Evaluating the ability of static code analysis tools to detect injection vulnerabilities

Evaluating the ability of static code analysis tools to detect injection vulnerabilities

Identifying and eliminating security vulnerabilities in programs can be very time consuming. A way to automate and speed up the process is to integrate static code analysis tools in the development process. Choosing a static code analysis tool for a project is not an easy task since different tools...

Full description

Bibliographic Details
Main Author:	Ramos, Alexander
Format:	Others
Language:	English
Published:	Umeå universitet, Institutionen för datavetenskap 2016
Online Access:	http://urn.kb.se/resolve?urn=urn:nbn:se:umu:diva-128302

Similar Items

Automated static code analysis : A tool for early vulnerability detection
by: Baca, Dejan
Published: (2009)

Stacy-static code analysis for enhanced vulnerability detection
by: Pankaj Lathar, et al.
Published: (2017-01-01)

Scalable Static Detection of Use-After-Free Vulnerabilities in Binary Code
by: Kailong Zhu, et al.
Published: (2020-01-01)

Vulnerabilities Detection via Static Taint Analysis
by: Nikita Vladimirovitch Chimtchik, et al.
Published: (2019-09-01)

Tools for static code analysis: A survey
by: Hellström, Patrik
Published: (2009)

Writing Secure Codes and Implementation of a Static Detection Tool
by: Chun-Liang Chou, et al.

Qualification of Tool for Static Code Analysis : Processes and Requirements for Approval of Static Code Analysis in the Aviation Industry
by: Gustafson, Christopher, et al.
Published: (2020)

Staticly Detect Stack Overflow Vulnerabilities with Taint Analysis
by: Xing Zhang, et al.
Published: (2016-01-01)

Using static analysis for finding security vulnerabilities and critical errors in source code
by: Arutyun Avetisyan, et al.
Published: (2018-10-01)

On the Scalability of Static Program Analysis to Detect Vulnerabilities in the Java Platform
by: Lerch, Johannes
Published: (2016)

Using unreachable code analysis in static analysis tool for finding defects in source code
by: R. R. Mulyukov, et al.
Published: (2018-10-01)

Static Vulnerability Analysis of Docker Images
by: Henriksson, Oscar, et al.
Published: (2017)

Static Analysis and Implementation of TOCTOU Vulnerability
by: Yao-Nang Tseng, et al.
Published: (2019)

Measuring Accurancy of Vulnerability Scanners : An Evaluation with SQL Injections
by: Norström, Alexander
Published: (2014)

Code Profiling : Static Code Analysis
by: Borchert, Thomas
Published: (2008)

An Optimized Static Propositional Function Model to Detect Software Vulnerability
by: Lansheng Han, et al.
Published: (2019-01-01)

On the evaluation of code smells and detection tools
by: Thanis Paiva, et al.
Published: (2017-10-01)

Systematic Detection of Injection Vulnerability of Android application
by: Hung-Chi Su, et al.
Published: (2013)

Utilizing type systems for static vulnerability analysis
by: Lavrentii Tsvetkov, et al.
Published: (2016-04-01)

On Combining Static, Dynamic and Interactive Analysis Security Testing Tools to Improve OWASP Top Ten Security Vulnerability Detection in Web Applications
by: Francesc Mateo Tudela, et al.
Published: (2020-12-01)

Detecting PHP-based Cross-Site Scripting Vulnerabilities Using Static Program Analysis
by: Kelbley, Steven M.
Published: (2016)

Using Machine Learning Techniques to Improve Static Code Analysis Tools Usefulness
by: Alikhashashneh, Enas A.
Published: (2019)

Identifying and documenting false positive patterns generated by static code analysis tools
by: Reynolds, Zachary P.
Published: (2017)

Staged Method of Code Similarity Analysis for Firmware Vulnerability Detection
by: Yisen Wang, et al.
Published: (2019-01-01)

Operation System Vulnerabilities Analysis Based on Code Clone Detection
by: WANG Zhe, REN Yi, ZHOU Kai, GUAN Jianbo, TAN Yusong
Published: (2021-09-01)

The Study of Static Code Analysis
by: Bo-Han Lai, et al.
Published: (2014)

Towards the automation of vulnerability detection in source code
by: Ling, Hai Zhou
Published: (2009)

Limitations of static analysis tools : An evaluation of open source tools for C
by: Königsson, Niklas
Published: (2018)

Efficient Feature Selection for Static Analysis Vulnerability Prediction
by: Katarzyna Filus, et al.
Published: (2021-02-01)

ELAID: detecting integer-Overflow-to-Buffer-Overflow vulnerabilities by light-weight and accurate static analysis
by: Lili Xu, et al.
Published: (2020-09-01)

ORDER VIOLATION IN MULTITHREADED APPLICATIONS AND ITS DETECTION IN STATIC CODE ANALYSIS PROCESS
by: Damian GIEBAS, et al.
Published: (2020-12-01)

Atomicity Violation in Multithreaded Applications and Its Detection in Static Code Analysis Process
by: Damian Giebas, et al.
Published: (2020-11-01)

Detection of Concurrency Errors in Multithreaded Applications Based on Static Source Code Analysis
by: Damian Giebas, et al.
Published: (2021-01-01)

Static Code Analysis of C++ in LLVM
by: Kvarnström, Olle
Published: (2016)

AndroShield: Automated Android Applications Vulnerability Detection, a Hybrid Static and Dynamic Analysis Approach
by: Amr Amin, et al.
Published: (2019-10-01)

A Vulnerability Detection System Based on Fusion of Assembly Code and Source Code
by: Xingzheng Li, et al.
Published: (2021-01-01)

CircCode: A Powerful Tool for Identifying circRNA Coding Ability
by: Peisen Sun, et al.
Published: (2019-10-01)

Securing software : an evaluation of static source code analyzers
by: Zitser, Misha, 1979-
Published: (2005)

Automated Code-Smell Detection in Microservices Through Static Analysis: A Case Study
by: Andrew Walker, et al.
Published: (2020-11-01)

CODDLE: Code-Injection Detection With Deep Learning
by: Stanislav Abaimov, et al.
Published: (2019-01-01)