AI-based Static Application Security Testing Guide

AI-based Static Application Security Testing Guide

Improved Threat Modeling for Detection, Classification & Prevention of Leading to Vulnerability Code Smells

LAP Lambert Academic Publishing ( 2024-08-22 )

€ 60,90

Buy at the MoreBooks! Shop

Code smells are usually ignored as they are neither a bug, nor a vulnerability. Quality engineers and, specially, security architects ignore them. As some of the code smells may lead towards vulnerability which may further be exploited by the hackers, therefore, such vulnerable code smells must be considered and further mitigated by threat modelers. In order to provide a repository of such code smells to security designers, a process had been devised and experimented. During the execution, various web applications had been passed through SAST and resulting code smells had been extracted and then inserted into a new dataset via Python. Later on, the code smells deposited in the dataset had been classified into various categories. Finally, machine learning algorithms had been assessed through WEKA and the fastest as well the most accurate algorithm had been selected. Current security standards do not ensure mitigation of threats caused by leading-to-vulnerability code smells, till to date. Typically, threat modelers assess security of a system through modeling threats via CIA, STRIDE and LINDDUN standards on its DFD and various architectural / infrastructural diagrams.

Book Details:

ISBN-13:

978-620-7-99704-6

ISBN-10:

6207997042

EAN:

9786207997046

Book language:

English

By (author) :

Malik Shah Jahan

Number of pages:

100

Published on:

2024-08-22

Category:

Programming language