Using Temporal Networks to Find the Influencer Node of the Buggy Sites in the Code Communities
Abstract
The cyber-attacks have increased, and with everything going digital, data theft has become a significant issue. This raises an alarm on the security of the source code. Sometimes, to release products early, the security of the code is compromised. Static analysis tools can help in finding possible security issues. Identifying and fixing the security issues may overwhelm the software developers. This process of "fixing" the errors or securing the code may take a lot of time, and the product may be released before all the errors are fixed. But these vulnerabilities in the source code may cost millions of dollars in case of a data breach. It is important to fix the security issues in the source code before releasing the product. This leads to the question of how to fix errors quickly so products can be rolled out with fewer security issues? A possible solution is to use temporal networks to find the influencer nodes in the source code. If these influencer variables are fixed, the connected security issues depending on the influencer in the community (functions) will also get fixed. The research question of the study: Can we identify the influencer node of the buggy site in the source code using temporal networks (K-tool) if the buggy sites present in the source code are identified using static analysis? The study also aims to know if it is faster to find the influencer node using the K-tool than the betweenness centrality algorithm. This research is an "Applied research" and will target the code written in C programming language. Possible vulnerabilities that can be fixed include "Integer Overflow", "Out of bounds", and "Buffer overflow." In the future, we plan to extend to other errors such as "Improper input validation." In this research, we will discuss how we can find the influencer node of the vulnerability (buggy site) in the source code after running the static analysis. Fixing this influencer node will fix the remaining errors pointed out by the static analysis. This will help in reducing the number of fixes to be done in the source code so that the product can be rolled out faster with less security issues.
Degree
M.Sc.
Advisors
Springer, Purdue University.
Subject Area
Computer science
Off-Campus Purdue Users:
To access this dissertation, please log in to our
proxy server.