Detailed Information

Cited 0 time in webofscience Cited 0 time in scopus
Metadata Downloads

Detecting Violations of Security Requirements for Vulnerability Discovery in Source Code

Authors
Li, HongzheOh, JaesangLee, Heejo
Issue Date
9월-2016
Publisher
IEICE-INST ELECTRONICS INFORMATION COMMUNICATIONS ENG
Keywords
software vulnerability; security sinks; security requirements
Citation
IEICE TRANSACTIONS ON INFORMATION AND SYSTEMS, v.E99D, no.9, pp.2385 - 2389
Indexed
SCIE
SCOPUS
Journal Title
IEICE TRANSACTIONS ON INFORMATION AND SYSTEMS
Volume
E99D
Number
9
Start Page
2385
End Page
2389
URI
https://scholar.korea.ac.kr/handle/2021.sw.korea/87707
DOI
10.1587/transinf.2016EDL8035
ISSN
1745-1361
Abstract
Finding software vulnerabilities in source code before the program gets deployed is crucial to ensure the software quality. Existing source code auditing tools for vulnerability detection generate too many false positives, and only limited types of vulnerability can be detected automatically. In this paper, we propose an extendable mechanism to reveal vulnerabilities in source code with low false positives by specifying security requirements and detecting requirement violations of the potential vulnerable sinks. The experimental results show that the proposed mechanism can detect vulnerabilities with zero false positives and indicate the extendability of the mechanism to cover more types of vulnerabilities.
Files in This Item
There are no files associated with this item.
Appears in
Collections
Graduate School > Department of Computer Science and Engineering > 1. Journal Articles

qrcode

Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.

Related Researcher

Researcher Lee, Hee jo photo

Lee, Hee jo
컴퓨터학과
Read more

Altmetrics

Total Views & Downloads

BROWSE