Empirical comparison of the performance of popular vulnerability detection tools II

Vulnerability Detection tools are frequently known as the universal remedy to vulnerabilities in an application. However, these tools could only detect vulnerabilities that exist in the application codes that were written by the developers themselves. Today, developers used multiple open-source comp...

Full description

Saved in:
Bibliographic Details
Main Author: Yiu, Hong Sum
Other Authors: Liu Yang
Format: Final Year Project
Language:English
Published: 2019
Subjects:
Online Access:http://hdl.handle.net/10356/76898
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Nanyang Technological University
Language: English
id sg-ntu-dr.10356-76898
record_format dspace
spelling sg-ntu-dr.10356-768982023-03-03T20:59:06Z Empirical comparison of the performance of popular vulnerability detection tools II Yiu, Hong Sum Liu Yang School of Computer Science and Engineering Scantist Pte. Ltd. DRNTU::Engineering::Computer science and engineering Vulnerability Detection tools are frequently known as the universal remedy to vulnerabilities in an application. However, these tools could only detect vulnerabilities that exist in the application codes that were written by the developers themselves. Today, developers used multiple open-source components to increase the efficiency of their development. These open-source components contain vulnerabilities that developers are unaware of. Software Composition Analysis tools were used to detect potential vulnerabilities that exist in these open-source components. The main problem was that there would always be a difference between different tools such as accuracy, efficiency, and ease of use. Thus, working with the wrong tool could potentially result in vulnerabilities left undetected for attackers to exploit. In this research, a further study was made to understand the difference between the Software Composition Analysis tools in terms of precision and coverage. A benchmarking approach was used to assess and evaluate the performance of Software Analysis Composition Tools built with different Continuous Integration Tools. The tools would give developers an understanding of how different libraries cause hidden vulnerabilities during the building stage. Results from this research would allow developers to have a clearer picture as to which tools suit the language and scenario they are involved in. Bachelor of Engineering (Computer Science) 2019-04-22T13:43:28Z 2019-04-22T13:43:28Z 2019 Final Year Project (FYP) http://hdl.handle.net/10356/76898 en Nanyang Technological University 74 p. application/pdf
institution Nanyang Technological University
building NTU Library
continent Asia
country Singapore
Singapore
content_provider NTU Library
collection DR-NTU
language English
topic DRNTU::Engineering::Computer science and engineering
spellingShingle DRNTU::Engineering::Computer science and engineering
Yiu, Hong Sum
Empirical comparison of the performance of popular vulnerability detection tools II
description Vulnerability Detection tools are frequently known as the universal remedy to vulnerabilities in an application. However, these tools could only detect vulnerabilities that exist in the application codes that were written by the developers themselves. Today, developers used multiple open-source components to increase the efficiency of their development. These open-source components contain vulnerabilities that developers are unaware of. Software Composition Analysis tools were used to detect potential vulnerabilities that exist in these open-source components. The main problem was that there would always be a difference between different tools such as accuracy, efficiency, and ease of use. Thus, working with the wrong tool could potentially result in vulnerabilities left undetected for attackers to exploit. In this research, a further study was made to understand the difference between the Software Composition Analysis tools in terms of precision and coverage. A benchmarking approach was used to assess and evaluate the performance of Software Analysis Composition Tools built with different Continuous Integration Tools. The tools would give developers an understanding of how different libraries cause hidden vulnerabilities during the building stage. Results from this research would allow developers to have a clearer picture as to which tools suit the language and scenario they are involved in.
author2 Liu Yang
author_facet Liu Yang
Yiu, Hong Sum
format Final Year Project
author Yiu, Hong Sum
author_sort Yiu, Hong Sum
title Empirical comparison of the performance of popular vulnerability detection tools II
title_short Empirical comparison of the performance of popular vulnerability detection tools II
title_full Empirical comparison of the performance of popular vulnerability detection tools II
title_fullStr Empirical comparison of the performance of popular vulnerability detection tools II
title_full_unstemmed Empirical comparison of the performance of popular vulnerability detection tools II
title_sort empirical comparison of the performance of popular vulnerability detection tools ii
publishDate 2019
url http://hdl.handle.net/10356/76898
_version_ 1759857814870687744