Please use this identifier to cite or link to this item:
https://hdl.handle.net/10356/76990
Title: | Empirical comparison between vulnerability detection tools | Authors: | Lee, Kian Lon | Keywords: | DRNTU::Engineering::Computer science and engineering | Issue Date: | 2019 | Abstract: | Due to an increase in open source libraries usage, organizations are concern about the security risk of using open source libraries. Software Composition Analysis tool is recommended as it is an automated tool that notifies the developers when vulnerabilities in libraries are detected. However, it is difficult for developers to choose a tool that is the most suitable for their project. Each tool uses a different database and has a different approach to detect vulnerabilities. Often, developers realize the tool is not applicable for the project after using it for quite some time. This project aims to assess and compare the accuracy of Software Composition Analysis tools in different configuration environment. Project with different configuration will be used and the result will be stored. The result will be compared to see which tool the best for each project is. This project will also try to identify and understand why false positive and negative occurs. | URI: | http://hdl.handle.net/10356/76990 | Schools: | School of Computer Science and Engineering | Rights: | Nanyang Technological University | Fulltext Permission: | restricted | Fulltext Availability: | With Fulltext |
Appears in Collections: | SCSE Student Reports (FYP/IA/PA/PI) |
Files in This Item:
File | Description | Size | Format | |
---|---|---|---|---|
FYP_LeeKianLon.pdf Restricted Access | 1.12 MB | Adobe PDF | View/Open |
Page view(s)
286
Updated on Mar 27, 2024
Download(s) 50
33
Updated on Mar 27, 2024
Google ScholarTM
Check
Items in DR-NTU are protected by copyright, with all rights reserved, unless otherwise indicated.