Gabriel Ferreira

Software Engineering PhD Student

Institute for Software Research

Carnegie Mellon University


gferreir (at) cs.cmu.edu


About me

I am a Software Engineering PhD Student at the Institute for Software Research (SCS) at Carnegie Mellon University. I am fortunate to be advised by Christian Kästner.

My research focuses on Software Engineering, specifically on topics such as package management security, security automation, and evidence-based security assurance.

Currently, I am working on containing malicious package updates on the Node.js/npm ecosystem with a lightweight permission system that reduces applications' attack surface and an anomaly detection approach that reduces developers' review effort by focusing on suspicious updates.

My long-term goal is to bridge the gap between software engineering and security by designing social-technical solutions that reduce the costs of building more secure software.

Education

MSc in Computer Science, Federal University of Uberlandia, Brazil

2012

Dissertation: "On the Use of Feature-Oriented Programming for Evolving Software Product Lines"
Advisors: Marcelo Maia, Eduardo Figueiredo

BSc in Computer Science, Federal University of Uberlandia, Brazil

2009

Publications

Journals / Book Chapters


JSEP 2018 - Goyal, R., Ferreira, G., Kaestner, C., Herbsleb, J. Identifying Unusual Commits on GitHub. Journal of Software Evolution and Process, Vol. 30, Issue 1, 2018. [doi]

SCP 2014 - Gaia, F. N., Ferreira, G. C. S., Figueiredo, E., Maia, M. A Quantitative Assessment of Aspectual Feature Modules for Evolving Software Product Lines. Science of Computer Programming, Vol. 96, Part 2, 2014, pp. 230-253 [doi]

SCP 2014 - Ferreira, G. C. S., Gaia, F. N., Figueiredo, E., Maia, M. On the Use of Feature- Oriented Programming for Evolving Software Product Lines – A Comparative Study. Science of Computer Programming, Vol. 93, Part A, 2014, pp. 65-85 [doi]

LNCS 2012 - Gaia, F. N., Ferreira, G. C. S., Figueiredo, E., Maia, M. A Quantitative Assessment of Aspectual Feature Modules for Evolving Software Product Lines. Programming Languages: 16th Brazilian Symposium, SBLP 2012, Natal, Brazil, September 23-28, 2012, Proceedings (LNCS), Book 7554, pp. 134-149. [doi]



Conferences


ICSE-NIER 2019 - Garret, K., Ferreira, G., Jia, L., Sunshine, J., Kaestner, C. Detecting Suspicious Package Updates. Proc. of ICSE-NIER (2019). [pre-print]

SPLC 2016 - Ferreira, G., Malik. M, Kaestner, C., Pfeffer, J., Apel, S. Do #ifdefs Influence the Occurrence of Vulnerabilities? An Empirical Study of the Linux Kernel. Proc. of SPLC (2016). Distinguished Paper [doi]

HotSoS 2015 - Ferreira, G., Kaestner, C., Pfeffer, J., Apel, S. Characterizing Configuration Complexity in Highly-Configurable Systems with Variational Call Graphs (poster abstract). Proc. of HotSoS: Article 17 (2015).[doi]

SBLP 2011 - Ferreira, G. C. S., Gaia, F. N., Figueiredo, E., Maia, M. On the Use of Feature- Oriented Programming for Evolving Software Product Lines: A Comparative Study. Proc. of SBLP: 1-15 (2011).[doi]

AOSD 2011 - Figueiredo, E., Garcia, A., Maia, M., Ferreira, G., Nunes, C., Whittle, J. On the Impact of Crosscutting Concern Projection on Code Measurement. Proc. of AOSD: 81-92 (2011) .[doi]