Identifying Challenges for OSS Vulnerability Scanners - A Study & Test Suite (Short Summary)
Author:
Abstract
This short paper presents a study investigating the impact of typical development practices, like re-compilation, re-bundling, on the performance of vulnerability scanners to detect known vulnerabilities in used open-source dependencies. In particular, the paper studies (i) types of modifications that affect the detection of vulnerable open-source dependencies and (ii) their impact on the performance of vulnerability scanners through an empirical study on 7024 Java projects developed at SAP.
- Citation
- BibTeX
Dann, A., Plate, H., Hermann, B., Ponta, S. E. & Bodden, E.,
(2022).
Identifying Challenges for OSS Vulnerability Scanners - A Study & Test Suite (Short Summary).
In:
Grunske, L., Siegmund, J. & Vogelsang, A.
(Hrsg.),
Software Engineering 2022.
Bonn:
Gesellschaft für Informatik e.V..
(S. 21-23).
DOI: 10.18420/se2022-ws-003
@inproceedings{mci/Dann2022,
author = {Dann, Andreas AND Plate, Henrik AND Hermann, Ben AND Ponta, Serena Elisa AND Bodden, Eric},
title = {Identifying Challenges for OSS Vulnerability Scanners - A Study & Test Suite (Short Summary)},
booktitle = {Software Engineering 2022},
year = {2022},
editor = {Grunske, Lars AND Siegmund, Janet AND Vogelsang, Andreas} ,
pages = { 21-23 } ,
doi = { 10.18420/se2022-ws-003 },
publisher = {Gesellschaft für Informatik e.V.},
address = {Bonn}
}
author = {Dann, Andreas AND Plate, Henrik AND Hermann, Ben AND Ponta, Serena Elisa AND Bodden, Eric},
title = {Identifying Challenges for OSS Vulnerability Scanners - A Study & Test Suite (Short Summary)},
booktitle = {Software Engineering 2022},
year = {2022},
editor = {Grunske, Lars AND Siegmund, Janet AND Vogelsang, Andreas} ,
pages = { 21-23 } ,
doi = { 10.18420/se2022-ws-003 },
publisher = {Gesellschaft für Informatik e.V.},
address = {Bonn}
}
Sollte hier kein Volltext (PDF) verlinkt sein, dann kann es sein, dass dieser aus verschiedenen Gruenden (z.B. Lizenzen oder Copyright) nur in einer anderen Digital Library verfuegbar ist. Versuchen Sie in diesem Fall einen Zugriff ueber die verlinkte DOI: 10.18420/se2022-ws-003
Haben Sie fehlerhafte Angaben entdeckt? Sagen Sie uns Bescheid: Send Feedback
More Info
ISBN: 978-3-88579-714-2
ISSN: 1617-5468
xmlui.MetaDataDisplay.field.date: 2022
Language: (en)
Content Type: Text/Conference Paper