Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
SCAM
2008
IEEE
2008
IEEE
The Evolution and Decay of Statically Detected Source Code Vulnerabilities
The presence of vulnerable statements in the source code is a crucial problem for maintainers: properly monitoring and, if necessary, removing them is highly desirable to ensure high security and reliability. To this aim, a number of static analysis tools have been developed to detect the presence of instructions that can be subject to vulnerability attacks, ranging from buffer overflow exploitations to command injection and cross-site scripting. Based on the availability of existing tools and of data extracted from software repositories, this paper reports an empirical study on the evolution of vulnerable statements detected in three software systems with different static analysis tools. Specifically, the study investigates on vulnerability evolution trends and on the decay time exhibited by different kinds of vulnerabilities.
Real-time TrafficBuffer Overflow Exploitations | SCAM 2008 | Software Engineering | Static Analysis Tools | Vulnerable Statements |
Related Content
| Added | 01 Jun 2010 |
| Updated | 01 Jun 2010 |
| Type | Conference |
| Year | 2008 |
| Where | SCAM |
| Authors | Massimiliano Di Penta, Luigi Cerulo, Lerina Aversano |
Comments (0)
Researcher Info
|
