Software Composition Analysis for Vulnerability Detection: An Empirical Study on Java Projects.
Lida ZhaoSen ChenZhengzi XuChengwei LiuLyuye ZhangJiahui WuJun SunYang LiuPublished in: ESEC/SIGSOFT FSE (2023)
Keyphrases
- automatic analysis
- analysis tool
- software development
- web services
- information systems
- open source
- source code
- software projects
- automatic detection
- mining software repositories
- automated analysis
- software tools
- detection rate
- false positives
- computer systems
- web applications
- user interface
- data analysis
- high level
- case study