Podrobná bibliografia
| Názov: |
Detecting security vulnerabilities with static analysis – A case study. |
| Autori: |
Alqaradaghi, Midya, Morse, Gregory, Kozsik, Tamás |
| Zdroj: |
Pollack Periodica; Aug2022, Vol. 17 Issue 2, p1-7, 07p |
| Predmety: |
SOURCE code, SECURITY management |
| Abstrakt: |
Many security vulnerabilities can be detected by static analysis. This paper is a case study and a performance comparison of four open-source static analysis tools and plugins (PMD, SpotBugs, Find Security Bugs, and SonarQube) on Java source code. Experiments have been conducted on the widely used Juliet Test Suite with respect to six selected weaknesses from the official Top 25 list of Common Weakness Enumeration. In this study, analysis metrics have been calculated for helping Java developers decide which tools can be used when checking their programs for security vulnerabilities. It turned out that particular weaknesses are best detected with particular tools. [ABSTRACT FROM AUTHOR] |
|
Copyright of Pollack Periodica is the property of Akademiai Kiado and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.) |
| Databáza: |
Complementary Index |
Full Text Finder 
Nájsť tento článok vo Web of Science