Using SQL Hotspots in a Prioritization Heuristic for Detecting All Types of Web Application Vulnerabilities: Difference between revisions

← Older edit Newer edit →

@@ Line 110: / Line 110: @@
 In WordPress, issues that were marked as security by WordPress developers were not always due to security.  For example, issue number 2041<sup>21</sup> reports a problem when updating to the latest version.  The reporter’s instance of WordPress was throwing an error when trying to display images.  The thread discussion eventually resolves the issue, and a patch is committed to the repository.  However, this issue is incorrectly categorized as a security problem by the developers because the problem deals with correctly updating the WordPress instance. We encountered nine reports like number 2041 that we determined to be not security-related.  We exclude these reports from our analysis in WordPress. Since we manually identified security issues in WikkaWiki, we classified issues as we identified them.  As such, there were no issue reports in WikkaWiki that were not security-related.  Therefore there were no reports to exclude.
+We manually edited the <code>tracs</code> dataset to add the CWE classifier to each issue report that was security related. We were also interested in comparing the proportion of input validation vulnerabilities in each project as a part of our research hypotheses (H7), so we additionally added a variable to the <code>tracs</code> dataset that indicated a "yes/no" as to whether the Trac report in question was due to an input validation vulnerability.  CWE classifies several vulnerability types as input validation vulnerabilities<sup>22</sup> and we followed this classification in our analysis.  We used the input validation vulnerability variable ''only'' for evaluating H7; we tested all other hypotheses and conducted the predictive modeling using the full dataset, irrespective of a reported vulnerabilities classification as input validation or non-input validation.
 == 5. Results ==