Software composition analysis for vulnerability detection: An empirical study on Java projects

Software composition analysis for vulnerability detection: An empirical study on Java projects

Software composition analysis (SCA) tools are proposed to detect potential vulnerabilities introduced by open-source software (OSS) imported as third-party libraries (TPL). With the increasing complexity of software functionality, SCA tools may encounter various scenarios during the dependency resol...

Full description

Saved in:

Bibliographic Details
Main Authors:	ZHAO, Lida, CHEN, Sen, XU, Zhengzi, ZHANG, Lyuye, WU, Jiahui, SUN, Jun, LIU, Yang
Format:	text
Language:	English
Published:	Institutional Knowledge at Singapore Management University 2023
Subjects:	SCA Package manager Vulnerability detection Software Engineering
Online Access:	https://ink.library.smu.edu.sg/sis_research/9317 https://ink.library.smu.edu.sg/context/sis_research/article/10317/viewcontent/fse2023_sca.pdf
Tags:	Add Tag No Tags, Be the first to tag this record!
Institution:	Singapore Management University
Language:	English

Similar Items

Genetic analysis of SCA2, 3 and 17 in idiopathic Parkinson's disease
by: Lim S.W., et al.
Published: (2018)

Analysis of SCA8, SCA10, SCA12, SCA17 and SCA19 in patients with unknown spinocerebellar ataxia: a Thai multicentre study
by: Lulin Choubtum, et al.
Published: (2017)

Combining Software Metrics and Text Features for Vulnerable File Prediction
by: ZHANG, Yun, et al.
Published: (2015)

Towards practical binary code similarity detection: vulnerability verification via patch semantic analysis
by: Yang, Shouguo, et al.
Published: (2024)

Finding real world software vulnerabilities using ChatGPT
by: Wong, Sean Chun Foh
Published: (2024)

Search-driven string constraint solving for vulnerability detection
by: THOME, Julian, et al.
Published: (2017)

Enhancing code vulnerability detection via vulnerability-preserving data augmentation
by: LIU, Shangqing, et al.
Published: (2024)

An empirical study of blockchain system vulnerabilities: modules, types, and patterns
by: YI, Xiao, et al.
Published: (2022)

Automatic vulnerability detection and repair
by: MA, Siqi
Published: (2018)

Towards a hybrid framework for detecting input manipulation vulnerabilities
by: DING, Sun, et al.
Published: (2013)

Locating vulnerabilities in binaries via memory layout recovering
by: WANG, Haijun, et al.
Published: (2019)

Learning program semantics for vulnerability detection via vulnerability-specific inter-procedural slicing
by: WU, Bozhi, et al.
Published: (2023)

Cerebro: Context-aware adaptive fuzzing for effective vulnerability detection
by: LI, Yuekang, et al.
Published: (2019)

An integrated approach for effective injection vulnerability analysis of web applications through security slicing and hybrid constraint solving
by: THOME, Julian, et al.
Published: (2018)

MANDO-GURU: vulnerability detection for smart contract source code by heterogeneous graph embeddings
by: NGUYEN, Huu Hoang, et al.
Published: (2022)

SoFi: Reflection-augmented fuzzing for JavaScript engines
by: HE, Xiaoyu, et al.
Published: (2021)

SOFTWARE VULNERABILITY REPAIR
by: RIDWAN SALIHIN SHARIFFDEEN
Published: (2023)

SGUARD: Towards fixing vulnerable smart contracts automatically
by: NGUYEN, Tai D., et al.
Published: (2021)

Exploiting library vulnerability via migration-based automated test generation
by: CHEN, Zirui, et al.
Published: (2024)

DAPA : Differential Analysis Aided Power Attack on (non-) linear feedback shift registers
by: Sim, Siang Meng, et al.
Published: (2021)

Project system vulnerability to political risks in international construction projects: The case of Chinese contractors
by: Deng, X., et al.
Published: (2014)

Enforcing system-wide control flow integrity for exploit detection and diagnosis
by: Prakash, A., et al.
Published: (2014)

VuRLE: Automatic vulnerability detection and repair by learning from examples
by: MA SIQI,, et al.
Published: (2017)

Teachers' Perception and Implementation of a Student-Centred Approach to Teaching Over-School Age Students in Phnom Penh
by: Te, Lay
Published: (2016)

Semantic driven vulnerability detection and patch analysis
by: Xu, Zhengzi
Published: (2021)

MANDO: Multi-level heterogeneous graph embeddings for fine-grained detection of smart contract vulnerabilities
by: NGUYEN, Huu Hoang, et al.
Published: (2022)

Spinocerebellar ataxia type 3 presenting as an L-DOPA responsive dystonia phenotype in a Chinese family
by: Wilder-Smith, E., et al.
Published: (2014)

Finding RESTful API vulnerabilities using ChatGPT
by: Ho, Kenneth Jun Minn
Published: (2024)

Towards understanding Android system vulnerabilities: Techniques and insights
by: WU, Daoyuan, et al.
Published: (2019)

Smart Learning to Find Dumb Contracts
by: Tamer Abdelaziz, et al.
Published: (2023)

Techniques for identifying mobile platform vulnerabilities and detecting policy-violating applications
by: SU, Mon Kywe
Published: (2016)

Predicting SQL injection and cross site scripting vulnerabilities through mining input sanitization patterns
by: SHAR, Lwin Khin, et al.
Published: (2013)

Climate change impacts on rice-based livelihood vulnerability in the lower Vietnamese Mekong Delta: empirical evidence from Can Tho City and Tra Vinh Province
by: Tran, Dung Duc, et al.
Published: (2023)

Typestate-guided fuzzer for discovering use-after-free vulnerabilities
by: WANG, Haijun, et al.
Published: (2020)

EXPLORING A TRANSDIAGNOSTIC COGNITIVE VULNERABILITY TO INTERNALIZING SYMPTOMS IN ADOLESCENTS
by: RUTH POH YI NING
Published: (2019)

Multi-Granularity Detector for Vulnerability Fixes
by: NGUYEN, Truong Giang, et al.
Published: (2023)

HERMES: using commit-issue linking to detect vulnerability-fixing commits
by: NGUYEN, Truong Giang, et al.
Published: (2022)

JoanAudit: A tool for auditing common injection vulnerabilities
by: THOME, Julian, et al.
Published: (2017)

Discoursing Disasters: Vulnerability and Gaps in Rationalities
by: Rodriguez, Agustin Martin G
Published: (2016)

Metabolic alterations and vulnerabilities in hepatocellular carcinoma
by: Tenen, Daniel G., et al.
Published: (2022)