A Framework and a Language for Usability Automatic Evaluation of Web Sites by Static Analysis of HTML Source Code

2002 ◽  
pp. 337-348 ◽  
Author(s):  
Abdo Beirekdar ◽  
Jean Vanderdonckt ◽  
Monique Noirhomme-Fraiture
Keyword(s):  
Static Analysis ◽  
Web Sites ◽  
Source Code ◽  
Automatic Evaluation

Is Static Analysis Able to Identify Unnecessary Source Code?

2020 ◽  
Vol 29 (1) ◽  
pp. 1-23
Author(s):  
Roman Haas ◽  
Rainer Niedermayr ◽  
Tobias Roehm ◽  
Sven Apel
Keyword(s):  
Static Analysis ◽  
Source Code

scholarly journals Means of integrating static source security analysis technology into the software development environment

2020 ◽  
Author(s):  
N. V. Goryuk ◽  
Keyword(s):  
Software Development ◽  
Static Analysis ◽  
Software Security ◽  
Source Code ◽  
Security Analysis ◽  
Development Environment ◽  
Static Source ◽  
Software Development Environment ◽  
Further Development ◽  
Code Development

The article investigates automation methods and means of integration of static source security analysis technology. The process of software security analysis, which is implemented by the technology of static analysis of the source code, is studied, and the methods of solving the problem of automation and integration of the technology into the source code development environment are offered. The perspective direction of further development of the technology of static analysis of the source code is established.

scholarly journals Evaluation of SQL Injection Vulnerability Detection Tools

2019 ◽  
Vol 9 (1) ◽  
pp. 1747-1751
Keyword(s):  
Static Analysis ◽  
Web Applications ◽  
Source Code ◽  
False Negative ◽  
Vulnerability Detection ◽  
Sql Injection ◽  
User Input ◽  
Root Cause ◽  
Analysis Tools ◽  
Free Open Source

SQL injection vulnerabilities have been predominant on database-driven web applications since almost one decade. Exploiting such vulnerabilities enables attackers to gain unauthorized access to the back-end databases by altering the original SQL statements through manipulating user input. Testing web applications for identifying SQL injection vulnerabilities before deployment is essential to get rid of them. However, checking such vulnerabilities by hand is very tedious, difficult, and time-consuming. Web vulnerability static analysis tools are software tools for automatically identifying the root cause of SQL injection vulnerabilities in web applications source code. In this paper, we test and evaluate three free/open source static analysis tools using eight web applications with numerous known vulnerabilities, primarily for false negative rates. The evaluation results were compared and analysed, and they indicate a need to improve the tools.

CODE-CHANGE IMPACT ANALYSIS USING COUNTERFACTUALS: THEORY AND IMPLEMENTATION

2013 ◽  
Vol 23 (10) ◽  
pp. 1459-1486
Author(s):  
MANUEL PERALTA ◽  
SUPRATIK MUKHOPADHYAY
Keyword(s):  
Static Analysis ◽  
Theorem Proving ◽  
Program Analysis ◽  
Impact Analysis ◽  
Source Code ◽  
Analysis Framework ◽  
Change Impact Analysis ◽  
Code Change ◽  
Change Impact ◽  
Automated Tool

This article shows a novel program analysis framework based on Lewis' theory of counterfactuals. Using this framework we are capable of performing change-impact static analysis on a program's source code. In other words, we are able to prove the properties induced by changes to a given program before applying these changes. Our contribution is two-fold; we show how to use Lewis' logic of counterfactuals to prove that proposed changes to a program preserve its correctness. We report the development of an automated tool based on resolution and theorem proving for performing code change-impact analysis.

scholarly journals Static analysis of software source code based on the Fortify Static Code Analyzer solution

2021 ◽  
Vol 46 (2) ◽  
Author(s):  
N. V. Goryuk ◽  
◽  
I. M. Lavrovsky
Keyword(s):  
Life Cycle ◽  
Software Development ◽  
Static Analysis ◽  
Source Code ◽  
Security Analysis ◽  
Software Life Cycle ◽  
Static Source

The article analyzes the problem of identifying source code vulnerabilities in the context of software development. An analysis of existing technologies for detecting vulnerabilities in the source code. Methods and means of protection of detection of source code vulnerabilities on the basis of the Fortify Static Code Analyzer solution are investigated. The purpose, main functions and architecture of the Fortify Static Code Analyzer solution are defined. Based on the research conducted in the work, a variant of the process of static analysis of the security of the source code in the context of the software life cycle was developed. Recommendations for the use of static source security analysis technology have been developed.

Extraction of Web Site Evaluation Criteria and Automatic Evaluation

2010 ◽  
Vol 14 (4) ◽  
pp. 396-401 ◽  
Author(s):  
Peng Li ◽  
◽  
Seiji Yamada ◽  
Keyword(s):  
Machine Learning ◽  
Web Sites ◽  
Web Site ◽  
Evaluation Criteria ◽  
Automatic Evaluation ◽  
Discriminant Functions ◽  
High Quality ◽  
Evaluation Data ◽  
Site Evaluation ◽  
Ranking Information

This paper proposes an automated web site evaluation using machine learning to extract evaluation criteria from existing evaluation data. Web site evaluation is a significant task because evaluated web sites provide information useful to users in estimating sites validation and popularity. Although many practical approaches have been taken to present possible measuring sticks for web sites, their evaluation criteria are manually determined. We developed a method to obtain evaluation criteria automatically and rank web sites with the learned classifier. Evaluation criteria are discriminant functions learned from a set of ranking information and evaluation features collected automatically by web robots. Experiments confirmed the effectiveness of our approach and its potential in high-quality web site evaluation.

Sign in / Sign up

Export Citation Format

Share Document