The Evolution of a Security Control
暂无分享,去创建一个
The evolution of security defenses in a contemporary open-source software package is considered over a twelve year period. A qualitative analysis style study is conducted that systematically analyzes security advisories, codebase revisions and related discussions. A number of phenomena emerge from this analysis that provide insights into the process of managing code-level security defenses.
[1] Simon N. Foley,et al. The Dark Side of the Code , 2015, Security Protocols Workshop.
[2] Yanyan Zhuang,et al. It's the psychology stupid: how heuristics explain software vulnerabilities and how priming can illuminate developer's blind spots , 2014, ACSAC.
[3] Fabio Massacci,et al. After-Life Vulnerabilities: A Study on Firefox Evolution, Its Vulnerabilities, and Fixes , 2011, ESSoS.
[4] Georgios Gousios,et al. Dismal Code: Studying the Evolution of Security Bugs , 2013, LASER.