{"title":"漏洞与bug依赖关系的探索性研究","authors":"Shaikh Mostafa, Xiaoyin Wang","doi":"10.1109/APSEC53868.2021.00074","DOIUrl":null,"url":null,"abstract":"Security vulnerabilities are major defects in software implementation that allow malicious uses to undermine its integrity by triggering crashes, stealing information, or even taking control of the software and its underlying system. Despite the extensive research on vulnerabilities themselves, few studies have been performed on understanding the relations between security vulnerabilities and other bugs, which have attracted attention due to some recently found important vulnerabilities. In this paper, we present an exploration study on the vulnerability-bug relations in two important software projects: Firefox as the representative of browsers, and Red Hat as the representative of operating systems. In the study, we automatically extracted dependencies among vulnerability and bugs and manually investigated the character of such dependencies.","PeriodicalId":143800,"journal":{"name":"2021 28th Asia-Pacific Software Engineering Conference (APSEC)","volume":"18 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"An Exploration Study On the Dependency Among Vulnerabilities and Bugs\",\"authors\":\"Shaikh Mostafa, Xiaoyin Wang\",\"doi\":\"10.1109/APSEC53868.2021.00074\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Security vulnerabilities are major defects in software implementation that allow malicious uses to undermine its integrity by triggering crashes, stealing information, or even taking control of the software and its underlying system. Despite the extensive research on vulnerabilities themselves, few studies have been performed on understanding the relations between security vulnerabilities and other bugs, which have attracted attention due to some recently found important vulnerabilities. In this paper, we present an exploration study on the vulnerability-bug relations in two important software projects: Firefox as the representative of browsers, and Red Hat as the representative of operating systems. In the study, we automatically extracted dependencies among vulnerability and bugs and manually investigated the character of such dependencies.\",\"PeriodicalId\":143800,\"journal\":{\"name\":\"2021 28th Asia-Pacific Software Engineering Conference (APSEC)\",\"volume\":\"18 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-12-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2021 28th Asia-Pacific Software Engineering Conference (APSEC)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/APSEC53868.2021.00074\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 28th Asia-Pacific Software Engineering Conference (APSEC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/APSEC53868.2021.00074","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
An Exploration Study On the Dependency Among Vulnerabilities and Bugs
Security vulnerabilities are major defects in software implementation that allow malicious uses to undermine its integrity by triggering crashes, stealing information, or even taking control of the software and its underlying system. Despite the extensive research on vulnerabilities themselves, few studies have been performed on understanding the relations between security vulnerabilities and other bugs, which have attracted attention due to some recently found important vulnerabilities. In this paper, we present an exploration study on the vulnerability-bug relations in two important software projects: Firefox as the representative of browsers, and Red Hat as the representative of operating systems. In the study, we automatically extracted dependencies among vulnerability and bugs and manually investigated the character of such dependencies.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
