Toward the Use of Automated Static Analysis Alerts for Early Identification of Vulnerability- and Attack-prone Components

@article{Gegick2007TowardTU,
  title={Toward the Use of Automated Static Analysis Alerts for Early Identification of Vulnerability- and Attack-prone Components},
  author={Michael Gegick and Laurie L. Williams},
  journal={Second International Conference on Internet Monitoring and Protection (ICIMP 2007)},
  year={2007},
  pages={18-18}
}
Extensive research has shown that software metrics can be used to identify fault- and failure-prone components. These metrics can also give early indications of overall software quality. We seek to parallel the identification and prediction of fault- and failure-prone components in the reliability context with vulnerability- and attack-prone components in the security context. Our research will correlate the quantity and severity of alerts generated by source code static analyzers to… CONTINUE READING
Highly Cited
This paper has 22 citations. REVIEW CITATIONS