Proposing SQL Statement Coverage Metrics: Difference between revisions

Line 8:

'''PLACEHOLDER FOR FIGURE 1'''

In Figure 1, we counted the reported instances of vulnerabilities by using the keywords "SQL injection", "cross-site scripting", "XSS", and "buffer overflow" within the input validation error category from NVD. Figure 1 illustrates the number of reported instances of each type of cyber vulnerability listed in the series legend for each year displayed in the x-axis. The curve with the square shaped points is the sum of all reported vulnerabilities that fall into the categories “SQL injection”, “XSS”, or “buffer overflow” when querying the National Vulnerability Database. The curve with diamond shaped points represents all cyber vulnerabilities reported for the year in the x-axis. For several years now, the number of reported input validation vulnerabilities has been half the total number of reported vulnerabilities. Additionally, the graph demonstrates that these curves are monotonically increasing; indicating that we are unlikely to see a drop in the future in ratio of reported input

<footnote>In Figure 1, we counted the reported instances of vulnerabilities by using the keywords "SQL injection", "cross-site scripting", "XSS", and "buffer overflow" within the input validation error category from NVD.</footnote> Figure 1 illustrates the number of reported instances of each type of cyber vulnerability listed in the series legend for each year displayed in the x-axis. The curve with the square shaped points is the sum of all reported vulnerabilities that fall into the categories “SQL injection”, “XSS”, or “buffer overflow” when querying the National Vulnerability Database. The curve with diamond shaped points represents all cyber vulnerabilities reported for the year in the x-axis. For several years now, the number of reported input validation vulnerabilities has been half the total number of reported vulnerabilities. Additionally, the graph demonstrates that these curves are monotonically increasing; indicating that we are unlikely to see a drop in the future in ratio of reported input

validation vulnerabilities.

@@ Line 8: / Line 8: @@
 '''PLACEHOLDER FOR FIGURE 1'''
-In Figure 1, we counted the reported instances of vulnerabilities by using the keywords "SQL injection", "cross-site scripting", "XSS", and "buffer overflow" within the input validation error category from NVD. Figure 1 illustrates the number of reported instances of each type of cyber vulnerability listed in the series legend for each year displayed in the x-axis. The curve with the square shaped points is the sum of all reported vulnerabilities that fall into the categories “SQL injection”, “XSS”, or “buffer overflow” when querying the National Vulnerability Database. The curve with diamond shaped points represents all cyber vulnerabilities reported for the year in the x-axis. For several years now, the number of reported input validation vulnerabilities has been half the total number of reported vulnerabilities. Additionally, the graph demonstrates that these curves are monotonically increasing; indicating that we are unlikely to see a drop in the future in ratio of reported input
+<footnote>In Figure 1, we counted the reported instances of vulnerabilities by using the keywords "SQL injection", "cross-site scripting", "XSS", and "buffer overflow" within the input validation error category from NVD.</footnote> Figure 1 illustrates the number of reported instances of each type of cyber vulnerability listed in the series legend for each year displayed in the x-axis. The curve with the square shaped points is the sum of all reported vulnerabilities that fall into the categories “SQL injection”, “XSS”, or “buffer overflow” when querying the National Vulnerability Database. The curve with diamond shaped points represents all cyber vulnerabilities reported for the year in the x-axis. For several years now, the number of reported input validation vulnerabilities has been half the total number of reported vulnerabilities. Additionally, the graph demonstrates that these curves are monotonically increasing; indicating that we are unlikely to see a drop in the future in ratio of reported input
 validation vulnerabilities.