메뉴 건너뛰기




Volumn , Issue , 2009, Pages 804-810

Static code analysis to detect software security vulnerabilities - does experience matter?

Author keywords

[No Author keywords available]

Indexed keywords

CODE REVIEW; DEVELOPMENT PROCESS; SECURITY THREATS; SECURITY VULNERABILITIES; SECURITY WARNING; SOFTWARE SECURITY; SOURCE CODES; STATE OF THE ART; STATIC CODE ANALYSIS;

EID: 70349667605     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/ARES.2009.163     Document Type: Conference Paper
Times cited : (46)

References (16)
  • 2
    • 18844446134 scopus 로고    scopus 로고
    • Software error analysis: A real case study involving real faults and mutations
    • M. Daran and P. Thévenod-Fosse, "Software error analysis: a real case study involving real faults and mutations," SIGSOFT Softw. Eng. Notes, vol. 21, 1996, pp. 158-171.
    • (1996) SIGSOFT Softw. Eng. Notes , vol.21 , pp. 158-171
    • Daran, M.1    Thévenod-Fosse, P.2
  • 4
    • 70349720623 scopus 로고    scopus 로고
    • B. De Win et al., On the secure software development process: CLASP, SDL and Touchpoints compared, Information and Software Technology, In Press, Corrected Proof;
    • B. De Win et al., "On the secure software development process: CLASP, SDL and Touchpoints compared," Information and Software Technology, vol. In Press, Corrected Proof;
  • 5
    • 85008047921 scopus 로고    scopus 로고
    • Top 10 list [software development]
    • B. Boehm and V. Basili, "Top 10 list [software development]," Computer, vol. 34, 2001, pp. 135-137.
    • (2001) Computer , vol.34 , pp. 135-137
    • Boehm, B.1    Basili, V.2
  • 7
    • 79958780567 scopus 로고    scopus 로고
    • Uprooting Software Defects at the Source
    • S. Hallem, D. Park, and D. Engler, "Uprooting Software Defects at the Source," Queue, vol. 1, 2003, pp. 64-71.
    • (2003) Queue , vol.1 , pp. 64-71
    • Hallem, S.1    Park, D.2    Engler, D.3
  • 8
    • 24344437348 scopus 로고    scopus 로고
    • A Portal for Software Security
    • N. Mead and G. McGraw, "A Portal for Software Security," Security & Privacy, IEEE, vol. 3, 2005, pp. 75-79.
    • (2005) Security & Privacy, IEEE , vol.3 , pp. 75-79
    • Mead, N.1    McGraw, G.2
  • 9
    • 10944267118 scopus 로고    scopus 로고
    • Static analysis for security
    • B. Chess and G. McGraw, "Static analysis for security," Security & Privacy, IEEE, vol. 2, 2004, pp. 76-79.
    • (2004) Security & Privacy, IEEE , vol.2 , pp. 76-79
    • Chess, B.1    McGraw, G.2
  • 10
    • 50549091105 scopus 로고    scopus 로고
    • Using Static Analysis to Find Bugs
    • N. Ayewah et al., "Using Static Analysis to Find Bugs," Software, IEEE, vol. 25, 2008, pp. 22-29.
    • (2008) Software, IEEE , vol.25 , pp. 22-29
    • Ayewah, N.1
  • 11
    • 20344363200 scopus 로고    scopus 로고
    • Testing static analysis tools using exploitable buffer overflows from open source code
    • M. Zitser, R. Lippmann, and T. Leek, "Testing static analysis tools using exploitable buffer overflows from open source code," SIGSOFT Softw. Eng. Notes, vol. 29, 2004, pp. 97-106.
    • (2004) SIGSOFT Softw. Eng. Notes , vol.29 , pp. 97-106
    • Zitser, M.1    Lippmann, R.2    Leek, T.3
  • 14
    • 33646067113 scopus 로고    scopus 로고
    • Faults-slipthrough - a concept for measuring the efficiency of the test process
    • L. Damm, L. Lundberg, and C. Wohlin, "Faults-slipthrough - a concept for measuring the efficiency of the test process," Software Process: Improvement and Practice, vol. 11, 2006, pp. 47-59.
    • (2006) Software Process: Improvement and Practice , vol.11 , pp. 47-59
    • Damm, L.1    Lundberg, L.2    Wohlin, C.3
  • 15
    • 33646501895 scopus 로고    scopus 로고
    • On the value of static analysis for fault detection in software
    • J. Zheng et al., "On the value of static analysis for fault detection in software," Software Engineering, IEEE Transactions on, vol. 32, 2006, pp. 240-253.
    • (2006) Software Engineering, IEEE Transactions on , vol.32 , pp. 240-253
    • Zheng, J.1
  • 16
    • 0004229237 scopus 로고    scopus 로고
    • Software vulnerability analysis,
    • Ph.D. Dissertation, Computer Sciences Department, Purdue University, Lafayette, IN, May
    • I.V. Krsul, "Software vulnerability analysis," Ph.D. Dissertation, Computer Sciences Department, Purdue University, Lafayette, IN, May, 1998.
    • (1998)
    • Krsul, I.V.1


* 이 정보는 Elsevier사의 SCOPUS DB에서 KISTI가 분석하여 추출한 것입니다.