Abstract:
Patches detect and fix one-day vulnerabilities. Collecting many security patches from diverse data sources is difficult. Each data source provides vulnerability information differently, and many security patches cannot be directly collected from Common Vulnerabilities and Exposures (CVE) information (e.g., National Vulnerability Database (NVD) references). This paper proposes a high-coverage method for collecting known security patches from multiple data sources. We focused on repositories (GitHub), issue trackers (Bugzilla), and Q&A sites (Stack Overflow). We collect security patches that cannot be collected using CVE information from data sources. Our experiments collected 12,432 CVE patches from repositories and issue trackers and 12,458 insecure Q&A posts. Our method collected four times more CVE patches than other methods. To detect vulnerable code clones, IoTcube hosts a database of security patches.
Note: Please discuss with our team before submitting this abstract to the college. This Abstract or Synopsis varies based on student project requirements.
Did you like this final year project?
To download this project Code with thesis report and project training... Click Here
