A Novel Approach to Determine Software Security Level using Bayes Classifier via Static Code Metrics

Sariman, Güncel; Küçüksille, Ecir Uğur

doi:10.5755/j01.eie.22.2.12177

Cited by 6 publications

(3 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…For example, the number of independent paths through source code provides the complexity of the code [25]. If there is a high number of if-statements and loops in a source code, then cyclomatic complexities are more likely to occur, which can also affect the security of a program [26]. A number of studies have found that increased complexity in systems is the main reason for vulnerabilities to arise in software systems [26][27].…”

Section: Security Bad Smellmentioning

confidence: 99%

Detecting Security Bad Smells of Software by using Data Mining

Alraddadi

2023

Preprint

View full text Add to dashboard Cite

Bad smells of code can lead to significant software vulnerabilities that negatively affect the security attribute of software and make the software easily attacked. Method implementation is the lowest code level that produces bad smells in software. Several programming guidelines have been introduced to reduce the number of bad code smells. Some are related to security, while others are related to other software quality attributes. We can detect some of these guidelines by using quality metrics (e.g., the number of lines of code and the number of parameters). This project proposes applying data mining classifiers to automatically detect security code smells and non-security code smells based on software quality metrics. We developed eight models using eight classifiers: Logistic Regression, Random Forest, XG Boost, J48, SVM, Naive Bayes, LightGBM, and Neural Network. We evaluated the eight models using several performance measurements (e.g., accuracy and confusion metrics). The results showed that it could detect the security code smell from the non-security code smell with the highest accuracy of 95\%.

show abstract

Section: Security Bad Smellmentioning

confidence: 99%

Detecting Security Bad Smells of Software by using Data Mining

Alraddadi

2023

Preprint

View full text Add to dashboard Cite

show abstract

“…Software Metrics use measurable software attributes as indicators of latent software quality attributes [21][22][23]. Detrition of quality created by presence of code smells can be quickly detected by using one or more related software metrics [24][25][26]. The literature survey identified that around 49 software metrics are applicative in code smell detection.…”

Section: Building Code Smell Repositorymentioning

confidence: 99%

An Analytical Study of Code Smells

Bamizadeh

Kumar²,

Kumar³

et al. 2021

Teh. glas. (Online)

View full text Add to dashboard Cite

Software development process involves developing, building and enhancing high-quality software for specific tasks and as a consequence generates considerable amount of data. This data can be managed in a systematic manner creating knowledge repositories that can be used to competitive advantage. Lesson's learned as part of the development process can also be part of the knowledge bank and can be used to advantage in subsequent projects by developers and software practitioners. Code smells are a group of symptoms which reveal that code is not good enough and requires some actions to have a cleansed code. Software metrics help to detect code smells while refactoring methods are used for removing them. Furthermore, various tools are applicable for detecting of code smells. A Code smell repository organizes all the available knowledge in the literature about code smells and related concepts. An analytical study of code smells is presented in this paper which extracts useful, actionable and indicative knowledge.

show abstract

“…2) Cyclomatic complexity arises because of a high number of loops and if statements. It has been found that cyclomatic complexity has a direct influence on security [29]. 3) Cognitive complexity can be discovered by observing the behavior of users finding a solution to a particular task or problem.…”

Section: Software Complexitymentioning

confidence: 99%

On the Relationship between Software Complexity and Security

Alenezi¹,

Zarour²

2020

IJSEA

View full text Add to dashboard Cite

This work aims at discussing the complexity aspect of software while demonstrating its relationship with security. Complexity is an essential part of software; however, numerous studies indicate that they increase the vulnerability of the software systems and introduce bugs in the program. Many developers face difficulty when trying to understand the complex components of software. Complexity in software increases when objects in the software are used to design a more complex object while creating a hierarchical complexity in the system. However, it is necessary for the developers to strive for minimum complexity, as increased complexity introduces security risks in the software, which can cause severe monetary and reputational damage to a government or a private organization. It even causes bodily harm to human beings with various examples found in previous years where security breaches led to severe consequences. Hence it is vital to maintain low complexity and simple design of structure. Various developers tend to introduce deliberate complexities in the system so that they do not have to write the same program twice; however, it is getting problematic for the software organizations as the demands of security are continually increasing.

show abstract

A Novel Approach to Determine Software Security Level using Bayes Classifier via Static Code Metrics

Cited by 6 publications

References 0 publications

Detecting Security Bad Smells of Software by using Data Mining

Detecting Security Bad Smells of Software by using Data Mining

An Analytical Study of Code Smells

On the Relationship between Software Complexity and Security

Contact Info

Product

Resources

About