软件代码漏洞分析中的面向对象软件度量

2020 International Conference on INnovations in Intelligent SysTems and Applications (INISTA) Pub Date : 2020-08-01 DOI:10.1109/INISTA49547.2020.9194645

K. Kuk, Petar Milić, Stefan Denić

{"title":"软件代码漏洞分析中的面向对象软件度量","authors":"K. Kuk, Petar Milić, Stefan Denić","doi":"10.1109/INISTA49547.2020.9194645","DOIUrl":null,"url":null,"abstract":"Development of quality object-oriented software contains security as an integral aspect of that process. During that process, a ceaseless burden on the developers was posed in order to maximize the development and at the same time to reduce the expense and time invested in security. In this paper, the authors analyzed metrics for object-oriented software in order to evaluate and identify the relation between metric value and security of the software. Identification of these relations was achieved by study of software vulnerabilities with code level metrics. By using OWASP classification of vulnerabilities and experimental results, we proved that there was relation between metric values and possible security issues in software. For experimental code analysis, we have developed special software called SOFTMET.","PeriodicalId":124632,"journal":{"name":"2020 International Conference on INnovations in Intelligent SysTems and Applications (INISTA)","volume":"49 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Object-oriented software metrics in software code vulnerability analysis\",\"authors\":\"K. Kuk, Petar Milić, Stefan Denić\",\"doi\":\"10.1109/INISTA49547.2020.9194645\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Development of quality object-oriented software contains security as an integral aspect of that process. During that process, a ceaseless burden on the developers was posed in order to maximize the development and at the same time to reduce the expense and time invested in security. In this paper, the authors analyzed metrics for object-oriented software in order to evaluate and identify the relation between metric value and security of the software. Identification of these relations was achieved by study of software vulnerabilities with code level metrics. By using OWASP classification of vulnerabilities and experimental results, we proved that there was relation between metric values and possible security issues in software. For experimental code analysis, we have developed special software called SOFTMET.\",\"PeriodicalId\":124632,\"journal\":{\"name\":\"2020 International Conference on INnovations in Intelligent SysTems and Applications (INISTA)\",\"volume\":\"49 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2020-08-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2020 International Conference on INnovations in Intelligent SysTems and Applications (INISTA)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/INISTA49547.2020.9194645\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2020 International Conference on INnovations in Intelligent SysTems and Applications (INISTA)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/INISTA49547.2020.9194645","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 1

摘要

高质量的面向对象软件的开发将安全性作为该过程的一个组成部分。在这个过程中，为了最大限度地提高开发效率，同时减少在安全方面投入的费用和时间，给开发人员带来了不断的负担。本文对面向对象软件的度量进行了分析，以评价和识别度量值与软件安全性之间的关系。这些关系的识别是通过使用代码级度量来研究软件漏洞来实现的。利用OWASP漏洞分类和实验结果，证明了度量值与软件中可能存在的安全问题之间存在关联。为了进行实验代码分析，我们开发了专门的软件SOFTMET。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Object-oriented software metrics in software code vulnerability analysis

Development of quality object-oriented software contains security as an integral aspect of that process. During that process, a ceaseless burden on the developers was posed in order to maximize the development and at the same time to reduce the expense and time invested in security. In this paper, the authors analyzed metrics for object-oriented software in order to evaluate and identify the relation between metric value and security of the software. Identification of these relations was achieved by study of software vulnerabilities with code level metrics. By using OWASP classification of vulnerabilities and experimental results, we proved that there was relation between metric values and possible security issues in software. For experimental code analysis, we have developed special software called SOFTMET.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2020 International Conference on INnovations in Intelligent SysTems and Applications (INISTA)

自引率

0.00%

发文量