Computer Science ›› 2017, Vol. 44 ›› Issue (11): 41-49.doi: 10.11896/j.issn.1002-137X.2017.11.007
Previous Articles Next Articles
ZHANG Kai, SUN Xiao-bing, PENG Xin and ZHAO Wen-yun
[1] TAN L,LIU C,LI Z M,et al.Bug characteristics in open source software[J].Empirical Software Engineering,2014,19(6):1665-1705. [2] HALEY C B,LANEY R,MOFFETT J D,et al.Security Requirements Engineering:A Framework for Representation and Analysis[J].IEEE Transactions on Software Engineering,2008,34(1):133-153. [3] VIEGA J,MCGRAW G.Building secure software:how to avoid security problems the right way[M].Addison-Wesley,New York,2001. [4] ZAMAN S,ADAMS B,HASSAN A E.Security versus per-formance bugs:a case study on Firefox[C]∥Proceedings of the 8th Working Conference on Mining Software Repositories.New York,NY,USA:ACM,2011:93-102. [5] ZELLER A.Why Programs Fail:A Guide to System atic Debugging[M].San Francisco,CA,USA:Morgan Kaufmann PublishersInc.,2005. [6] MCGRAW G.Software security:building security in[J].IEEESecurity & Privacy,2006,2(3):6. [7] BHATTACHARYA P,ULANOVA L,N EAMTIU I,et al.An Empirical Analysis of Bug Reports and Bug Fixing in Open Source Android Apps[C]∥Proceedings of 17th European Conference on Software Maintenance & Reengineering.Washington DC,USA:IEEE,2013:133-143. [8] GEGICK M,ROTELLA P,XIE T.Identifying security bug reports via text mining:An industrial case study[C]∥Proceedings of the 7th International Working Conference on Mining Software Repositories.Washington DC,USA:IEEE,2010:11-20. [9] DING Y,ZOU W,WEI T.Research summarize of classification of security bugs in software[C]∥Proceedings of the 5th Con-ference on Vulnerability Analysis and Risk Assessment.2012.(in Chinese) 丁羽,邹维,韦韬.软件安全漏洞分类研究综述[C]∥信息安全漏洞分析与风险评估大会.2012. [10] LI Z M,TAN L,WANG X H,et al.Have things changed now? an empirical study of bug characteristics in modern open source software[C]∥Proceedings of The Workshop on Architectural and System Support for Improving Software Dependability.Washington DC,USA:IEEE,2010:11-20. [11] SHIN Y,WILLIAMS L.An Empirical Model to Predict Security Vulnerabilities using Code Complexity Metrics[C]∥Procee-dings of International Symposium on Empirical Software Engineering and Measurement.New York,NY,USA:ACM,2008:315-317. [12] ZIMMERMANN T,NAGAPPAN N,GUO P,et al.Characterizing and predicting which bugs get reopened[C]∥Proceedings of the 34th International Conference on Software Engineering.Washington DC,USA:IEEE,2012:1074-1083. [13] GUAN M.The research of software security bug detection technology based on the analysis of application[D].Xi’an:NorthWestern Polytechnical University,2007.(in Chinese) 管铭.基于程序分析的软件安全漏洞检测技术研究[D].西安:西北工业大学,2007. [14] ZHANG L,ZENG Q K.The static detection technology of software security bug[J].Software Engineering,2008,34(12):157-159.(in Chinese) 张林,曾庆凯.软件安全漏洞的静态检测技术[J].计算机工程,2008,34(12):157-159. [15] THOME J,SHAR L K,BRIAND L.Security slicing for auditing XML,XPath,and SQL injection vulnerabilities[C]∥Procee-dings of the 26th IEEE International Symposium on Software Reliability Engineering.Washington DC,USA:IEEE,2015:553-564. [16] SHAR L K,TAN H B K,BRIAND L.Mining SQL injection andcross site scripting vulnerabilities using hybrid program analysis[C]∥Proceedings of the 35th International Conference on Software Engineering.Washington DC,USA:IEEE,2013,4:642-651. [17] LV W M,LIU J.The classification and analysis of the security bugs in C/C++ programs[J].Computer Engineering and Applications,2005,41(5):123-125.(in Chinese) 吕维梅,刘坚.C/C++程序安全漏洞的分类与分析[J].计算机工程与应用,2005,41(5):123-125. [18] MA H T.The principles and defense methods of security bug in computer software[J].Science & Technology Association Forum,2009(6):49.(in Chinese) 马海涛.计算机软件安全漏洞原理及防范方法[J].科协论坛,2009(6):49. [19] NGUYEN P H,YSKOUT K,HEYMAN T,et al.SoSPa:A system of Security design Patterns for systematically engineering secure systems[C]∥Proceedings of the 18th ACM/IEEE International Conference on Model Driven Engineering Languages and Systems.Washington DC,USA:IEEE,2015. [20] YSKOUT K,SCANDARIATO R,JOOSEN W.Do Security Patterns Really Help Designers?[C]∥Proceedings of the 37th IEEE/ACM International Conference on Software Engineering.Washington DC,USA:IEEE,2015:292-302. [21] FELDERER M,ZEZH P,BREU R,et al.Model-based security testing:a taxonomy and systematic classification[J].Software Testing Verification & Reliability,2016,26(2):119-148. [22] FELDERER M,BCHLER M,JOHNS M,et al.Security Testing:A Survey[M]∥Advances in Computers.2016:1-51. [23] XIA X,LO D,SHIHAB E,et al.Automatic,high accuracy prediction of reopened bugs[J].Automated Software Engineering,2015,22(1):75-109. |
No related articles found! |
|