Logo des Repositoriums
 

Identifying Challenges for OSS Vulnerability Scanners - A Study & Test Suite (Short Summary)

Kurzanzeige
dc.contributor.authorDann, Andreas
dc.contributor.authorPlate, Henrik
dc.contributor.authorHermann, Ben
dc.contributor.authorPonta, Serena Elisa
dc.contributor.authorBodden, Eric
dc.contributor.editorGrunske, Lars
dc.contributor.editorSiegmund, Janet
dc.contributor.editorVogelsang, Andreas
dc.date.accessioned2022-01-19T12:56:55Z
dc.date.available2022-01-19T12:56:55Z
dc.date.issued2022
dc.description.abstractThis short paper presents a study investigating the impact of typical development practices, like re-compilation, re-bundling, on the performance of vulnerability scanners to detect known vulnerabilities in used open-source dependencies. In particular, the paper studies (i) types of modifications that affect the detection of vulnerable open-source dependencies and (ii) their impact on the performance of vulnerability scanners through an empirical study on 7024 Java projects developed at SAP.en
dc.identifier.doi10.18420/se2022-ws-003
dc.identifier.isbn978-3-88579-714-2
dc.identifier.pissn1617-5468
dc.identifier.urihttps://dl.gi.de/handle/20.500.12116/37983
dc.language.isoen
dc.publisherGesellschaft für Informatik e.V.
dc.relation.ispartofSoftware Engineering 2022
dc.relation.ispartofseriesLecture Notes in Informatics (LNI) - Proceedings, Volume P-320
dc.subjectSecurity maintenance
dc.subjectOpen-Source Software
dc.subjectSecurity Vulnerabilities
dc.titleIdentifying Challenges for OSS Vulnerability Scanners - A Study & Test Suite (Short Summary)en
dc.typeText/Conference Paper
gi.citation.endPage23
gi.citation.publisherPlaceBonn
gi.citation.startPage21
gi.conference.date21.-25. Feburar 2022
gi.conference.locationBerlin/Virtuell
gi.conference.sessiontitleWissenschaftliches Hauptprogramm

Dateien

Originalbündel
1 - 1 von 1
Vorschaubild nicht verfügbar
Name:
A1-3.pdf
Größe:
279.57 KB
Format:
Adobe Portable Document Format
Herunterladen

Sammlungen

P320 - Software Engineering 2022