- 期刊
Detection and Analysis of Security Vulnerabilities in Java
並列摘要
There are several tools that use techniques like static analysis, lexical analysis etc to detect the vulnerabilities in Java based programs. However still there are vulnerabilities which are not traceable by the available tools. The objective of this paper is twofold. We develop a method to detect vulnerabilities in Java programs. Further we analyze the dependencies among the vulnerabilities using mathematical lattice theory based formal concept analysis. Our experimental result show that the proposed model is able to detect the untraceable vulnerabilities and the dependency analysis is in good agreement with the literature.
參考文獻
Aswani Kumar, Ch.(2011).Knowledge discovery in data using formal concept analysis and random projections.International Journal of Applied Mathematics and Computer Science.21(4),745-756.
Aswani Kumar, Ch.(2011).Mining association rules using non-negative matrix factorization and formal concept analysis.Communications in Computer and Information Science.157,31-39.
Aswani Kumar, Ch.(2012).Modeling access permissions in role based access control using formal concept analysis.Wireless Networks and Computational Intelligence.(Wireless Networks and Computational Intelligence).:
Aswani Kumar, Ch.(2012).Fuzzy clustering based formal concept analysis for association rules mining.Applied Artificial Intelligence.26(3),274-301.
Aswani Kumar, Ch.(2013).Designing role based access control using formal concept analysis.Security and Communication Networks.6(3),373-383.
被引用紀錄
Shih, J. F. (2011). 一套整合的網路應用安全分析與驗證工具 [master's thesis, National Taiwan University]. Airiti Library. https://doi.org/10.6342/NTU.2011.01077
延伸閱讀
- Bian, G., Nakayama, K., Kobayashi, Y., & Maekawa, M. (2007). Java Bytecode Dependence Analysis for Secure Information Flow. International Journal of Network Security, 4(1), 59-68. https://doi.org/10.6633/IJNS.200701.4(1).07
- Park, J. G., & Park, M. S. (2002). Specializing Java Programs in a Distributed Environment. Journal of Information Science and Engineering, 18(5), 787-801. https://doi.org/10.6688/JISE.2002.18.5.4
- Chen, J. W. (2021). Build Open Source Java projects with Auto-Classifying-Fixing approach [master's thesis, National Taiwan University]. Airiti Library. https://doi.org/10.6342/NTU202102455
- Huang, Y. W. (2012). Dynamic and Static Methods for Identifying Web Application Vulnerabilities [doctoral dissertation, National Taiwan University]. Airiti Library. https://doi.org/10.6342/NTU.2012.10063
- Tsai, Y. S. (2009). A Study of Methods and Tools for Analyzing Security Vulnerabilities in Web Applications [master's thesis, National Taiwan University]. Airiti Library. https://doi.org/10.6342/NTU.2009.03309