Welcome to the InfoSci Platform
Reference Hub2
A New Approach to Locate Software Vulnerabilities Using Code Metrics

A New Approach to Locate Software Vulnerabilities Using Code Metrics

Mohammed Zagane, Mustapha Kamel Abdi, Mamdouh Alenezi
Copyright: © 2020 |Volume: 8 |Issue: 3 |Pages: 14
ISSN: 2166-7160|EISSN: 2166-7179|EISBN13: 9781799808114|DOI: 10.4018/IJSI.2020070106
Cite Article Cite Article

MLA

Zagane, Mohammed, et al. "A New Approach to Locate Software Vulnerabilities Using Code Metrics." IJSI vol.8, no.3 2020: pp.82-95. http://doi.org/10.4018/IJSI.2020070106

APA

Zagane, M., Abdi, M. K., & Alenezi, M. (2020). A New Approach to Locate Software Vulnerabilities Using Code Metrics. International Journal of Software Innovation (IJSI), 8(3), 82-95. http://doi.org/10.4018/IJSI.2020070106

Chicago

Zagane, Mohammed, Mustapha Kamel Abdi, and Mamdouh Alenezi. "A New Approach to Locate Software Vulnerabilities Using Code Metrics," International Journal of Software Innovation (IJSI) 8, no.3: 82-95. http://doi.org/10.4018/IJSI.2020070106

Export Reference

Mendeley
Favorite Full-Issue Download

Abstract

Automatic vulnerabilities prediction assists developers and minimizes resources allocated to fix software security issues. These costs can be minimized even more if the exact location of vulnerability is correctly indicated. In this study, the authors propose a new approach to using code metrics in vulnerability detection. The strength part of the proposed approach lies in using code metrics not to simply quantify characteristics of software components at a coarse granularity (package, file, class, function) such as complexity, coupling, etc., which is the approach commonly used in previous studies, but to quantify extracted pieces of code that hint presence of vulnerabilities at a fine granularity (few lines of code). Obtained results show that code metrics can be used with a machine learning technique not only to indicate vulnerable components wish was the aim of previous approaches but also to detect and locate vulnerabilities with very good accuracy.

Request Access

You do not own this content. Please login to recommend this title to your institution's librarian or purchase it from the IGI Global bookstore.