detecting Architectural Weaknesses in Critical Systems

Authors: Joanna C. S. Santos, Selma Suloglu, Joanna Ye, and Mehdi Mirakhorli

In: EnCyCriS'20 1st International Workshop on Engineering and Cybersecurity of Critical Systems. Seoul, South Korea (Virtual due to COVID-19). 2020.

BibTex Preprint Video 10.1145/3387940.3392222

An Automated Approach to Recover the Use-case View of an Architecture

Authors: Joanna C. S. Santos, Sara Moshtari, and Mehdi Mirakhorli

In: ICSA-NEMI Track 2020 IEEE International Conference on Software Architecture - New and Emerging Ideas. 2020.

BibTex Preprint Video 10.1109/ICSA-C50368.2020.00020

Achilles’ Heel of Plug-and-Play Software Architectures: A Grounded Theory Based Approach

Authors: Joanna C. S. Santos, Adriana Sejfia, Taylor Corrello, Smruthi Gadenkanahalli, and Mehdi Mirakhorli

In: ESEC/FSE'19 2019 ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering. Tallinn, Estonia. 2019.

BibTex Preprint GitHub 10.1145/3338906.3338969

An Empirical Study of Tactical Vulnerabilities

Authors: Joanna C. S. Santos, Katy Tarrit, Adriana Sejfia, Mehdi Mirakhorli, and Matthias Galster

In: JSS Journal of Systems and Software. Volume 149. 2019.

BibTex Preprint 10.1016/j.jss.2018.10.030

Understanding Software Vulnerabilities Related to Architectural Security Tactics: An Empirical Investigation of Chromium, PHP and Thunderbird

Authors: Joanna C. S. Santos, Anthony Peruma, Mehdi Mirakhorli, Matthias Galster, Jairo Veloz Vidal, and Adriana Sejfia

In: ICSA'17 2017 IEEE International Conference on Software Architecture. Gothenburg, Sweden. 2017.

BibTex Preprint 10.1109/ICSA.2017.39 Best paper award

A Catalog of Security Architecture Weaknesses

Authors: Joanna C. S. Santos, Katy Tarrit, and Mehdi Mirakhorli

In: ICSAW'17 2017 IEEE International Conference on Software Architecture Workshops. Gothenburg, Sweden. 2017.

BibTex Preprint URL 10.1109/ICSAW.2017.25

A Large-Scale Study on the Usage of Testing Patterns That Address Maintainability Attributes (Patterns for Ease of Modification, Diagnoses, and Comprehension)

Authors: Danielle Gonzalez, Joanna C. S. Santos, Andrew Popovich, Mehdi Mirakhorli, and Meiyappan Nagappan

In: MSR'17 Proceedings of the 14th International Conference on Mining Software Repositories. Buenos Aires, Argentina. 2017.

BibTex 10.1109/MSR.2017.8

A search engine for finding and reusing architecturally significant code

Authors: Ibrahim Mujhid, Joanna C. S. Santos, Raghuram Gopalakrishnan, and Mehdi Mirakhorli

In: JSS Journal of Systems and Software. Volume 130. 2016.

BibTex Preprint 10.1016/j.jss.2016.11.034

Automated training-set creation for software architecture traceability problem

Authors: Waleed Zogaan, Ibrahim Mujhid, Joanna C. S. Santos, Danielle Gonzalez, and Mehdi Mirakhorli

In: EMSE Empirical Software Engineering. Volume 22, Issue 3. 2016.

BibTex Preprint 10.1007/s10664-016-9476-y

BUDGET: a Tool for Supporting Software Architecture Traceability Research

Authors: Joanna C. S. Santos, Mehdi Mirakhorli, Ibrahim Mujhid, and Waleed Zogaan

In: WICSA'16 Proceedings of the 13th Working IEEE/IFIP Conference on Software Architecture. Venice, Italy. 2016.

BibTex Preprint Video 10.1109/WICSA.2016.47

A Model-Driven Solution for Automatic Software Deployment in the Cloud

Authors: Franklin Magalhães Ribeiro Jr, Tarcísio da Rocha, Joanna C. S. Santos, and Edward David Moreno

In: ITNG'15 Proceedings of the 13th International Conference on Information Technology: New Generations. 2015.

BibTex Preprint 10.1007/978-3-319-32467-8_52

ERLab: a middleware for remote access electronic laboratories

Authors: Admilson R. L. Ribeiro, Marco T. Chella, Luiz M. M. A. Santos, Joanna C. S. Santos, and Wedla R. Melo

In: EATIS'12 Proceedings of the 6th Euro American Conference on Telematics and Information Systems. Valencia, Spain. 2012.

BibTex Preprint 10.1145/2261605.2261635

A Location Service using the HTML5 Geolocation API (Serviço de localização utilizando a API de geolocalização do HTML5)

Authors: Joanna C. S. Santos, Sandra C. P. Hoentsch, Rafael A. Nascimento, and Admilson R. L. Ribeiro

In: ERBASE 2013 - WTICG 13th Regional School of Computing of the States of Bahia, Alagoas and Sergipe - Scientific Initiation and Undergraduate Works Workshop (XIII Escola Regional de Computação dos Estados da Bahia, Alagoas e Sergipe - Workshop de Trabalhos de IC e de Graduação - ERBASE 2013 - WTICG). Aracaju, Sergipe. 2013.

BibTex Preprint 🥉 Paper Award (3rd place)

Uma Proposta de Site de Rede Social Móvel para Pesquisa e Educação.

Authors: Sandra C. P. Hoentsch, Admilson R. L. Ribeiro, Joanna C. S. Santos, and Lucas L. B. Menezes

In: ERBASE 2012 - X WEIBASE XII Escola Regional de Computação dos Estados da Bahia, Alagoas e Sergipe - X Workshop de Educação e Informática Bahia-Alagoas-Sergipe. Juazeiro, Bahia. 2012.

Preprint

JOnline: Proposta preliminar de um juiz online didático para o ensino de programação

Authors: Joanna C. S. Santos, and Admilson R. L. Ribeiro

In: XXII SBIE - XVII WIE 22º Simpósio Brasileiro de Informática na Educação (SBIE) e 17º Workshop de Informática na Escola. Aracaju, Sergipe. 2011.

Preprint

Uma proposta de um juiz online didático para o ensino de programação

Authors: Joanna C. S. Santos, and Admilson R. L. Ribeiro

In: II ENINED II Encontro Nacional de Informática e Educação. Cascavel, Paraná. 2011.

Preprint

LEW: Laboratório de Engenharia Web para ensino, pesquisa e extensão

Authors: Admilson R. L. Ribeiro, Marco T. Chella, Luiz M. M. A. Santos, Joanna C. S. Santos, and Wedla R. Melo

In: II ENINED II Encontro Nacional de Informática e Educação. Cascavel, Paraná. 2011.

Preprint

SocialNetLab - Uma Proposta de Site de Rede Social para Educação

Authors: Sandra C. P. Hoentsch, Admilson R. L. Ribeiro, and Joanna C. S. Santos

In: II ENINED II Encontro Nacional de Informática e Educação. Cascavel, Paraná. 2011.

Preprint