An empirical study of security warnings from static application security testing tools

Author:

Aloraini Bushra,Nagappan Meiyappan,German Daniel M.,Hayashi Shinpei,Higo YoshikiORCID

Publisher

Elsevier BV

Subject

Hardware and Architecture,Information Systems,Software

Reference43 articles.

1. An Empirical Study of Security Warnings from Static Analysis tools;Aloraini,2019

2. Evaluating static analysis defect warnings on production software;Ayewah,2007

3. The missing links: bugs and bug-fix commits;Bachmann,2010

4. Report: Software Failures Cost $1.1 Trillion in 2016;Baptista,2017

5. Tracking your changes: a language-independent approach;Canfora;IEEE Softw.,2009

Cited by 34 articles. 订阅此论文施引文献 订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献

1. An Empirical Study of Static Analysis Tools for Secure Code Review;Proceedings of the 33rd ACM SIGSOFT International Symposium on Software Testing and Analysis;2024-09-11

2. Evaluating C/C++ Vulnerability Detectability of Query-Based Static Application Security Testing Tools;IEEE Transactions on Dependable and Secure Computing;2024-09

3. DetectVul: A statement-level code vulnerability detection for Python;Future Generation Computer Systems;2024-09

4. An Empirical Investigation of the Security Weaknesses in Open-Source Projects;Proceedings of the 28th International Conference on Evaluation and Assessment in Software Engineering;2024-06-18

5. Semgrep*: Improving the Limited Performance of Static Application Security Testing (SAST) Tools;Proceedings of the 28th International Conference on Evaluation and Assessment in Software Engineering;2024-06-18

同舟云学术

1.学者识别学者识别

2.学术分析学术分析

3.人才评估人才评估

"同舟云学术"是以全球学者为主线,采集、加工和组织学术论文而形成的新型学术文献查询和分析系统,可以对全球学者进行文献检索和人才价值评估。用户可以通过关注某些学科领域的顶尖人物而持续追踪该领域的学科进展和研究前沿。经过近期的数据扩容,当前同舟云学术共收录了国内外主流学术期刊6万余种,收集的期刊论文及会议论文总量共计约1.5亿篇,并以每天添加12000余篇中外论文的速度递增。我们也可以为用户提供个性化、定制化的学者数据。欢迎来电咨询!咨询电话:010-8811{复制后删除}0370

www.globalauthorid.com

TOP

Copyright © 2019-2024 北京同舟云网络信息技术有限公司
京公网安备11010802033243号  京ICP备18003416号-3