A Novel Approach to Determine Software Security Level using Bayes Classifier via Static Code Metrics

Guncel Sarıman; Ecir Ugur Kucuksille

doi:10.5755/j01.eie.22.2.12177

A Novel Approach to Determine Software Security Level using Bayes Classifier via Static Code Metrics

Authors

Guncel Sarıman Muğla Sıtkı Koçman University
Ecir Ugur Kucuksille Süleyman Demirel Univeristy

DOI:

https://doi.org/10.5755/j01.eie.22.2.12177

Keywords:

Software metrics, software safety, Bayes methods, information security, vulnerability prediction.

Abstract

Technological developments are increasing day by day and software products are growing in an uncontrolled way. This leads to the development of applications which do not comply with principles of design. Software which has not passed security testing may put the end user into danger. During the processes of error detection and verification of developed software, static and dynamic analysis may be used. Static code analysis provides analysis in different categories while coding without code compile. Source code metrics are also within these categories. Code metrics evaluate software quality, level of risk, and interchangeability by analysing software based on those metrics. In this study, we will describe our web-based application which is developed to determine the level of security in software. In this scope, software's metric calculation method will be explained. The scoring system we used to determine the security level calculation will be explained, taking into account metric thresholds that are acceptable in the literature. Bayes Classifier Method, distinguishing risks in the project files with the analysis of uploaded sample software files, will be described. Finally, objectives of this analysis method and planned activities will be explained.

DOI: http://dx.doi.org/10.5755/j01.eie.22.2.12177

Author Biographies

Guncel Sarıman, Muğla Sıtkı Koçman University

Computing & Information Services Office,Muğla Sıtkı Koçman University, 48000, Muğla, Turkey
Ecir Ugur Kucuksille, Süleyman Demirel Univeristy

Facuty of Enginnering Computer Engineering Department

Downloads

Published

2016-03-30

Issue

Vol. 22 No. 2 (2016)

Section

SYSTEM ENGINEERING, COMPUTER TECHNOLOGY

License

The copyright for the paper in this journal is retained by the author(s) with the first publication right granted to the journal. The authors agree to the Creative Commons Attribution 4.0 (CC BY 4.0) agreement under which the paper in the Journal is licensed.

By virtue of their appearance in this open access journal, papers are free to use with proper attribution in educational and other non-commercial settings with an acknowledgement of the initial publication in the journal.

How to Cite

A Novel Approach to Determine Software Security Level using Bayes Classifier via Static Code Metrics. (2016). Elektronika Ir Elektrotechnika, 22(2), 73-80. https://doi.org/10.5755/j01.eie.22.2.12177