A Novel Approach to Determine Software Security Level using Bayes Classifier via Static Code Metrics

Authors

  • Guncel Sarıman Muğla Sıtkı Koçman University
  • Ecir Ugur Kucuksille Süleyman Demirel Univeristy

DOI:

https://doi.org/10.5755/j01.eie.22.2.12177

Keywords:

Software metrics, software safety, Bayes methods, information security, vulnerability prediction.

Abstract

Technological developments are increasing day by day and software products are growing in an uncontrolled way. This leads to the development of applications which do not comply with principles of design. Software which has not passed security testing may put the end user into danger. During the processes of error detection and verification of developed software, static and dynamic analysis may be used. Static code analysis provides analysis in different categories while coding without code compile. Source code metrics are also within these categories. Code metrics evaluate software quality, level of risk, and interchangeability by analysing software based on those metrics. In this study, we will describe our web-based application which is developed to determine the level of security in software. In this scope, software's metric calculation method will be explained. The scoring system we used to determine the security level calculation will be explained, taking into account metric thresholds that are acceptable in the literature. Bayes Classifier Method, distinguishing risks in the project files with the analysis of uploaded sample software files, will be described. Finally, objectives of this analysis method and planned activities will be explained.

DOI: http://dx.doi.org/10.5755/j01.eie.22.2.12177

Author Biographies

Guncel Sarıman, Muğla Sıtkı Koçman University

Computing & Information Services Office,Muğla Sıtkı Koçman University, 48000, Muğla, Turkey

Ecir Ugur Kucuksille, Süleyman Demirel Univeristy

Facuty of Enginnering Computer Engineering Department

Downloads

Published

2016-03-30

How to Cite

Sarıman, G., & Kucuksille, E. U. (2016). A Novel Approach to Determine Software Security Level using Bayes Classifier via Static Code Metrics. Elektronika Ir Elektrotechnika, 22(2), 73-80. https://doi.org/10.5755/j01.eie.22.2.12177

Issue

Section

SYSTEM ENGINEERING, COMPUTER TECHNOLOGY