An integration testing framework and evaluation metric for vulnerability mining methods

Li, Jin; Chen, Jinfu; Huang, Minhuan; Zhou, Minmin; Xie, Wanggen; Zeng, Zhifeng; Shu-jie, Chen; Zhang, Zufa

doi:10.1109/cc.2018.8300281

Cited by 5 publications

(2 citation statements)

References 5 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Chernis and Verma (2018) used static analysis to trap significant percentage of flaws from functions in C source code. Li et al (2018) designed integrated testing framework for static analysis methods and dynamic mining tool.…”

Section: Analysis and Resultsmentioning

confidence: 99%

A systematic literature review of software vulnerability detection

2022

EJCSIT

View full text Add to dashboard Cite

This study provided a systematic literature review of software vulnerability detection (SVD) by searching ACM and IEEE databases for related literatures. Using the Preferred Reporting Items for Systematic Reviews and Meta-Analyses (PRISMA) flowchart, a total of 55 studies published in the selected journals and conference proceeding of IEEE and ACM from 2015 to 2021 were reviewed. The objective is to identify, select and critically evaluate research works carried out on software vulnerability detection. The selected articles were grouped into 7 categories across various vulnerability detection evaluation criteria such as neural network – 5 papers, machine learning – 11 papers, static and dynamic analysis – 8 papers, code clone – 3 papers, classification – 4 papers, models – 3 papers, and frameworks – 6 papers. There are 15 articles that could not fall into any of these 7 categories, thus, they were place in others row that used different criteria to implement vulnerability detection. The result showed that many researchers used machine learning strategy to detect vulnerability in software since large volume of data can be reviewed easily with machine learning. Although many systems have been developed for detecting software vulnerability, none is able to show the type of vulnerability detected.

show abstract

Section: Analysis and Resultsmentioning

confidence: 99%

A systematic literature review of software vulnerability detection

2022

EJCSIT

View full text Add to dashboard Cite

show abstract

“…To overcome this gap, it is necessary to address the identified obstacles and promote a culture of security among software professionals at all stages of development. 15 An integration testing framework and evaluation metric for vulnerability mining methods [97] This paper presents a study that focuses on vulnerability detection methods and tools.…”

mentioning

confidence: 99%

Analysis of Strategies for the Integration of Security Practices in Agile Software Development: A Sustainable SME Approach

Valdés-Rodríguez,

Hochstetter-Diez,

Diéguez-Rebolledo

et al. 2024

IEEE Access

View full text Add to dashboard Cite

Incorporating security into software development in small and medium-sized enterprises (SMEs) is an increasingly relevant challenge and a crucial necessity, especially in an uncertain and fast-paced environment like that of an agile setting. Given the growing threat of cyberattacks, it is imperative to address this issue. This article examines and subsequently analyzes existing strategies in the literature regarding secure software development in the context of SMEs employing agile methodologies. The study initiates a systematic literature review to identify strategies employed in this context. The findings reveal that 57.9% of the studies present strategies to tackle security in agile software development, with 20.2% specifically focusing on SMEs. Subsequently, practices demonstrating success in integrating security measures into the software development lifecycle (SDLC) are analyzed and categorized. The results underscore the necessity of addressing security in the agile environment, as it remains a significant challenge in software development. Effective approaches are also required for small businesses to ensure application protection and long-term sustainability.INDEX TERMS agile development; security practices; secure development; SMEs; sustainability

show abstract