{"id":"https://openalex.org/W4415746249","doi":"https://doi.org/10.1109/icsme64153.2025.00101","title":"DevSecLogs: AI-Powered, Tamper-Evident Log Intelligence for Secure CI/CD Pipelines","display_name":"DevSecLogs: AI-Powered, Tamper-Evident Log Intelligence for Secure CI/CD Pipelines","publication_year":2025,"publication_date":"2025-09-07","ids":{"openalex":"https://openalex.org/W4415746249","doi":"https://doi.org/10.1109/icsme64153.2025.00101"},"language":null,"primary_location":{"id":"doi:10.1109/icsme64153.2025.00101","is_oa":false,"landing_page_url":"https://doi.org/10.1109/icsme64153.2025.00101","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 IEEE International Conference on Software Maintenance and Evolution (ICSME)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5091239061","display_name":"Sabbir M. Saleh","orcid":"https://orcid.org/0000-0001-9944-2615"},"institutions":[{"id":"https://openalex.org/I125749732","display_name":"Western University","ror":"https://ror.org/02grkyz14","country_code":"CA","type":"education","lineage":["https://openalex.org/I125749732"]}],"countries":["CA"],"is_corresponding":true,"raw_author_name":"Sabbir M. Saleh","raw_affiliation_strings":["University of Western Ontario,Department of Computer Science,London,ON,Canada"],"raw_orcid":"https://orcid.org/0000-0001-9944-2615","affiliations":[{"raw_affiliation_string":"University of Western Ontario,Department of Computer Science,London,ON,Canada","institution_ids":["https://openalex.org/I125749732"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":1,"corresponding_author_ids":["https://openalex.org/A5091239061"],"corresponding_institution_ids":["https://openalex.org/I125749732"],"apc_list":null,"apc_paid":null,"fwci":2.7033,"has_fulltext":false,"cited_by_count":2,"citation_normalized_percentile":{"value":0.92275215,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":95,"max":96},"biblio":{"volume":null,"issue":null,"first_page":"890","last_page":"894"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12127","display_name":"Software System Performance and Reliability","score":0.9350000023841858,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12127","display_name":"Software System Performance and Reliability","score":0.9350000023841858,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12034","display_name":"Digital and Cyber Forensics","score":0.01119999960064888,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11986","display_name":"Scientific Computing and Data Management","score":0.003100000089034438,"subfield":{"id":"https://openalex.org/subfields/1802","display_name":"Information Systems and Management"},"field":{"id":"https://openalex.org/fields/18","display_name":"Decision Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/ibm","display_name":"IBM","score":0.47350001335144043},{"id":"https://openalex.org/keywords/anomaly-detection","display_name":"Anomaly detection","score":0.4336000084877014},{"id":"https://openalex.org/keywords/server","display_name":"Server","score":0.33180001378059387},{"id":"https://openalex.org/keywords/term","display_name":"Term (time)","score":0.31859999895095825},{"id":"https://openalex.org/keywords/cloud-computing","display_name":"Cloud computing","score":0.31679999828338623},{"id":"https://openalex.org/keywords/semantics","display_name":"Semantics (computer science)","score":0.3160000145435333},{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.3061999976634979},{"id":"https://openalex.org/keywords/root","display_name":"Root (linguistics)","score":0.2913999855518341}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6025000214576721},{"id":"https://openalex.org/C70388272","wikidata":"https://www.wikidata.org/wiki/Q5968558","display_name":"IBM","level":2,"score":0.47350001335144043},{"id":"https://openalex.org/C739882","wikidata":"https://www.wikidata.org/wiki/Q3560506","display_name":"Anomaly detection","level":2,"score":0.4336000084877014},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.3337000012397766},{"id":"https://openalex.org/C93996380","wikidata":"https://www.wikidata.org/wiki/Q44127","display_name":"Server","level":2,"score":0.33180001378059387},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.32519999146461487},{"id":"https://openalex.org/C61797465","wikidata":"https://www.wikidata.org/wiki/Q1188986","display_name":"Term (time)","level":2,"score":0.31859999895095825},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.31679999828338623},{"id":"https://openalex.org/C184337299","wikidata":"https://www.wikidata.org/wiki/Q1437428","display_name":"Semantics (computer science)","level":2,"score":0.3160000145435333},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.3061999976634979},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.3005000054836273},{"id":"https://openalex.org/C171078966","wikidata":"https://www.wikidata.org/wiki/Q111029","display_name":"Root (linguistics)","level":2,"score":0.2913999855518341},{"id":"https://openalex.org/C186967261","wikidata":"https://www.wikidata.org/wiki/Q5082128","display_name":"Mobile device","level":2,"score":0.2906000018119812},{"id":"https://openalex.org/C75684735","wikidata":"https://www.wikidata.org/wiki/Q858810","display_name":"Big data","level":2,"score":0.2838999927043915},{"id":"https://openalex.org/C199521495","wikidata":"https://www.wikidata.org/wiki/Q181487","display_name":"Audit","level":2,"score":0.2800000011920929},{"id":"https://openalex.org/C80958533","wikidata":"https://www.wikidata.org/wiki/Q1047174","display_name":"Audit trail","level":3,"score":0.2786000072956085},{"id":"https://openalex.org/C500882744","wikidata":"https://www.wikidata.org/wiki/Q269236","display_name":"Latent Dirichlet allocation","level":3,"score":0.2773999869823456},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.27639999985694885},{"id":"https://openalex.org/C33762810","wikidata":"https://www.wikidata.org/wiki/Q461671","display_name":"Data integrity","level":2,"score":0.26969999074935913},{"id":"https://openalex.org/C148730421","wikidata":"https://www.wikidata.org/wiki/Q141090","display_name":"Encryption","level":2,"score":0.25940001010894775},{"id":"https://openalex.org/C138827492","wikidata":"https://www.wikidata.org/wiki/Q6661985","display_name":"Data processing","level":2,"score":0.2581999897956848},{"id":"https://openalex.org/C168167062","wikidata":"https://www.wikidata.org/wiki/Q1117970","display_name":"Component (thermodynamics)","level":2,"score":0.2578999996185303},{"id":"https://openalex.org/C93518851","wikidata":"https://www.wikidata.org/wiki/Q180160","display_name":"Metadata","level":2,"score":0.25369998812675476},{"id":"https://openalex.org/C79403827","wikidata":"https://www.wikidata.org/wiki/Q3988","display_name":"Real-time computing","level":1,"score":0.25290000438690186}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/icsme64153.2025.00101","is_oa":false,"landing_page_url":"https://doi.org/10.1109/icsme64153.2025.00101","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 IEEE International Conference on Software Maintenance and Evolution (ICSME)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":12,"referenced_works":["https://openalex.org/W806202468","https://openalex.org/W2263652042","https://openalex.org/W2789828921","https://openalex.org/W3183619936","https://openalex.org/W3200558875","https://openalex.org/W4285167975","https://openalex.org/W4286544722","https://openalex.org/W4404515188","https://openalex.org/W4404579260","https://openalex.org/W4404628324","https://openalex.org/W4409640213","https://openalex.org/W4412164623"],"related_works":[],"abstract_inverted_index":{"Logs":[0],"are":[1,43],"central":[2],"to":[3,32,82,145],"understanding":[4],"what":[5],"is":[6,128],"happening":[7],"inside":[8],"CI/CD":[9,138],"pipelines.":[10],"Today's":[11],"platforms":[12],"often":[13],"treat":[14],"logs":[15],"as":[16,51,88,141],"passive":[17],"artefacts":[18],"rather":[19],"than":[20],"active":[21],"indicators":[22],"of":[23,103],"risk.":[24],"This":[25],"research":[26],"introduces":[27],"DevSecLogs,":[28],"a":[29,72,78,112,122],"system":[30,107,127],"designed":[31],"integrate":[33],"security":[34],"intelligence":[35],"and":[36,56,120,143],"enforce":[37],"integrity":[38,102],"throughout":[39],"the":[40,65,101,106],"pipeline.":[41],"We":[42,69],"utilising":[44],"Natural":[45],"Language":[46],"Processing":[47],"(NLP)":[48],"methodologies":[49],"such":[50,87,140],"log":[52,85,149],"tokenisation,":[53],"topic":[54,66],"clustering,":[55],"semantic":[57],"filtering":[58],"through":[59],"Latent":[60],"Dirichlet":[61],"Allocation":[62],"(LDA),":[63],"specifically":[64],"modelling":[67],"technique.":[68],"also":[70],"implemented":[71],"deep":[73],"learning-based":[74],"anomaly":[75],"detector,":[76],"particularly":[77],"hybrid":[79],"CNN-LSTM":[80],"model,":[81],"surface":[83],"irregular":[84,96],"behaviours,":[86],"skipped":[89],"test":[90],"phases,":[91],"unauthorised":[92],"access":[93],"attempts,":[94],"or":[95],"command":[97],"patterns.":[98],"To":[99],"keep":[100],"these":[104],"logs,":[105],"stores":[108],"each":[109],"step":[110],"in":[111],"blockchain-integrated":[113],"structure":[114],"that":[115],"makes":[116],"any":[117],"changes":[118],"evident":[119],"ensures":[121],"permanent":[123],"audit":[124],"trail.":[125],"The":[126],"currently":[129],"live":[130],"on":[131],"IBM":[132],"Cloud,":[133],"with":[134],"planned":[135],"integration":[136],"into":[137],"tools":[139],"Jenkins":[142],"Tekton,":[144],"enable":[146],"secure,":[147],"real-time":[148],"monitoring":[150],"within":[151],"DevSecOps":[152],"workflows.":[153]},"counts_by_year":[{"year":2025,"cited_by_count":2}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-31T00:00:00"}