Effective Application of Artificial Intelligence Techniques in Security Risk Assessment and Dependency Analysis of Open Source Components

[1] Samuel, B. M., Bala, H., Daniel, S. L., & Ramesh, V. (2022). Deconstructing the nature of collaboration in organizations open source software development: the impact of developer and task characteristics. IEEE Transactions on Software Engineering. Search in Google Scholar

[2] Lee, S., Baek, H., & Oh, S. (2020). The role of openness in open collaboration: a focus on open‐source software development projects. ETRI Journal, 42. Search in Google Scholar

[3] Yang, C. (2021). An open-source workflow for spatiotemporal studies with covid-19 as an example. ISPRS International Journal of Geo-Information, 11. Search in Google Scholar

[4] Perrot, YannickBrehmer, PatriceHabasque, JeremieRoudaut, GildasBehagle, NolwennSarre, Abdoulaye Lebourges-Dhaussy, Anne. (2018). Matecho: an open-source tool for processing fisheries acoustics data. Acoustics Australia, 46(2). Search in Google Scholar

[5] Bosu, A., Carver, J. C., Bird, C., Orbeck, J., & Chockley, C. (2017). Process aspects and social dynamics of contemporary code review: insights from open source development and industrial practice at microsoft. IEEE Transactions on Software Engineering. Search in Google Scholar

[6] Rasi, C., Nilsson, D., Magnusson, M., Lesko, N., Kristina Lagerstedt‐Robinson, & Wedell, A., et al. (2022). Patientmatcher: a customizable python‐based open‐source tool for matching undiagnosed rare disease patients via the matchmaker exchange network. Human mutation(6), 43. Search in Google Scholar

[7] Bader, D. A. (2021). Interactive graph stream analytics in arkouda. Algorithms, 14. Search in Google Scholar

[8] Read, E. K., Carr, L., De Cicco, L., Dugan, H. A., Hanson, P. C., & Hart, J. A., et al. (2017). Water quality data for national-scale aquatic research: the water quality portal. Water Resources Research, 53(2), 1735-1745. Search in Google Scholar

[9] Srikanth, N., & Kannappan, L. (2021). Open-source code-based tidal modeling of tropical and temperate waters. Frontiers in Energy Research, 9, 550877. Search in Google Scholar

[10] Mansfield-Devine, & Steve. (2018). Open source and the internet of things. Network Security, 2018(2), 14-19. Search in Google Scholar

[11] Murray, D. (2020). Open source and security: why transparency now equals strength. Network Security, 2020( 7), 17-19. Search in Google Scholar

[12] Savage, N. (2023). Locking down secure open source software. Communications of the ACM. Search in Google Scholar

[13] Silic, M., & Back, A. (2017). Open source software adoption: lessons from linux in munich. IT Professional. Search in Google Scholar

[14] Shen, G., Wang, W., Mu, Q., Pu, Y., Qin, Y., & Yu, M. (2020). Data-driven cybersecurity knowledge graph construction for industrial control system security. Wireless Communications and Mobile Computing. Search in Google Scholar

[15] Mackey, & Tim. (2018). Building open source security into agile application builds. Network Security, 2018(4), 5-8. Search in Google Scholar

[16] Tschannen, P., & Ahmed, A. (2020). Bitcoin’s apis in open-source projects: security usability evaluation. Electronics, 9(7), 1077. Search in Google Scholar

[17] Dashevskyi, S., Brucker, A. D., & Massacci, F. (2018). On the Effort for Security Maintenance of Open Source Components. Workshop on the Economics of Information Security. Search in Google Scholar

[18] Kaur, A., & Nayyar, R. (2020). A comparative study of static code analysis tools for vulnerability detection in c/c++ and java source code. Procedia Computer Science, 171, 2023-2029. Search in Google Scholar

[19] Semasaba, A. O. A., Zheng, W., Wu, X., & Agyemang, S. A. (2020). Literature survey of deep learning-based vulnerability analysis on source code. IET Software, 14(6), 654-664. Search in Google Scholar

[20] Kumar, V., Jha, R. K., & Jain, S. (2020). Nb-iot security: a survey. Wireless Personal Communications, 113(3), 1-48. Search in Google Scholar

[21] Ahmadon, M. A. B., Yamaguchi, S., & Gupta, B. B. (2018). Petri net-based verification of security protocol implementation in software evolution. International Journal of Embedded Systems, 10(6). Search in Google Scholar

[22] Julian, T., Khin, S. L., Domenico, B., & Lionel, B. (2017). An integrated approach for effective injection vulnerability analysis of web applications through security slicing and hybrid constraint solving. IEEE Transactions on Software Engineering, PP, 1-1. Search in Google Scholar

[23] Zeng, P., Lin, G., Zhang, J., & Zhang, Y. (2023). Intelligent detection of vulnerable functions in software through neural embedding-based code analysis. International journal of network management. Search in Google Scholar

[24] Liu, W., Wang, Y., Sun, D., Ren, P., & Liu, K. (2017). Login authentication vulnerability mining and improved login authentication method based on an open source intelligent terminal. Journal of Tsinghua University, 57(9), 897-902. Search in Google Scholar

Sprache:: Englisch

Zeitrahmen der Veröffentlichung:: 1 Hefte pro Jahr
Fachgebiete der Zeitschrift:: Biologie, Biologie, andere, Mathematik, Angewandte Mathematik, Mathematik, Allgemeines, Physik, Physik, andere

Zeitschrift RSS Feed

Effective Application of Artificial Intelligence Techniques in Security Risk Assessment and Dependency Analysis of Open Source Components

Jian Hu

Zhiyu Zhao

Feilu Hang

Jun Yin

Online veröffentlicht: 31. Jan. 2024

Eingereicht: 11. Dez. 2023

Akzeptiert: 20. Dez. 2023

DOI: https://doi.org/10.2478/amns-2024-0040

SchlüsselwörterDQN-LightGBM model, TextACBL model, Open source components, Risk assessment, Dependency analysis

© 2024 Jian Hu et al., published by Sciendo

This work is licensed under the Creative Commons Attribution 4.0 International License.

Schlüsselwörter
DQN-LightGBM model, TextACBL model, Open source components, Risk assessment, Dependency analysis