An empirical study of security warnings from static application security testing tools
Abstract The Open Web Application Security Project (OWASP) defines Static Application
Security Testing (SAST) tools as those that can help find security vulnerabilities in the source …
Security Testing (SAST) tools as those that can help find security vulnerabilities in the source …
Mining bug databases for unidentified software vulnerabilities
Identifying software vulnerabilities is becoming more important as critical and sensitive
systems increasingly rely on complex software systems. It has been suggested in previous …
systems increasingly rely on complex software systems. It has been suggested in previous …
Comparative study on static code analysis tools for c/c++
A Fatima, S Bibi, R Hanif - 2018 15th International Bhurban …, 2018 - ieeexplore.ieee.org
With the advancements in the field of modern science and technology, there is a growing
trend in reliance on software codes, which puts more emphasis on the quality of software …
trend in reliance on software codes, which puts more emphasis on the quality of software …
An analysis of x86-64 inline assembly in c programs
C codebases frequently embed nonportable and unstandardized elements such as inline
assembly code. Such elements are not well understood, which poses a problem to tool …
assembly code. Such elements are not well understood, which poses a problem to tool …
An Empirical Study on the Use of Static Analysis Tools in Open Source Embedded Software
This paper performs the first study to understand the prevalence, challenges, and
effectiveness of using Static Application Security Testing (SAST) tools on Open-Source …
effectiveness of using Static Application Security Testing (SAST) tools on Open-Source …
Evaluating state-of-the-art free and open source static analysis tools against buffer errors in android apps
B Aloraini, M Nagappan - 2017 IEEE International Conference …, 2017 - ieeexplore.ieee.org
Modern mobile apps incorporate rich and complex features, opening the doors for different
security concerns. Android is the dominant platform in mobile app markets, and enhancing …
security concerns. Android is the dominant platform in mobile app markets, and enhancing …
[PDF][PDF] Evaluating the performance of open source static analysis tools
J Moerman, S Smetsers, M Schoolderman - Bachelor thesis, Radboud …, 2018 - cs.ru.nl
In this article, we will look at the recall, precision, and usability of five open source static
analysis tools (Clang, Infer, Cppcheck, Splint and, Frama-C). Prior articles comparing the …
analysis tools (Clang, Infer, Cppcheck, Splint and, Frama-C). Prior articles comparing the …
Performance analysis for FMIPv6 considering probability of predictive mode failure
S Ryu, Y Mun - … Conference on Computational Science and Its …, 2009 - ieeexplore.ieee.org
Mobile IPv6 (MIPv6) is a protocol to support mobility for IPv6. Fast Handovers for MIPv6
(FMIPv6) have been studied, since in MIPv6 handover latency is long, and all packets are …
(FMIPv6) have been studied, since in MIPv6 handover latency is long, and all packets are …
[PDF][PDF] Software Vulnerabilities--lifespans, Metrics, and Case Study
JL Wright - 2014 - researchgate.net
3.1 Introduction For the purposes of this chapter, grace period and vulnerability lifespan are
defined as follows:• grace period is the amount of time the discoverer of a vulnerability allots …
defined as follows:• grace period is the amount of time the discoverer of a vulnerability allots …
On proposing a test oracle generator based on static and dynamic source code analysis
AO Arantes, VA de Santiago… - 2015 IEEE International …, 2015 - ieeexplore.ieee.org
Test oracles have become a welcoming approach as a very efficient support for testing any
type of application. Since oracle's generation can be a very laborious work, several …
type of application. Since oracle's generation can be a very laborious work, several …