{"id":"https://openalex.org/W2062962915","doi":"https://doi.org/10.4304/jsw.8.10.2412-2424","title":"Identification and Removal of Software Security Vulnerabilities using Source Code Analysis: A Case Study on a Java File Writer Program with Password Validation Features","display_name":"Identification and Removal of Software Security Vulnerabilities using Source Code Analysis: A Case Study on a Java File Writer Program with Password Validation Features","publication_year":2013,"publication_date":"2013-09-30","ids":{"openalex":"https://openalex.org/W2062962915","doi":"https://doi.org/10.4304/jsw.8.10.2412-2424","mag":"2062962915"},"language":"en","primary_location":{"id":"doi:10.4304/jsw.8.10.2412-2424","is_oa":false,"landing_page_url":"https://doi.org/10.4304/jsw.8.10.2412-2424","pdf_url":null,"source":{"id":"https://openalex.org/S114141714","display_name":"Journal of Software","issn_l":"1796-217X","issn":["1796-217X"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310318660","host_organization_name":"Academy Publisher","host_organization_lineage":["https://openalex.org/P4310318660"],"host_organization_lineage_names":["Academy Publisher"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Journal of Software","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5022212660","display_name":"Natarajan Meghanathan","orcid":"https://orcid.org/0000-0001-8565-4086"},"institutions":[{"id":"https://openalex.org/I61937129","display_name":"Jackson State University","ror":"https://ror.org/01ecnnp60","country_code":"US","type":"education","lineage":["https://openalex.org/I4210141039","https://openalex.org/I61937129"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Natarajan Meghanathan","raw_affiliation_strings":["Jackson State University"],"affiliations":[{"raw_affiliation_string":"Jackson State University","institution_ids":["https://openalex.org/I61937129"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":1,"corresponding_author_ids":["https://openalex.org/A5022212660"],"corresponding_institution_ids":["https://openalex.org/I61937129"],"apc_list":null,"apc_paid":null,"fwci":0.4809,"has_fulltext":false,"cited_by_count":6,"citation_normalized_percentile":{"value":0.76066416,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":95},"biblio":{"volume":"8","issue":"10","first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9991000294685364,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9991000294685364,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9973000288009644,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12423","display_name":"Software Reliability and Analysis Research","score":0.994700014591217,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.9197250604629517},{"id":"https://openalex.org/keywords/java","display_name":"Java","score":0.7189741134643555},{"id":"https://openalex.org/keywords/password","display_name":"Password","score":0.6852867007255554},{"id":"https://openalex.org/keywords/source-code","display_name":"Source code","score":0.6001846790313721},{"id":"https://openalex.org/keywords/identification","display_name":"Identification (biology)","score":0.5769179463386536},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.4995121955871582},{"id":"https://openalex.org/keywords/code","display_name":"Code (set theory)","score":0.4668009877204895},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.4383930563926697},{"id":"https://openalex.org/keywords/secure-coding","display_name":"Secure coding","score":0.4221435487270355},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.3830285668373108},{"id":"https://openalex.org/keywords/software-security-assurance","display_name":"Software security assurance","score":0.3798282742500305},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.371002197265625},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.1337871253490448}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.9197250604629517},{"id":"https://openalex.org/C548217200","wikidata":"https://www.wikidata.org/wiki/Q251","display_name":"Java","level":2,"score":0.7189741134643555},{"id":"https://openalex.org/C109297577","wikidata":"https://www.wikidata.org/wiki/Q161157","display_name":"Password","level":2,"score":0.6852867007255554},{"id":"https://openalex.org/C43126263","wikidata":"https://www.wikidata.org/wiki/Q128751","display_name":"Source code","level":2,"score":0.6001846790313721},{"id":"https://openalex.org/C116834253","wikidata":"https://www.wikidata.org/wiki/Q2039217","display_name":"Identification (biology)","level":2,"score":0.5769179463386536},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.4995121955871582},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.4668009877204895},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4383930563926697},{"id":"https://openalex.org/C22680326","wikidata":"https://www.wikidata.org/wiki/Q7444867","display_name":"Secure coding","level":5,"score":0.4221435487270355},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.3830285668373108},{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.3798282742500305},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.371002197265625},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.1337871253490448},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0},{"id":"https://openalex.org/C59822182","wikidata":"https://www.wikidata.org/wiki/Q441","display_name":"Botany","level":1,"score":0.0},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.0},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.4304/jsw.8.10.2412-2424","is_oa":false,"landing_page_url":"https://doi.org/10.4304/jsw.8.10.2412-2424","pdf_url":null,"source":{"id":"https://openalex.org/S114141714","display_name":"Journal of Software","issn_l":"1796-217X","issn":["1796-217X"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310318660","host_organization_name":"Academy Publisher","host_organization_lineage":["https://openalex.org/P4310318660"],"host_organization_lineage_names":["Academy Publisher"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Journal of Software","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","score":0.5,"id":"https://metadata.un.org/sdg/16"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":28,"referenced_works":["https://openalex.org/W626067554","https://openalex.org/W1481826112","https://openalex.org/W1486481742","https://openalex.org/W1508482211","https://openalex.org/W1555744523","https://openalex.org/W1575704223","https://openalex.org/W1880262756","https://openalex.org/W1978901798","https://openalex.org/W1979786964","https://openalex.org/W2013912904","https://openalex.org/W2033539354","https://openalex.org/W2102646107","https://openalex.org/W2106371080","https://openalex.org/W2129479435","https://openalex.org/W2143244564","https://openalex.org/W2161197976","https://openalex.org/W2163575675","https://openalex.org/W2171491028","https://openalex.org/W2253113774","https://openalex.org/W4231510805","https://openalex.org/W4285719527","https://openalex.org/W6639619044","https://openalex.org/W6645193169","https://openalex.org/W6653952553","https://openalex.org/W6675573259","https://openalex.org/W6675786220","https://openalex.org/W6684109151","https://openalex.org/W6685360457"],"related_works":["https://openalex.org/W2141388993","https://openalex.org/W1978034799","https://openalex.org/W2999607548","https://openalex.org/W2292865721","https://openalex.org/W4319165526","https://openalex.org/W2956597637","https://openalex.org/W2469491375","https://openalex.org/W2293245356","https://openalex.org/W4225160120","https://openalex.org/W23486959"],"abstract_inverted_index":{"We":[0,39,109,152],"illustrate":[1,100,111],"the":[2,12,58,63,101,112,138,154,163,169,184],"use":[3,153],"of":[4,26,53,65,83,114,123,168,183],"source":[5,80,165],"code":[6,81,166],"analysis":[7,82,167],"to":[8,46,60,99,128,136,145,161,173],"identify":[9],"and":[10,35,104,181],"remove":[11,47,129,137],"following":[13],"software":[14,66,160,176],"security":[15,64],"vulnerabilities:":[16],"(i)":[17],"Hardcoded":[18,102],"Password,":[19],"(ii)":[20],"Empty":[21,105],"Password":[22],"Initialization,":[23],"(iii)":[24],"Denial":[25],"Service,":[27],"(iv)":[28],"System":[29],"Information":[30],"Leak,":[31],"(v)":[32],"Unreleased":[33],"Resource":[34],"(vi)":[36],"Path":[37],"Manipulation.":[38],"propose":[40],"one":[41,115],"or":[42,48,116],"more":[43,117],"solution":[44,134],"approaches":[45,135],"at":[49],"least":[50],"mitigate":[51],"each":[52],"these":[54],"vulnerabilities":[55,119,140],"that":[56],"have":[57],"potential":[59],"significantly":[61],"impact":[62],"programs":[67],"if":[68],"they":[69],"are":[70],"left":[71],"unattended.":[72],"In":[73],"this":[74],"context,":[75],"we":[76],"conduct":[77,162],"an":[78,130],"exhaustive":[79],"a":[84,121,125],"file":[85,170],"writer":[86,171],"program,":[87],"developed":[88],"in":[89,97],"Java,":[90],"embedded":[91],"with":[92],"features":[93],"for":[94,175],"password":[95,103,106],"validation":[96],"order":[98],"initialization":[107],"vulnerabilities.":[108,185],"also":[110,142],"occurrence":[113],"new":[118],"as":[120],"result":[122],"incorporating":[124],"patch":[126],"(code)":[127],"existing":[131],"vulnerability.":[132],"Our":[133],"above":[139],"can":[141],"be":[143],"adapted":[144],"other":[146],"high-level":[147],"programming":[148],"languages":[149],"like":[150],"C/C++.":[151],"Fortify":[155],"Source":[156],"Code":[157],"Analyzer":[158],"(SCA)":[159],"automated":[164],"program":[172],"test":[174],"security,":[177],"including":[178],"both":[179],"identification":[180],"removal":[182]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2024,"cited_by_count":1},{"year":2021,"cited_by_count":2},{"year":2020,"cited_by_count":1},{"year":2014,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}