APC
Submit a Manuscript
Home About Authors Subscriber Ethics Journals Contact

Journal of Engineering and Applied Sciences

Year: 2017
Volume: 12
Issue: 6 SI
Page No. 7723 - 7730
DOI: 10.36478/jeasci.2017.7723.7730

Usefulness of On-The-Fly and Visualization Features in Static Vulnerability Analysis

Authors : Joonseon Ahn, Seungcheol Shin, Hyung Joon Lim and Young Sub Lee

References

Bradley, M., F. Cassez, A. Fehnker, T.G. Wilson and R. Huuck, 2012. High performance static analysis for industry. Electron. Notes Theoretical Comput. Sci., 289: 3-14.
Direct Link  |  

CWE, 2013. 2011 CWE/SANS top 25 most dangerous software errors. Document Version: 1.0.3, Common Weakness Enumeration (CWE), September 13, 2011. http://cwe.mitre.org/top25/archive/2011/2011_cwe_sans_top25.pdf.

Charest, T., N. Rodgers and Y. Wu, 2016. Comparison of static analysis tools for java using the Juliet test suite. Proceedings of the 11th International Conference on Cyber Warfare and Security, March 17-18, 2016, Boston University, Boston, USA., pp: 431-438.

Chess, B. and G. McGraw, 2004. Static analysis for security. IEEE. Security Privacy, 2: 76-79.
CrossRef  |  Direct Link  |  

Diaz, G. and J.R. Bermejo, 2013. Static analysis of source code security: Assessment of tools against SAMATE tests. Inf. Software Technol., 55: 1462-1476.
Direct Link  |  

Emanuelsson, P. and U. Nilsson, 2008. A comparative study of industrial static analysis tools. Electron. Notes Theor. Comput. Sci., 217: 5-21.
Direct Link  |  

Fu, X., X. Lu, P. Verger, B.S. Chen, K. Qian and L. Tao, 2007. A static analysis framework for detecting SQL injection vulnerabilities. Proceedings of the IEEE Annual International Computer Software and Application Conference, Volume 1, July 24-27, 2007, Beijing, pp: 87-96.

Johnson, B., Y. Song, E. Murphy-Hill and R. Bowdidge, 2013. Why don’t software developers use static analysis tools to find bugs?. Proceedings of the 35th International Conference on Software Engineering (ICSE), May 18-26, 2013, IEEE, San Francisco, California, ISBN:978-1-4673-3073-2, pp: 672-681.

Li, P. and B. Cui, 2010. A comparative study on software vulnerability static analysis techniques and tools. Proceedings of the IEEE International Conference on Information Theory and Information Security (ICITIS), December 17-19, 2010, IEEE, Beijing, China, ISBN:978-1-4244-6942-0, pp: 521-524.

Mantere, M., I. Uusitalo and J. Roning, 2009. Comparison of static code analysis tools. Proceedings of the 3rd International Conference on Emerging Security Information, Systems and Technologies SECURWARE'09, June 18-23, 2009, IEEE, Athens, Glyfada, ISBN:978-0-7695-3668-2, pp: 15-22.

Ramos, A., 2016. Evaluating the ability of static code analysis tools to detect injection vulnerabilities. Ph.D Thesis, UMEA University, Umea, Sweden.

Schiela, R., 2017. SEI CERT coding standards. BSc Thesis, Carnegie Mellon University, Pittsburgh, Pennsylvania.

Srinivasan, N. and P. Thambidurai, 2007. On the problems and solutions of static analysis for software testing. Asia J. Inform. Technol., 6: 258-262.
Direct Link  |  

Design and power by Medwell Web Development Team. © Medwell Publishing 2024 All Rights Reserved