On the Use of Refactoring in Security Vulnerability Fixes: An Exploratory Study on Maven Libraries

Ikegami, Ayano; Kula, Raula Gaikovina; Chinthanet, Bodin; Maeprasart, Vittunyuta; Ouni, Ali; Ishio, Takashi; Matsumoto, Kenichi

doi:10.1145/3530019.3535304

Cited by 4 publications

(2 citation statements)

References 17 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The attack surface of the software system encompasses the entry, and exit points of a system, the data that is transmitted through these points, and the code that safeguards both the paths and the data [27]. The attack surface of software refers to the total number of potential entry points through which unauthorized users can attempt to input or extract data from a system or environment to compromise a system, application, device, or network [28], [29]. For example, Kurmus et al [30] highlighted that the presence of vulnerabilities in the Kernel can lead to security weaknesses and defects in various operating systems.…”

Section: B Attack Surface Of Software Systemsmentioning

confidence: 99%

“…Therefore, vulnerabilities that are associated with bypassing a restriction refer to situations where an unauthenticated party can gain access to services or read and manipulate files [50]. The study conducted by Ikegami et al [28] examined the application of refactoring techniques in addressing security vulnerabilities. The results revealed that the identified vulnerabilities within the 143 analyzed Maven libraries were successfully addressed through the implementation of refactoring techniques.…”

Section: E Effects Of Refactorings On Vulnerabilitiesmentioning

confidence: 99%

See 1 more Smart Citation

On the Impact of Refactorings on Software Attack Surface

Edward,

Nyamawe,

Elisa

2024

IEEE Access

View full text Add to dashboard Cite

Refactoring is one of the techniques mostly employed by software developers to improve the quality attributes of their systems. However, little has been done to investigate how refactoring operations specifically aimed at improving the internal structure of software can impact its security. Refactoring usually entails different code change operations including the decomposition of classes, methods, and the reallocation of code elements. While this refinement aims to improve the internal design of a system, it might inadvertently disperse security-critical code elements throughout the codebase. Consequently, such dispersion could affect the software attack surface. To this end, this paper presents an empirical study of 30 open-source software systems developed in Python, C, and Javascript. The study scrutinized two subsequent versions of each subject application to uncover the refactoring operations applied and the trend of the software attack surface. Specifically, the study focused on the injection or removal of bugs, code smells and other vulnerabilities aiming to discern the impact of refactorings on the software attack surface. Data was collected using wellknown tools, namely SonarQube, RefDiff, and PyReff. The findings suggest that refactorings can have multiple impacts (i.e., positive, negative, or neutral) on bugs, code smells, and vulnerabilities. The findings further confirm that developers must be aware of the combination or sequence of refactoring operations that can improve software quality without compromising its security.

show abstract

Section: B Attack Surface Of Software Systemsmentioning

confidence: 99%

Section: E Effects Of Refactorings On Vulnerabilitiesmentioning

confidence: 99%