Empirical comparison of the performance of popular vulnerability detection tools II
Vulnerability Detection tools are frequently known as the universal remedy to vulnerabilities in an application. However, these tools could only detect vulnerabilities that exist in the application codes that were written by the developers themselves. Today, developers used multiple open-source comp...
Saved in:
| Main Author: | |
|---|---|
| Other Authors: | |
| Format: | Final Year Project |
| Language: | English |
| Published: |
2019
|
| Subjects: | |
| Online Access: | http://hdl.handle.net/10356/76898 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Nanyang Technological University |
| Language: | English |
| id |
sg-ntu-dr.10356-76898 |
|---|---|
| record_format |
dspace |
| spelling |
sg-ntu-dr.10356-768982023-03-03T20:59:06Z Empirical comparison of the performance of popular vulnerability detection tools II Yiu, Hong Sum Liu Yang School of Computer Science and Engineering Scantist Pte. Ltd. DRNTU::Engineering::Computer science and engineering Vulnerability Detection tools are frequently known as the universal remedy to vulnerabilities in an application. However, these tools could only detect vulnerabilities that exist in the application codes that were written by the developers themselves. Today, developers used multiple open-source components to increase the efficiency of their development. These open-source components contain vulnerabilities that developers are unaware of. Software Composition Analysis tools were used to detect potential vulnerabilities that exist in these open-source components. The main problem was that there would always be a difference between different tools such as accuracy, efficiency, and ease of use. Thus, working with the wrong tool could potentially result in vulnerabilities left undetected for attackers to exploit. In this research, a further study was made to understand the difference between the Software Composition Analysis tools in terms of precision and coverage. A benchmarking approach was used to assess and evaluate the performance of Software Analysis Composition Tools built with different Continuous Integration Tools. The tools would give developers an understanding of how different libraries cause hidden vulnerabilities during the building stage. Results from this research would allow developers to have a clearer picture as to which tools suit the language and scenario they are involved in. Bachelor of Engineering (Computer Science) 2019-04-22T13:43:28Z 2019-04-22T13:43:28Z 2019 Final Year Project (FYP) http://hdl.handle.net/10356/76898 en Nanyang Technological University 74 p. application/pdf |
| institution |
Nanyang Technological University |
| building |
NTU Library |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
NTU Library |
| collection |
DR-NTU |
| language |
English |
| topic |
DRNTU::Engineering::Computer science and engineering |
| spellingShingle |
DRNTU::Engineering::Computer science and engineering Yiu, Hong Sum Empirical comparison of the performance of popular vulnerability detection tools II |
| description |
Vulnerability Detection tools are frequently known as the universal remedy to vulnerabilities in an application. However, these tools could only detect vulnerabilities that exist in the application codes that were written by the developers themselves. Today, developers used multiple open-source components to increase the efficiency of their development. These open-source components contain vulnerabilities that developers are unaware of. Software Composition Analysis tools were used to detect potential vulnerabilities that exist in these open-source components. The main problem was that there would always be a difference between different tools such as accuracy, efficiency, and ease of use. Thus, working with the wrong tool could potentially result in vulnerabilities left undetected for attackers to exploit. In this research, a further study was made to understand the difference between the Software Composition Analysis tools in terms of precision and coverage. A benchmarking approach was used to assess and evaluate the performance of Software Analysis Composition Tools built with different Continuous Integration Tools. The tools would give developers an understanding of how different libraries cause hidden vulnerabilities during the building stage. Results from this research would allow developers to have a clearer picture as to which tools suit the language and scenario they are involved in. |
| author2 |
Liu Yang |
| author_facet |
Liu Yang Yiu, Hong Sum |
| format |
Final Year Project |
| author |
Yiu, Hong Sum |
| author_sort |
Yiu, Hong Sum |
| title |
Empirical comparison of the performance of popular vulnerability detection tools II |
| title_short |
Empirical comparison of the performance of popular vulnerability detection tools II |
| title_full |
Empirical comparison of the performance of popular vulnerability detection tools II |
| title_fullStr |
Empirical comparison of the performance of popular vulnerability detection tools II |
| title_full_unstemmed |
Empirical comparison of the performance of popular vulnerability detection tools II |
| title_sort |
empirical comparison of the performance of popular vulnerability detection tools ii |
| publishDate |
2019 |
| url |
http://hdl.handle.net/10356/76898 |
| _version_ |
1759857814870687744 |