static code
Using Machine Learning Techniques to Classify and Predict Static Code Analysis Tool Warnings
... program code without executing it to find potential defects that might arise at ...on static analysis are called Static Code Analysis (SCA) tools ...Alert code, Life time, Developer ...
8
STATIC CODE ANALYSIS Alexandru G. Bardas 1
... a static analysis tool a 17% cost reduction for reported security bugs would have been ...the static code analysis ...the code were stack or heap related, ...the static analysis tool is ...
9
Static Code Analysis: On Detection of Security Vulnerabilities and Classification of Warning Messages
... study datasets extracted from five NASA projects’ software analyses were used. All datasets are the result of static analysis efforts performed with the same static code analysis tool. Two of the ...
87
A systematic literature review of actionable alert identification techniques for automated static code analysis
... of code that contains a static analysis alert [3, ...source code repository history, can also show the relationship between source code changes that may be associated with openings and ...
34
Understanding and assessing security on Android via static code analysis
... a static analysis framework that can provide insights into apps and the application framework and to extract security and privacy relevant ...subsequent code analyses, we first generate static ...
177
Experiment and comparison of automated static code analyzers and automated dynamic tests
... with code inspection have changed as ...by code inspections, Siy and Votta [3] suggest that code inspections continue to be of value as a maintenance tool by delivering another benefit, almost as a ...
16
SQMB '11 Automated Model Quality Rating of Embedded Systems
... Code generation ability Testability Comprehensibility Correctness Functionality Standard conformity Test coverage Reliability Runtime errors Result of static code analysis Complexity of[r] ...
36
Boosting Static Security Analysis of Android Apps through Code Instrumentation
... on static analysis to parse the entire code shipped in the app package to find security problems in code instructions, to extract features for further processing or simply to compare apps in large ...
170
Application Backdoor Assessment. Complete securing of your applications
... We use as proven automatic tools for static code analysis as manual code inspection by professional application security engineers. More than 80% of possible vulnerabilities can be fo[r] ...
11
VisminerTD: a tool for automatic identification and interactive monitoring of the evolution of technical debt items
... metrics, code smells, static code analysis, and source code comment analysis to support automatic iden- tification and monitoring of the evolution of TD items in software projects ...
28
Operationalizing Application Security & Compliance
... Combination of Static Code Analysis and Dynamic Analysis provide non-security professionals in development the ability to accurately check for security defects in code Designed for the[r] ...
35
Static detection of API error-handling bugs via mining source code
... by static checkers, to ensure de- pendable ...procedural static traces, which approximate run-time API error ...these static traces to mine specifications that define the correct handling of errors ...
10
Recent Java exploitation trends and malware
... On March 2012, we found malware abusing a Java vulnerability that had been patched by Oracle just a few weeks before. [1] [2] Over a short period, we saw a drastic increase in the exploitation of this specific ...
27
A Bit Vector Based Binary Code Comparison Method for Static Malware Analysis
... Hyong-Shik Kim received the B.S.E. in computer engineering, the M.S.E in computer engineering, and the Ph.D from Seoul National University, Korea in 1988, 1990 and 1997. He joined Chungnam National University, Korea as a ...
10
Predicting attack-prone components with internal metrics
... An ASA analysis was performed on the system by FlexeLint. Although FlexeLint is a reliability-based ASA tool, we sought to determine if the full set of defect types identified by the tool could be warnings of security ...
12
Towards a taxonomy of techniques to detect cross-site scripting and SQL injection vulnerabilities
... of code before and after user input to distinguish user input portions in a dynamically-constructed SQL query at runtime and check grammar-based ...the code that were not ...
36
Control meter for static energy meters used to validate the readings in cases of EMI issues
... However, the response time is moderate, the falling edge of the pulse is rather slow and is creating a wide pulse. Furthermore, it needs more than one data point to get to its maximum value, as can be seen in Fig 4. This ...
76
Comparison of Progressive Collapse Capacity of Steel Moment Resisting Frames and Dual Systems with Buckling Retrained Braces
... frames. Static nonlinear Push-down and dynamic analyses under gravity loads specified in GSA guideline are conducted to capture the progressive collapse response of the structures due to column and adjacent BRBs ...
20
Android Malware Detection through Machine Learning Techniques: A Review
... source code-based clustering, and source code-based classi- ...source code analysis model but source code analysis model had an F- Measure of ...
17
Combining Testing and Proof to Gain High Assurance in Software: a Case Study
... Abstract— Dynamic software test methods are generally easy to use, but the results only apply to the specific input values tested. Static analysis produces results which are more general, but can require more ...
11