Using SQL Hotspots in a Prioritization Heuristic for Detecting All Types of Web Application Vulnerabilities: Difference between revisions
Jump to navigation
Jump to search
Programsam (talk | contribs) |
Programsam (talk | contribs) |
||
| Line 62: | Line 62: | ||
== 4. Methodology == | == 4. Methodology == | ||
We conducted two case studies to empirically investigate eight hypothesis related to hotspot source code locations and vulnerabilities reported in the systems' bug tracking systems. We present these hypotheses, as well their results, in Table 1. We will further explain the results in Section 5. Our hypotheses point to the research objective: to improve the prioritization of security fortification efforts by investigating the ability of SQL hotspots to be used as the basis for a heuristic for the prediction of all vulnerability types. We also include lines of code in our analysis as a way of improving the accuracy and predictive power of our heuristic along with SQL hotspots. Specifically, we look at the relationship between hotspots and files (H1-H2), the amount of code change as related to the vulnerability type (H3), the predictive ability of hotspots for any vulnerability type (H4-H5), and the effect that collocating hotspots can have on the number and types of vulnerability in a given system (H6-H8). | |||
For these case studies, we analyzed the Trac issue reports for two open source web applications, WordPress<sup>8</sup> and WikkaWiki<sup>9</sup>. Trac is a web-based issue management system, similar to Bugzilla<sup>10</sup>, which integrates Subversion<sup>11</sup> repository information. The details of our analysis are provided in Sections 4.2 through 4.5. | |||
== 5. Results == | == 5. Results == | ||