Estimating Software Robustness in Relation To Input Validation Vulnerabilities Using Bayesian Networks
| dc.contributor.author | Ufuktepe, Ekincan | |
| dc.contributor.author | Tuğlular, Tuğkan | |
| dc.coverage.doi | 10.1007/s11219-017-9359-5 | |
| dc.date.accessioned | 2020-01-16T07:36:28Z | |
| dc.date.available | 2020-01-16T07:36:28Z | |
| dc.date.issued | 2018 | |
| dc.description.abstract | Estimating the robustness of software in the presence of invalid inputs has long been a challenging task owing to the fact that developers usually fail to take the necessary action to validate inputs during the design and implementation of software. We propose a method for estimating the robustness of software in relation to input validation vulnerabilities using Bayesian networks. The proposed method runs on all program functions and/or methods. It calculates a robustness value using information on the existence of input validation code in the functions and utilizing common weakness scores of known input validation vulnerabilities. In the case study, ten well-known software libraries implemented in the JavaScript language, which are chosen because of their increasing popularity among software developers, are evaluated. Using our method, software development teams can track changes made to software to deal with invalid inputs. | en_US |
| dc.identifier.citation | Ufuktepe, E., and Tuğlular, T. (2018). Estimating software robustness in relation to input validation vulnerabilities using Bayesian networks. Software Quality Journal, 26(2), 455-489. doi:10.1007/s11219-017-9359-5 | en_US |
| dc.identifier.doi | 10.1007/s11219-017-9359-5 | |
| dc.identifier.doi | 10.1007/s11219-017-9359-5 | en_US |
| dc.identifier.issn | 0963-9314 | |
| dc.identifier.issn | 1573-1367 | |
| dc.identifier.scopus | 2-s2.0-85016124190 | |
| dc.identifier.uri | https://doi.org/10.1007/s11219-017-9359-5 | |
| dc.identifier.uri | https://hdl.handle.net/11147/7589 | |
| dc.language.iso | en | en_US |
| dc.publisher | Springer Verlag | en_US |
| dc.relation.ispartof | Software Quality Journal | en_US |
| dc.rights | info:eu-repo/semantics/openAccess | en_US |
| dc.subject | Bayesian networks | en_US |
| dc.subject | Input validation vulnerabilities | en_US |
| dc.subject | Robustness (control systems) | en_US |
| dc.subject | Estimating software | en_US |
| dc.title | Estimating Software Robustness in Relation To Input Validation Vulnerabilities Using Bayesian Networks | en_US |
| dc.type | Article | en_US |
| dspace.entity.type | Publication | |
| gdc.author.id | 0000-0001-6797-3913 | |
| gdc.author.id | 0000-0001-6797-3913 | en_US |
| gdc.author.institutional | Ufuktepe, Ekincan | |
| gdc.author.institutional | Tuğlular, Tuğkan | |
| gdc.bip.impulseclass | C5 | |
| gdc.bip.influenceclass | C5 | |
| gdc.bip.popularityclass | C4 | |
| gdc.coar.access | open access | |
| gdc.coar.type | text::journal::journal article | |
| gdc.collaboration.industrial | false | |
| gdc.description.department | İzmir Institute of Technology. Computer Engineering | en_US |
| gdc.description.endpage | 489 | en_US |
| gdc.description.issue | 2 | en_US |
| gdc.description.publicationcategory | Makale - Uluslararası Hakemli Dergi - Kurum Öğretim Elemanı | en_US |
| gdc.description.scopusquality | Q2 | |
| gdc.description.startpage | 455 | en_US |
| gdc.description.volume | 26 | en_US |
| gdc.description.wosquality | Q3 | |
| gdc.identifier.openalex | W2598792555 | |
| gdc.identifier.wos | WOS:000433521200009 | |
| gdc.index.type | WoS | |
| gdc.index.type | Scopus | |
| gdc.oaire.accesstype | BRONZE | |
| gdc.oaire.diamondjournal | false | |
| gdc.oaire.impulse | 0.0 | |
| gdc.oaire.influence | 2.8478748E-9 | |
| gdc.oaire.isgreen | true | |
| gdc.oaire.keywords | Bayesian networks | |
| gdc.oaire.keywords | Robustness | |
| gdc.oaire.keywords | Estimating software | |
| gdc.oaire.keywords | Robustness (control systems) | |
| gdc.oaire.keywords | Input validation vulnerabilities | |
| gdc.oaire.popularity | 4.870981E-9 | |
| gdc.oaire.publicfunded | false | |
| gdc.oaire.sciencefields | 0202 electrical engineering, electronic engineering, information engineering | |
| gdc.oaire.sciencefields | 02 engineering and technology | |
| gdc.openalex.collaboration | National | |
| gdc.openalex.fwci | 0.0 | |
| gdc.openalex.normalizedpercentile | 0.03 | |
| gdc.opencitations.count | 4 | |
| gdc.plumx.mendeley | 18 | |
| gdc.plumx.scopuscites | 6 | |
| gdc.scopus.citedcount | 6 | |
| gdc.wos.citedcount | 6 | |
| relation.isAuthorOfPublication.latestForDiscovery | 0d844afc-e8be-479d-975d-06e205364426 | |
| relation.isOrgUnitOfPublication.latestForDiscovery | 9af2b05f-28ac-4014-8abe-a4dfe192da5e |
Files
Original bundle
1 - 1 of 1
Loading...
- Name:
- Ufuktepe-Tuglular2018.pdf
- Size:
- 1.91 MB
- Format:
- Adobe Portable Document Format
- Description:
- Makale (Article)
License bundle
1 - 1 of 1
Loading...
- Name:
- license.txt
- Size:
- 1.71 KB
- Format:
- Item-specific license agreed upon to submission
- Description: