ICST.Table 1: Difference between revisions
Jump to navigation
Jump to search
Programsam (talk | contribs) No edit summary |
Programsam (talk | contribs) No edit summary |
||
| Line 34: | Line 34: | ||
| True (Simple Linear Regression, p<0.0001, Adjusted R2 = 0.3802) | | True (Simple Linear Regression, p<0.0001, Adjusted R2 = 0.3802) | ||
|- | |- | ||
|colspan="3" style="background: #eeeeee" | Hypotheses about issue reports | |colspan="3" style="background: #eeeeee" | '''Hypotheses about issue reports''' | ||
|- | |||
| '''H3'''. Input validation vulnerabilities result in a higher number average repository revisions than any other type of vulnerability*. | |||
| True (MWW, p<0.05) | |||
| True (MWW, p<0.05) | |||
|- | |||
|colspan="3" style="background: #eeeeee" | '''Hypotheses about prediction''' | |||
|- | |- | ||
|} | |} | ||
Revision as of 22:26, 24 August 2013
| WordPress | WikkaWiki | |
|---|---|---|
| Releases Analysed | Nine | Six |
| Security issue reports analyzed | 97 | 61 |
| Vulnerable files (over project's history) | 26% (85 / 326) | 29% (44 / 209) |
| Average number of hotspots (over project's history | 255 | 92 |
| Average percent of files having at least one hotspot | 14.2% | 8.42% |
| Hypotheses about files | ||
| H1. The more hotspots a file contains per line of code, the more likely it is that the file contains any web application vulnerability. | True (Logistic Regression, p<0.05) | True (Logistic Regression, p<0.05) |
| H2. The more hotspots a file contains, the more times that file was changed due to any kind of vulnerability (not just input validation vulnerabilities). | True (Simple Linear Regression, p<0.0001, Adjusted R2 = 0.4208) | True (Simple Linear Regression, p<0.0001, Adjusted R2 = 0.3802) |
| Hypotheses about issue reports | ||
| H3. Input validation vulnerabilities result in a higher number average repository revisions than any other type of vulnerability*. | True (MWW, p<0.05) | True (MWW, p<0.05) |
| Hypotheses about prediction | ||