摘要
针对使用单一检测工具进行软件脆弱性分析,存在较高误报率、漏报率和重报率的问题,研究和设计一个基于多检测工具的软件脆弱性分析模型。该模型通过对不同检测工具的集成,对不同检测结果的优化处理,有效地降低了检测工具的误报率、漏报率和重报率。基于该模型设计一个实例,对其实用性和有效性进行验证,结果表明,经过多层次等级处理,有效降低了误报率、漏报率和重报率。
To cope with the problem of high false negatives, false positives and repeated rate in the analysis of software vulnerabilities with single detection tool, we study and design an analysis model of software vulnerability which is based on multiple detection tools. With the integration of different detection tools and the optimised processing on different detection results, the model effectively reduces the false negatives, false positives and repeated rate of the detection tools. To verify the practicality and effectiveness of this model, we design an example based on it. The results show that after the multilevel hierarchical processing, the false negatives, false positives and repeated rate have been reduced effectively.
出处
《计算机应用与软件》
CSCD
北大核心
2014年第7期21-23,54,共4页
Computer Applications and Software
关键词
检测工具
软件脆弱性
多层次处理
误报率
Detection tool
Software vulnerability
Multilevel processing
False negatives