S. Tjoa, Patrick Kochberger, Christoph Malin, Andreas Schmoll
{"title":"一个开放源代码分析和审查(OSCAR)框架","authors":"S. Tjoa, Patrick Kochberger, Christoph Malin, Andreas Schmoll","doi":"10.1109/ARES.2015.36","DOIUrl":null,"url":null,"abstract":"Due to the intense usage of IT and the growing number of fields of application, we rely more than ever on functional software components. In conjunction with this development it could be observed that in the last years the popularity of open source software was on the rise for various reasons. However, in the recent past, serious vulnerabilities have been discovered. In order to support open source developers testing their source code for security bugs, in this paper, we present the idea of a framework which combines existing open source security checkers. After presenting the architecture of the framework we demonstrate the functionality of the framework using the vulnerable application Web Goat.","PeriodicalId":331539,"journal":{"name":"2015 10th International Conference on Availability, Reliability and Security","volume":"34 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2015-08-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"An Open Source Code Analyzer and Reviewer (OSCAR) Framework\",\"authors\":\"S. Tjoa, Patrick Kochberger, Christoph Malin, Andreas Schmoll\",\"doi\":\"10.1109/ARES.2015.36\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Due to the intense usage of IT and the growing number of fields of application, we rely more than ever on functional software components. In conjunction with this development it could be observed that in the last years the popularity of open source software was on the rise for various reasons. However, in the recent past, serious vulnerabilities have been discovered. In order to support open source developers testing their source code for security bugs, in this paper, we present the idea of a framework which combines existing open source security checkers. After presenting the architecture of the framework we demonstrate the functionality of the framework using the vulnerable application Web Goat.\",\"PeriodicalId\":331539,\"journal\":{\"name\":\"2015 10th International Conference on Availability, Reliability and Security\",\"volume\":\"34 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2015-08-24\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2015 10th International Conference on Availability, Reliability and Security\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ARES.2015.36\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2015 10th International Conference on Availability, Reliability and Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ARES.2015.36","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
An Open Source Code Analyzer and Reviewer (OSCAR) Framework
Due to the intense usage of IT and the growing number of fields of application, we rely more than ever on functional software components. In conjunction with this development it could be observed that in the last years the popularity of open source software was on the rise for various reasons. However, in the recent past, serious vulnerabilities have been discovered. In order to support open source developers testing their source code for security bugs, in this paper, we present the idea of a framework which combines existing open source security checkers. After presenting the architecture of the framework we demonstrate the functionality of the framework using the vulnerable application Web Goat.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
