Does the Vulnerability Threaten Our Projects? Automated Vulnerable API Detection for Third-Party Libraries

Developers usually use third-party libraries (TPLs) to facilitate the development of their projects to avoid reinventing the wheels, however, the vulnerable TPLs indeed cause severe security threats. The majority of existing research only considered whether projects used vulnerable TPLs but neglecte...

Full description

Saved in:
Bibliographic Details
Published in:IEEE transactions on software engineering Vol. 50; no. 11; pp. 2906 - 2920
Main Authors: Zhang, Fangyuan, Fan, Lingling, Chen, Sen, Cai, Miaoying, Xu, Sihan, Zhao, Lida
Format: Journal Article
Language:English
Published: New York IEEE 01.11.2024
IEEE Computer Society
Subjects:
Accuracy
Application programming interface
Codes
Impact analysis
Java
Libraries
Maintenance costs
Security
Software
software composition analysis
static analysis
Third party
Vulnerability detection
ISSN:0098-5589, 1939-3520
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Be the first to leave a comment!
You must be logged in first