Software Security Static Analysis False Alerts Handling Approaches

Akremi, Aymen

doi:10.14569/ijacsa.2021.0121180

Cited by 2 publications

(3 citation statements)

References 40 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Lenarduzzi et al [58] show the importance of identifying the rules applied in SonarQube because it could reduce faultproneness. Akremi [5] proposed a categorization of SA techniques to compare different tools. Liu et al [59] created AVATAR to automate the correctness of bugs, in other words, a patch generator.…”

Section: E Branch 3: Technical Alert Toolsmentioning

confidence: 99%

See 1 more Smart Citation

Static Code Analysis: A Tree of Science Review

Ruiz,

Robledo Giraldo,

Hernando Morales

2023

Entre cienc. ing.

View full text Add to dashboard Cite

Static Code Analysis (SA) is the process of finding vulnerabilities in software. This process has become popular and one of the most evaluated phases in the process of continuous integration of software. However, the literature is spread over different proposals and there is a lack of research that shows the main contributions and applications to this topic. The purpose of this paper is to identify the main conceptual contributions of SA using the Tree of Science algorithm. The results show three main branches of this area: machine learning for smell detection, actionable ranking techniques, and Technical alert tools. Artificial Intelligence has been transforming SA and programmers will have access to more sophisticated tools.

show abstract

Section: E Branch 3: Technical Alert Toolsmentioning

confidence: 99%

“…Azeem et al [4] present a literature review of code smell with machine learning. Akremi [5] provided recent efforts in static analysis tools to classify different false positive outcomes. However, there is a missing paper that shows the evolution of this important topic with its subfields.…”

Section: Introductionmentioning

confidence: 99%

Static Code Analysis: A Tree of Science Review

Ruiz,

Robledo Giraldo,

Hernando Morales

2023

Entre cienc. ing.

View full text Add to dashboard Cite

show abstract

“…It is essential to use trusted software to integrity-aware process the gathered data to avoid admissibility issues. A good solution is their validation using code review tools ( Akremi, 2021b ) before deployment.…”

Section: Forensically Sound Semantic Data Modeling Schemamentioning

confidence: 99%

A forensic-driven data model for automatic vehicles events analysis

Akremi

2022

PeerJ Computer Science

Self Cite

View full text Add to dashboard Cite

Digital vision technologies emerged exponentially in all living areas to watch, play, control, or track events. Security checkpoints have benefited also from those technologies by integrating dedicated cameras in studied locations. The aim is to manage the vehicles accessing the inspection security point and fetching for any suspected ones. However, the gathered data volume continuously increases each day, making their analysis very hard and time-consuming. This paper uses semantic-based techniques to model the data flow between the cameras, checkpoints, and administrators. It uses ontologies to deal with the increased data size and its automatic analysis. It considers forensics requirements throughout the creation of the ontology modules to ensure the records’ admissibility for any possible investigation purposes. Ontology-based data modeling will help in the automatic events search and correlation to track suspicious vehicles efficiently.

show abstract

Software Security Static Analysis False Alerts Handling Approaches

Cited by 2 publications

References 40 publications

Static Code Analysis: A Tree of Science Review

Static Code Analysis: A Tree of Science Review

A forensic-driven data model for automatic vehicles events analysis

Contact Info

Product

Resources

About