Nuthan Munaiah

Hello, my name is Nuthan Munaiah. I am a Software Engineer at Microsoft, working on a platform that supports the hosting of engineering bots. I received a PhD in Computing and Information Sciences from Rochester Institute of Technology.

nm6061 (at) rit (dot) edu
+1 (401) 286 2053

Dissertation Research

The goal in my dissertation research—Toward Data-Driven Discovery of Software Vulnerabilities—was threefold:

  1. Systematize metrics known to be effective in assisting software engineers to discover vulnerabilities.
  2. Develop a usable approach to provide security feedback to software engineers.
  3. Build a reference implementation of a platform that leverages the vulnerability discovery metrics to provide software engineers with automatically generated on security.
The Samaritan metrics collection platform is the realization of the aforementioned goals.

Journal Articles
Attack Surface Definitions: A Systematic Literature Review IST'18
Christopher Theisen, Nuthan Munaiah, Mahran Al-Zyoud, Jeffrey C. Carver, Andrew Meneely and Laurie Williams
Curating GitHub for engineered software projects EMSE'17
Nuthan Munaiah, Kroh, Steven, Cabrey, Craig and Meiyappan Nagappan
Do Bugs Foreshadow Vulnerabilities? An In-depth Study of the Chromium Project EMSE'16
Nuthan Munaiah, Camilo, Felivel, Wigham, Wesley, Andrew Meneely and Meiyappan Nagappan
Conference Papers
Characterizing Attacker Behavior in a Cybersecurity Penetration Testing Competition ESEM-NIER'19
Nuthan Munaiah, Akond Rahman, Justin Pelletier, Laurie Williams and Andrew Meneely
A dataset for identifying actionable feedback in collaborative software development ACL'18
Benjamin S. Meyers, Nuthan Munaiah, Emily Prud'hommeaux, Andrew Meneely, Cecilia O. Alm, Josephine Wolff and Pradeep K. Murukannaiah
Assisted Discovery of Software Vulnerabilities ICSE-DS'18
Nuthan Munaiah
Natural Language Insights from Code Reviews that Missed a Vulnerability: A Large Scale Study of Chromium ESSoS'17
Nuthan Munaiah, Benjamin S. Meyers, Cecilia O. Alm, Andrew Meneely, Pradeep K. Murukannaiah, Emily Prud'hommeaux, Josephine Wolff and Yang Yu
Who Added that Permission to My App? An Analysis of Developer Permission Changes in Open Source Android Apps MOBILESoft'17
Daniel Krutz, Nuthan Munaiah, Anthony Peruma and Mohamed Wiem Mkaouer
A Domain-Independent Model for Identifying Security Requirements RE'17
Nuthan Munaiah, Andrew Meneely and Pradeep K. Murukannaiah
Workshop Papers
Data-driven Insights from Vulnerability Discovery Metrics DDrEE'19
Nuthan Munaiah and Andrew Meneely
Pragmatic Characteristics of Security Conversations: An Exploratory Linguistic Analysis CHASE'19
Benjamin S. Meyers, Nuthan Munaiah, Andrew Meneely, and Emily Prud'hommeaux
A Cybersecurity Dataset Derived from the National Collegiate Penetration Testing Competition HICSS'18
Nuthan Munaiah, Justin Pelletier, Shau-Hsuan Su, S. Jay Yang, and Andrew Meneely
Beyond the Attack Surface: Assessing Security Risk with Random Walks on Call Graphs SPRO'16
Nuthan Munaiah and Andrew Meneely
Vulnerability Severity Scoring and Bounties: Why the Disconnect? SWAN'16
Nuthan Munaiah and Andrew Meneely
Darwin: A Static Analysis Dataset of Malicious and Benign Android Apps WAMA'16
Nuthan Munaiah, Casey Klimkowsky, Shannon McRae, Adam Blaine, Samuel A. Malachowsky, Cesar Perez and Daniel E. Krutz
The Impact of Cross-platform Development Approaches for Mobile Applications from the User's Perspective WAMA'16
Iván Tactuk Mercado, Nuthan Munaiah and Andrew Meneely
Examining the Relationship Between Security Metrics and User Ratings of Mobile Apps: A Case Study WAMA'16
Daniel E. Krutz, Nuthan Munaiah, Andrew Meneely and Samuel A. Malachowsky
Open Source Projects
Samaritan Metrics Platform
Samaritan is a highly scalable metrics collection and analysis platform that supports the collection and analysis of 19 metrics known, from existing research, to be associated with vulnerable software.
reaper is a Python utility that computes quantitative measure of quality of a GitHub repository based on various attributes of the repository.