Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
ICST
2009
IEEE
2009
IEEE
Predicting Attack-prone Components
GEGICK, MICHAEL CHARLES. Predicting Attack-prone Components with Source Code Static Analyzers. (Under the direction of Laurie Williams). No single vulnerability detection technique can identify all vulnerabilities in a software system. However, the vulnerabilities that are identified from a detection technique may be predictive of the residuals. We focus on creating and evaluating statistical models that predict the components that contain the highest risk residual vulnerabilities. The cost to find and fix faults grows with time in the software life cycle (SLC). A challenge with our statistical models is to make the predictions available early in the SLC to afford for cost-effective fortifications. Source code static analyzers (SCSA) are available during coding phase and are also capable of detecting code-level vulnerabilities. We use the code-level vulnerabilities identified by these tools to predict the presence of additional coding vulnerabilities and vulnerabilities associated wit...
Real-time TrafficRelated Content
| Added | 24 May 2010 |
| Updated | 24 May 2010 |
| Type | Conference |
| Year | 2009 |
| Where | ICST |
| Authors | Michael Gegick, Pete Rotella, Laurie A. Williams |
Comments (0)
Researcher Info
|
