An empirical study to improve software security through the application of code refactoring

Mumtaz, Haris; Alshayeb, Mohammad; Mahmood, Sajjad; Niazi, Mahmood

doi:10.1016/j.infsof.2017.11.010

Cited by 45 publications

(33 citation statements)

References 15 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Before appropriate refactoring is applied, the user validates the refactoring tags. Mumtaz et al evaluated how refactoring can be used to improve the software security at code level [13]. Ruland et al proposed a method to maximize strictness of declared accessibility of class members [14].…”

Section: B Bad Smell Detection Techniquesmentioning

confidence: 99%

See 1 more Smart Citation

Improving the Security of UML Sequence Diagram Using Genetic Algorithm

et al. 2020

Self Cite

View full text Add to dashboard Cite

A sequence diagram is a modeling approach for visualizing the behavioral execution of a system. The objective of this research is to investigate the problem of security in a behavioral model (sequence diagram) through the application of model refactoring. We propose detection and correction techniques, empirical evaluation of the proposed techniques and assessment of security improvement in sequence diagrams. The detection of security bad smells is achieved through the adaptation of a genetic algorithm, while correction is accomplished by the model transformation approach. The results show significant detection recall and correction efficacy of the proposed detection and correction approaches, respectively. Our results show that the proposed approach is effective in detecting and correcting bad smells and can improve the security of UML Sequence Diagram.

show abstract

Section: B Bad Smell Detection Techniquesmentioning

confidence: 99%

“…This work fills these gaps by providing detection and correction approaches to respectively identify and remove security bad smells in sequence diagrams. The work presented in this paper was conducted as part of an MSc thesis [8].…”

Section: Introductionmentioning

confidence: 99%

Improving the Security of UML Sequence Diagram Using Genetic Algorithm

et al. 2020

Self Cite

View full text Add to dashboard Cite

show abstract

“…It contains the set of statements and control predicts that were affected by the computation of the slicing criterion. The Slicing criteria are the same as in backward slicing (V, L) [9,10], [13][14][15][16].…”

Section: Related Workmentioning

confidence: 99%

A proposed forward clause slicing application

Awad

Abdallah

Tamimi

et al. 2019

IJEECS

View full text Add to dashboard Cite

The Clause slicing technique is static slicing techniques which also have forward and backward slicing methods. The Clause slice criteria are the clause and the clause number. In this paper, we have discussed the Clauser tool the forward clause slicing tool introduce some improvements to it. The Clauser mechanism divides the program code statement into clauses, depending on clause slicing rules, identifies the variables and built-in functions, then slices the clauses regarding the slice criterion that was entered by the user. Comparing to other static slicing techniques the clause slicing is more accurate and precise because it considers all the code in micro-level, where it focuses on every syntax in the code. The Clauser still needs to be enhanced to slice more code features.

show abstract

“…During our experience setting up and deploying this platform, we have faced up the need to check the security provided by this open source platform in order to reduce potential vulnerabilities. In fact, code refactoring practices such as removing code bad smells [16] are used in this context, and a prototype is described in order to identify potential threats based on pattern matching. According to [16], code bad smell indicates design flaws that can degrade the quality of software and can potentially lead to the introduction of faults .…”

Section: Introductionmentioning

confidence: 99%

Assessing source code vulnerabilities in a cloud‐based system for health systems: OpenNCP

2019

View full text Add to dashboard Cite

Healthcare systems have been improved in order to provide support to cross-border situations where one citizen from one country travels to another country and requires the use of their health records. Several initiatives have been carried out to tackle this problem. This is the case for the OpenNCP which is supported by the European Commission by providing a common network and an infrastructure to connect different national healthcare systems which most of the times are cloud-based systems. The OpenNCP plays a key role in communicating health records among European Union's member states, and therefore it manages sensitive information. Therefore, this study provides a security analysis of this platform and a prototype is developed for identifying secure patterns in source code.

show abstract

An empirical study to improve software security through the application of code refactoring

Cited by 45 publications

References 15 publications

Improving the Security of UML Sequence Diagram Using Genetic Algorithm

Improving the Security of UML Sequence Diagram Using Genetic Algorithm

A proposed forward clause slicing application

Assessing source code vulnerabilities in a cloud‐based system for health systems: OpenNCP

Contact Info

Product

Resources

About