Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
CCS
2008
ACM
2008
ACM
Is complexity really the enemy of software security?
Software complexity is often hypothesized to be the enemy of software security. We performed statistical analysis on nine code complexity metrics from the JavaScript Engine in the Mozilla application framework to investigate if this hypothesis is true. Our initial results show that the nine complexity measures have weak correlation (=0.30 at best) with security problems for Mozilla JavaScript Engine. The study should be replicated on more products with design and code-level metrics. It may be necessary to create new complexity metrics to embody the type of complexity that leads to security problems. Categories and Subject Descriptors D.2.8 [Software Engineering]: Complexity measures, Product metrics General Terms Measurement, Reliability, Security. Keywords Software metrics, security metrics, software complexity, reliability, fault prediction, vulnerability prediction
Real-time Traffic| Added | 12 Oct 2010 |
| Updated | 12 Oct 2010 |
| Type | Conference |
| Year | 2008 |
| Where | CCS |
| Authors | Yonghee Shin, Laurie Williams |
Comments (0)
Researcher Info
|
