Journals

Can Traditional Fault Prediction Models be Used for Vulnerability Prediction? 
Yonghee Shin and Laurie Williams
Empirical Software Engineering Journal, 18(1), February, 2013.
[DOI]

On the Use of Calling Structure Information to Improve Fault Prediction
Yonghee Shin, Robert Bell, Thomas Ostrand, and Elaine Weyuker
Empirical Software Engineering Journal, 17(4-5), August, 2012. 
[DOI]

Evaluating Complexity, Code Churn, and Developer Activity Metrics as Indicators of Software Vulnerabilities
Yonghee Shin, Andrew Meneely, Laurie Williams, and Jason Osborne
IEEE Transactions on Software Engineering , 37(6), Nov.-Dec. 2011.
[DOI]

Conferences and Workshops

Software Traceability

             A Tactic-Centric Approach for Automating Traceability of Quality Concerns (ACM SIGSOFT Distinguished Paper)
             Mehdi Mirakhorli, Yonghee Shin, Jane Cleland-Huang and Murat Cinar
             the 34th International Conference on Software Engineering (ICSE’12), June 2-9, 2012.

A Comparative Evaluation of Two User Feedback Techniques for Requirements Trace Retrieval 
Yonghee Shin and Jane Cleland-Huang
The 27th Symposium on Applied Computing (ACM SAC'12), Trento, Italy, March 26-30, 2012.
[PDF]

Toward Actionable, Broadly Accessible Contests in Software Engineering
Jane Cleland-Huang, Yonghee Shin, Ed Keenan, Adam Czauderna, Greg Leach, Evan Mortiz, Malcom Gethers, Denys Poshyvanyk, Jane Huffman Hayes, Wenbin Li
the 34th International Conference on Software Engineering (ICSE’12), New Ideas and Emerging Results (NIER) track, June 2-9, 2012 (to appear).

TraceLab: An Experimental Workbench for Equipping Researchers to Innovate, Synthesize, and Comparatively Evaluate Traceability Solutions 
Ed Keenan, Adam Czauderna1, Greg Leach, Jane Cleland-Huang, Yonghee Shin, Evan Moritz, Malcom Gethers, Denys Poshyvanyk, Jonathan Maletic, Jane Huffman Hayes, Alex Dekhtyar, Daria Manukian, Shervin Hussein, Derek Hearn 
the 34th International Conference on Software Engineering (ICSE’12), formal demo track, June 2-9, 2012 (to appear). 

Traceability Challenge 2011: Using TraceLab to Evaluate the Impact of Local versus Global IDF on Trace Retrieval
Adam Czauderna, Marek Gibiec, Greg Leach, Yubin Li, Yonghee Shin, Ed Keenan, and Jane Cleland-Huang
The 6th International Workshop on Traceability in Emerging Forms of Software Engineering (TEFSE11), in conjunction with ICSE 2011, Honolulu, Hawaii, May 23, 2011
[PDF][DOI]

Grand Challenges, Benchmarks, and TraceLab: Developing Infrastructure for the Software Traceability Research Community
J. Cleland-Huang, A. Czauderna, A. Dekhtyar, O. Gotel, J. Huffman Hayes, E. Keenan, G. Leach, J. Maletic, D. Poshyvanyk, 
Y. Shin, A. Zisman, G. Antoniol, B. Berenbach, A. Egyed, P. Maeder
The 6th International Workshop on Traceability in Emerging Forms of Software Engineering (TEFSE11), in conjunction with ICSE 2011, Honolulu, Hawaii, May 23, 2011 
[DOI]

Software Security and Reliability

An Initial Study on the Use of Execution Complexity Metrics as Indicators of Software Vulnerabilities 
Yonghee Shin and Laurie Williams
The 7th International Workshop on Software Engineering for Secure Systems (SESS'11), in conjunction with ICSE 2011, Honolulu, Hawaii, May 22, 2011
[PDF][DOI]

Does Calling Structure Information Improve the Accuracy of Fault Prediction?
Yonghee Shin, Robert Bell, Thomas Ostrand, and Elaine Weyuker
The 6th IEEE Working Conference on Mining Software Repositories (MSR 2009), co-located with ICSE 2009, Vancouver, Canada, May 16-17, 2009
[DOI]

Is Complexity Really the Enemy of Software Security?
Yonghee Shin and Laurie Williams
The 4th Workshop on Quality of Protection (QoP 2008),  co-located with CCS-2008, Short paper, October 2008
[PDF] [DOI
 
An Empirical Model to Predict Security Vulnerabilities using Code Complexity Metrics 
Yonghee Shin and Laurie Williams
The 2nd International Symposium on Empirical Software Engineering and Measurement (ESEM 2008) , Short paper, October 2008
[PDF] [DOI
 
Exploring Complexity Metrics as Indicators of Software Vulnerability 
Yonghee Shin
The 3rd International Doctoral Symposium on Empirical Software Engineering (IDoESE 2008) , co-located with ESEM-2008, October 2008
[PDF]
 
Proposing SQL Statement Coverage Metrics
Ben Smith, Yonghee Shin, Laurie Williams
The 4th International Workshop on Software Engineering for Secure Systems (SESS 2008), in conjunction with ICSE 2008, Leipzig, Germany, 17 May, 2008
[PDF] [DOI]
 
Improving the Identification of Actual Input Manipulation Vulnerabilities 
Yonghee Shin
The 14th ACM SIGSOFT Symposium on Foundations of Software Engineering (FSE2006) Doctoral Symposium, Portland, OR. 6 November 2006
[PDF]
 
SQLUnitGen: SQL Injection Testing Using Static and Dynamic Analysis  
Yonghee Shin, Laurie Williams, and Tao Xie 
The 17th IEEE International Symposium on Software Reliability Engineering (ISSRE 2006), Student Program, Raleigh, NC, 7-10 November 2006 
[PDF]

Work in Progress: Exploring Security and Privacy Concepts through the Development and Testing of the iTrust Medical Records System  
Laurie Williams and Yonghee Shin 
The 36th Annual Frontiers in Education Conference (FIE 2006), San Diego, CA, 28-31 October 2006, pp.30-31 
[DOI


 Technical Reports

A Framework for Evaluating Traceability Benchmark Metrics
Yonghee Shin, Jane Huffman Hayes, and Jane Cleland-Huang
DePaul University, Technical report, March, 2012
[PDF]

Toward a Taxonomy of Techniques to Detect Cross-site Scripting and SQL Injection Vulnerabilities 
Yonghee Shin and Laurie Williams
North Carolina State University Department of Computer Science, Technical report TR-2008-4, February 02, 2008
[PDF]

SQLUnitGen: Test Case Generation for SQL Injection Detection 
Yonghee Shin, Laurie Williams, and Tao Xie
North Carolina State University Department of Computer Science Technical report TR-2006-21, August 06, 2006
[PDF]