FRINK Linked Data Fragments server

Matches in SemOpenAlex for { <https://semopenalex.org/work/W3006605886> ?p ?o ?g. }

• W3006605886 abstract "Due to time-to-market needs and cost of manual validation techniques, software systems are often deployed with vulnerabilities that may be exploited to gain illegitimate access/control, ultimately resulting in non-negligible consequences. Static Analysis Tools (SATs) are widely used for vulnerability detection, where the source code is analyzed without executing it. However, the performance of SATs varies considerably and a high detection rate usually comes with significant false alarms. Recent studies considered combining various SATs to improve the overall detection ability, but they do not allow exploring different performance trade-offs, as basic and rigid rules are normally followed. Machine Learning (ML) algorithms have shown promising results in several complex problems, due to their ability to fit specific needs. This paper presents an exploratory study on the combination of the output of SATs through ML algorithms to improve vulnerability detection while trying to reduce false alarms. The dataset consists of SQL Injection (SQLi) and Cross-Site Scripting (XSS) vulnerabilities detected by five different SATs in a large set of WordPress plugins developed in PHP. Results show that, for the case of SQLi, a false alarm reduction is possible without compromising the vulnerabilities detected, and that using ML allows trade-offs (e.g., reduction in false alarms at the expense of a few vulnerabilities) that are not possible with existing techniques. The paper also proposes a regression-based approach for ranking source code files considering estimates of vulnerabilities computed using the output of SATs. Results show that the approach allows creating a ranking of the source code files that largely overlaps the real ranking (based on real known vulnerabilities)." @default.
• W3006605886 created "2020-02-24" @default.
• W3006605886 creator A5016622594 @default.
• W3006605886 creator A5045188001 @default.
• W3006605886 creator A5046201732 @default.
• W3006605886 date "2019-11-01" @default.
• W3006605886 modified "2023-09-22" @default.
• W3006605886 title "An Exploratory Study on Machine Learning to Combine Security Vulnerability Alerts from Static Analysis Tools" @default.
• W3006605886 cites W1536145689 @default.
• W3006605886 cites W1971800255 @default.
• W3006605886 cites W1989657183 @default.
• W3006605886 cites W1998029707 @default.
• W3006605886 cites W2027707376 @default.
• W3006605886 cites W2059218484 @default.
• W3006605886 cites W2067148378 @default.
• W3006605886 cites W2085925880 @default.
• W3006605886 cites W2086631206 @default.
• W3006605886 cites W2119871945 @default.
• W3006605886 cites W2143244564 @default.
• W3006605886 cites W2158297335 @default.
• W3006605886 cites W2158864412 @default.
• W3006605886 cites W2159712408 @default.
• W3006605886 cites W2166381878 @default.
• W3006605886 cites W2562680154 @default.
• W3006605886 cites W2744999500 @default.
• W3006605886 cites W2773162022 @default.
• W3006605886 cites W2811327923 @default.
• W3006605886 cites W2893996856 @default.
• W3006605886 cites W2962960733 @default.
• W3006605886 cites W3005820278 @default.
• W3006605886 cites W4248684714 @default.
• W3006605886 doi "https://doi.org/10.1109/ladc48089.2019.8995685" @default.
• W3006605886 hasPublicationYear "2019" @default.
• W3006605886 type Work @default.
• W3006605886 sameAs 3006605886 @default.
• W3006605886 citedByCount "8" @default.
• W3006605886 countsByYear W30066058862020 @default.
• W3006605886 countsByYear W30066058862021 @default.
• W3006605886 countsByYear W30066058862023 @default.
• W3006605886 crossrefType "proceedings-article" @default.
• W3006605886 hasAuthorship W3006605886A5016622594 @default.
• W3006605886 hasAuthorship W3006605886A5045188001 @default.
• W3006605886 hasAuthorship W3006605886A5046201732 @default.
• W3006605886 hasConcept C110875604 @default.
• W3006605886 hasConcept C111335779 @default.
• W3006605886 hasConcept C111919701 @default.
• W3006605886 hasConcept C119857082 @default.
• W3006605886 hasConcept C124101348 @default.
• W3006605886 hasConcept C150451098 @default.
• W3006605886 hasConcept C154945302 @default.
• W3006605886 hasConcept C164120249 @default.
• W3006605886 hasConcept C177264268 @default.
• W3006605886 hasConcept C189430467 @default.
• W3006605886 hasConcept C194222762 @default.
• W3006605886 hasConcept C199360897 @default.
• W3006605886 hasConcept C23123220 @default.
• W3006605886 hasConcept C2524010 @default.
• W3006605886 hasConcept C2776760102 @default.
• W3006605886 hasConcept C33923547 @default.
• W3006605886 hasConcept C38652104 @default.
• W3006605886 hasConcept C39569185 @default.
• W3006605886 hasConcept C41008148 @default.
• W3006605886 hasConcept C43126263 @default.
• W3006605886 hasConcept C4924752 @default.
• W3006605886 hasConcept C59241245 @default.
• W3006605886 hasConcept C61423126 @default.
• W3006605886 hasConcept C79373723 @default.
• W3006605886 hasConcept C95713431 @default.
• W3006605886 hasConcept C97686452 @default.
• W3006605886 hasConcept C97854310 @default.
• W3006605886 hasConceptScore W3006605886C110875604 @default.
• W3006605886 hasConceptScore W3006605886C111335779 @default.
• W3006605886 hasConceptScore W3006605886C111919701 @default.
• W3006605886 hasConceptScore W3006605886C119857082 @default.
• W3006605886 hasConceptScore W3006605886C124101348 @default.
• W3006605886 hasConceptScore W3006605886C150451098 @default.
• W3006605886 hasConceptScore W3006605886C154945302 @default.
• W3006605886 hasConceptScore W3006605886C164120249 @default.
• W3006605886 hasConceptScore W3006605886C177264268 @default.
• W3006605886 hasConceptScore W3006605886C189430467 @default.
• W3006605886 hasConceptScore W3006605886C194222762 @default.
• W3006605886 hasConceptScore W3006605886C199360897 @default.
• W3006605886 hasConceptScore W3006605886C23123220 @default.
• W3006605886 hasConceptScore W3006605886C2524010 @default.
• W3006605886 hasConceptScore W3006605886C2776760102 @default.
• W3006605886 hasConceptScore W3006605886C33923547 @default.
• W3006605886 hasConceptScore W3006605886C38652104 @default.
• W3006605886 hasConceptScore W3006605886C39569185 @default.
• W3006605886 hasConceptScore W3006605886C41008148 @default.
• W3006605886 hasConceptScore W3006605886C43126263 @default.
• W3006605886 hasConceptScore W3006605886C4924752 @default.
• W3006605886 hasConceptScore W3006605886C59241245 @default.
• W3006605886 hasConceptScore W3006605886C61423126 @default.
• W3006605886 hasConceptScore W3006605886C79373723 @default.
• W3006605886 hasConceptScore W3006605886C95713431 @default.
• W3006605886 hasConceptScore W3006605886C97686452 @default.
• W3006605886 hasConceptScore W3006605886C97854310 @default.
• W3006605886 hasLocation W30066058861 @default.
• W3006605886 hasOpenAccess W3006605886 @default.
• W3006605886 hasPrimaryLocation W30066058861 @default.

• next