在架构级别对安全性进行推理是否有价值:一种比较评估

Symposium and Bootcamp on the Science of Security Pub Date : 2014-04-08 DOI:10.1145/2600176.2600206

E. Khalaj, R. Vanciu, Marwan Abi-Antoun

{"title":"在架构级别对安全性进行推理是否有价值:一种比较评估","authors":"E. Khalaj, R. Vanciu, Marwan Abi-Antoun","doi":"10.1145/2600176.2600206","DOIUrl":null,"url":null,"abstract":"We propose to build a benchmark with hand-selected test-cases from different equivalence classes, then to directly compare different approaches that make different tradeoffs to better understand which approaches find security vulnerabilities more effectively (better recall, better precision).","PeriodicalId":193860,"journal":{"name":"Symposium and Bootcamp on the Science of Security","volume":"282 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2014-04-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Is there value in reasoning about security at the architectural level: a comparative evaluation\",\"authors\":\"E. Khalaj, R. Vanciu, Marwan Abi-Antoun\",\"doi\":\"10.1145/2600176.2600206\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"We propose to build a benchmark with hand-selected test-cases from different equivalence classes, then to directly compare different approaches that make different tradeoffs to better understand which approaches find security vulnerabilities more effectively (better recall, better precision).\",\"PeriodicalId\":193860,\"journal\":{\"name\":\"Symposium and Bootcamp on the Science of Security\",\"volume\":\"282 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2014-04-08\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Symposium and Bootcamp on the Science of Security\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/2600176.2600206\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Symposium and Bootcamp on the Science of Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2600176.2600206","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 2

摘要

我们建议用来自不同等价类的手工选择的测试用例构建一个基准，然后直接比较做出不同权衡的不同方法，以更好地理解哪种方法更有效地发现安全漏洞(更好的召回率，更好的精度)。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Is there value in reasoning about security at the architectural level: a comparative evaluation

We propose to build a benchmark with hand-selected test-cases from different equivalence classes, then to directly compare different approaches that make different tradeoffs to better understand which approaches find security vulnerabilities more effectively (better recall, better precision).

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Symposium and Bootcamp on the Science of Security

自引率

0.00%

发文量