Does the Vulnerability Threaten Our Projects? Automated Vulnerable API Detection for Third-Party Libraries

Developers usually use third-party libraries (TPLs) to facilitate the development of their projects to avoid reinventing the wheels, however, the vulnerable TPLs indeed cause severe security threats. The majority of existing research only considered whether projects used vulnerable TPLs but neglecte...

Celý popis

Uložené v:
Podrobná bibliografia
Vydané v:IEEE transactions on software engineering Ročník 50; číslo 11; s. 2906 - 2920
Hlavní autori: Zhang, Fangyuan, Fan, Lingling, Chen, Sen, Cai, Miaoying, Xu, Sihan, Zhao, Lida
Médium: Journal Article
Jazyk:English
Vydavateľské údaje: New York IEEE 01.11.2024
IEEE Computer Society
Predmet:
Accuracy
Application programming interface
Codes
Impact analysis
Java
Libraries
Maintenance costs
Security
Software
software composition analysis
static analysis
Third party
Vulnerability detection
ISSN:0098-5589, 1939-3520
On-line prístup:Získať plný text
Tagy: Pridať tag
Žiadne tagy, Buďte prvý, kto otaguje tento záznam!
Buďte prvý, kto okomentuje tento záznam!
Najprv sa musíte prihlásiť.