Proceedings ArticleDOI
A Vulnerability Detection Model for Java Systems Based on Complex Networks
Ling Xiong,Shan Chun,Changzhen Hu,Zijun Yun,Wenjie Xiong +4 more
- pp 1339-1347
TLDR
It is proved that the software system can be abstracted into the form of algebraic component expressions, and can find algebraic components that may have vulnerabilities based on the eigenvalues of complex networks.Abstract:
With the deepening of research on network theory, scientists have gradually begun to adopt complex networks to look at complex systems in nature. A complex network is a network of a large number of closely related and interacting units. This paper believes that each component of the software can be abstracted into various algebraic components. These algebraic components are assembled into a software system. Its assembly process satisfies the configuration and fit characteristics in the topological space. Using algebraic components as the vertices of complex network graphs, the connection relationship between them is taken as the edge of the complex network graph. Using this new perspective, the software system is regarded as a complex network graph composed of algebraic components and their connection relationships. We have proved that the software system can be abstracted into the form of algebraic component expressions, and can find algebraic components that may have vulnerabilities based on the eigenvalues of complex networks.read more
Citations
More filters
Journal ArticleDOI
A Software Vulnerability Detection Method Based on Complex Network Community
TL;DR: The spring-shiro-training project is used to verify the vulnerability detection method based on complex network community, and the results show that the method is effective.
References
More filters
Proceedings Article
Gephi: An Open Source Software for Exploring and Manipulating Networks
TL;DR: This work presents several key features of Gephi in the context of interactive exploration and interpretation of networks, and highlights key aspects of dynamic network visualization.
Journal ArticleDOI
A faster algorithm for betweenness centrality
TL;DR: New algorithms for betweenness are introduced in this paper and require O(n + m) space and run in O(nm) and O( nm + n2 log n) time on unweighted and weighted networks, respectively, where m is the number of links.
Proceedings ArticleDOI
Security metrics for source code structures
TL;DR: This work proposes some code-level security metrics which can be used to suggest the level of security of a code segment and provides guidelines about where and how these metrics can be use to improve source code structures.
Proceedings ArticleDOI
Evaluating the cost reduction of static code analysis for software security
TL;DR: In this article, the authors present a case study in which mature software with known vulnerabilities is subjected to a static analysis tool and the value of the tool is estimated based on reported failures from customers.