Kelechi Gabriel Kalu

Kelechi Gabriel Kalu

PhD Student ECE@Purdue University, Ex Research Intern@Microsoft

Publications

Refereed Conference/Journal/Workshop Publications

Peer Reviewed Conference Publications

  1. Why Johnny Adopts Identity-Based Software Signing: A Usability Case Study of Sigstore.
    Kalu, Okorafor, Singla, Chen, Torres-Arias, and Davis.
    [USENIX Security’26] USENIX Security Symposium, 2026.

  2. An Industry Interview Study of Software Signing for Supply Chain Security.
    Kalu, Singla, Okafor, Torres-Arias, and Davis.
    [USENIX Security’25] USENIX Security Symposium, 2025.

  3. Signing in Four Public Software Package Registries: Quantity, Quality, and Influencing Factors.
    Schorlemmer, Kalu, Chigges, Ko, Ishgair, Bagchi, and Davis.
    [IEEE S&P ‘24] IEEE Symposium on Security and Privacy (SP) 2024, 1160–1178.

Peer Reviewed Workshops/Other Peer Reviewed Publications

  1. Establishing Provenance Before Coding: Traditional and Next-Generation Software Signing.
    Schorlemmer, Burmane, Kalu, Torres-Arias, and Davis.
    IEEE Security & Privacy, 2025.

  2. Recommending Pre-Trained Models for IoT Devices.
    Patil, Jiang, Peng, Lugo, Kalu, LeBlanc, Smith, Heo, Aou, and Davis.
    Proceedings of the 7th International Workshop on Software Engineering Research & Practices for the Internet of Things (SERP4IoT) 2025.

  3. An Empirical Study on Using Large Language Models to Analyze Software Supply Chain Security Failures.
    Singla, Anandayuvaraj, Kalu, Schorlemmer, and Davis.
    [SCORED ‘23] Proceedings of the 2023 Workshop on Software Supply Chain Offensive Research and Ecosystem Defenses.

  4. Reflecting on the Use of the Policy-Process-Product Theory in Empirical Software Engineering.
    Kalu, Schorlemmer, Chen, Robinson, Kocinare, and Davis.
    [ESEC/FSE ‘23] Proceedings of the 31st ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering, 2023.

Technical Reports

  1. How Do Agents Perform Code Optimization? An Empirical Study.
    Peng, Zhong, Méndez, Kalu, Davis
    arXiv preprint arXiv:2512.21757, 2026.

  2. A Guide to Stakeholder Analysis for Cybersecurity Researchers..
    Davis, Chen, Peng, Amusuo, and Kalu. arXiv preprint arXiv:2508.14796, 2025.

  3. Why Software Signing (Still) Matters: Trust Boundaries in the Software Supply Chain.
    Kalu, and Davis.
    arXiv preprint arXiv:2510.04964, 2025.

  4. ARMS: A Vision for Actor Reputation Metric Systems in the Open-Source Software Supply Chain.
    Kalu, Okorafor, Durak, Laine, Moreno, Torres-Arias, and Davis.
    arXiv preprint arXiv:2505.18760, 2025.