{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,28]],"date-time":"2025-10-28T05:54:16Z","timestamp":1761630856707,"version":"3.37.3"},"reference-count":13,"publisher":"Wiley","license":[{"start":{"date-parts":[[2019,3,3]],"date-time":"2019-03-03T00:00:00Z","timestamp":1551571200000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"name":"National Key R&D Program of China","award":["2016YFB0800700","61802332","61807028","61772449","61772451","61572420","61472341","F2016203330"],"award-info":[{"award-number":["2016YFB0800700","61802332","61807028","61772449","61772451","61572420","61472341","F2016203330"]}]},{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["2016YFB0800700","61802332","61807028","61772449","61772451","61572420","61472341","F2016203330"],"award-info":[{"award-number":["2016YFB0800700","61802332","61807028","61772449","61772451","61572420","61472341","F2016203330"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["2016YFB0800700","61802332","61807028","61772449","61772451","61572420","61472341","F2016203330"],"award-info":[{"award-number":["2016YFB0800700","61802332","61807028","61772449","61772451","61572420","61472341","F2016203330"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["2016YFB0800700","61802332","61807028","61772449","61772451","61572420","61472341","F2016203330"],"award-info":[{"award-number":["2016YFB0800700","61802332","61807028","61772449","61772451","61572420","61472341","F2016203330"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["2016YFB0800700","61802332","61807028","61772449","61772451","61572420","61472341","F2016203330"],"award-info":[{"award-number":["2016YFB0800700","61802332","61807028","61772449","61772451","61572420","61472341","F2016203330"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["2016YFB0800700","61802332","61807028","61772449","61772451","61572420","61472341","F2016203330"],"award-info":[{"award-number":["2016YFB0800700","61802332","61807028","61772449","61772451","61572420","61472341","F2016203330"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["2016YFB0800700","61802332","61807028","61772449","61772451","61572420","61472341","F2016203330"],"award-info":[{"award-number":["2016YFB0800700","61802332","61807028","61772449","61772451","61572420","61472341","F2016203330"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100003787","name":"Natural Science Foundation of Hebei Province","doi-asserted-by":"publisher","award":["2016YFB0800700","61802332","61807028","61772449","61772451","61572420","61472341","F2016203330"],"award-info":[{"award-number":["2016YFB0800700","61802332","61807028","61772449","61772451","61572420","61472341","F2016203330"]}],"id":[{"id":"10.13039\/501100003787","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Security and Communication Networks"],"published-print":{"date-parts":[[2019,3,3]]},"abstract":"<jats:p>Buffer overflow vulnerability is the most common and serious type of vulnerability in software today, as network security issues have become increasingly critical. To alleviate the security threat, many vulnerability mining methods based on static and dynamic analysis have been developed. However, the current analysis methods have problems regarding high computational time, low test efficiency, low accuracy, and low versatility. This paper proposed a software buffer overflow vulnerability prediction method by using software metrics and a<jats:italic> decision tree <\/jats:italic>algorithm. First, the software metrics were extracted from the software source code, and data from the dynamic data stream at the functional level was extracted by a data mining method. Second, a model based on a<jats:italic> decision tree<\/jats:italic> algorithm was constructed to measure multiple types of buffer overflow vulnerabilities at the functional level. Finally, the experimental results showed that our method ran in less time than<jats:italic> SVM, Bayes, adaboost, and random forest<\/jats:italic> algorithms and achieved 82.53% and 87.51% accuracy in two different data sets. The method presented in this paper achieved the effect of accurately predicting software buffer overflow vulnerabilities in C\/C++ and Java programs.<\/jats:p>","DOI":"10.1155\/2019\/8391425","type":"journal-article","created":{"date-parts":[[2019,3,3]],"date-time":"2019-03-03T18:35:27Z","timestamp":1551638127000},"page":"1-13","source":"Crossref","is-referenced-by-count":13,"title":["A Buffer Overflow Prediction Approach Based on Software Metrics and Machine Learning"],"prefix":"10.1155","volume":"2019","author":[{"given":"Jiadong","family":"Ren","sequence":"first","affiliation":[{"name":"School of Information Science and Engineering, Yanshan University, Qinhuangdao, Hebei, China"},{"name":"The Key Laboratory for Computer Virtual Technology and System Integration of Hebei Province, Qinhuangdao City 066004, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-9085-4277","authenticated-orcid":true,"given":"Zhangqi","family":"Zheng","sequence":"additional","affiliation":[{"name":"School of Information Science and Engineering, Yanshan University, Qinhuangdao, Hebei, China"},{"name":"The Key Laboratory for Computer Virtual Technology and System Integration of Hebei Province, Qinhuangdao City 066004, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Qian","family":"Liu","sequence":"additional","affiliation":[{"name":"School of Information Science and Engineering, Yanshan University, Qinhuangdao, Hebei, China"},{"name":"The Key Laboratory for Computer Virtual Technology and System Integration of Hebei Province, Qinhuangdao City 066004, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Zhiyao","family":"Wei","sequence":"additional","affiliation":[{"name":"School of Information Science and Engineering, Yanshan University, Qinhuangdao, Hebei, China"},{"name":"The Key Laboratory for Computer Virtual Technology and System Integration of Hebei Province, Qinhuangdao City 066004, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Huaizhi","family":"Yan","sequence":"additional","affiliation":[{"name":"Beijing Key Laboratory of Software Security Engineering Technique, Beijing Institute of Technology, South Zhongguancun Street, Haidian District, Beijing 100081, China"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"311","reference":[{"year":"2014","key":"2"},{"key":"4","doi-asserted-by":"publisher","DOI":"10.1016\/j.sysarc.2010.06.003"},{"first-page":"20","volume-title":"A methodology for the automated identification of buffer overflow vulnerabilities in executable software without source-code","year":"2005","key":"7"},{"key":"9","doi-asserted-by":"publisher","DOI":"10.1134\/S0361768817050024"},{"issue":"1","key":"10","first-page":"1","volume":"7","year":"2016","journal-title":"Journal of Cryptographic Engineering"},{"issue":"8","key":"11","first-page":"2002","volume":"e99d","year":"2016","journal-title":"IEICE Transaction on Information and Systems"},{"issue":"5","key":"13","first-page":"622","volume":"15","year":"2014","journal-title":"Journal of Information Engineering University"},{"issue":"1","key":"15","first-page":"1","volume":"99","year":"2017","journal-title":"IEEE Transactions on Reliability"},{"key":"16","doi-asserted-by":"publisher","DOI":"10.1016\/j.compeleceng.2018.02.043"},{"key":"17","doi-asserted-by":"publisher","DOI":"10.1109\/TR.2013.2257052"},{"issue":"3, article 356","key":"18","volume":"40","year":"1984","journal-title":"Biometrics"},{"year":"2001","key":"19"},{"key":"20","doi-asserted-by":"publisher","DOI":"10.1109\/TPAMI.2005.159"}],"container-title":["Security and Communication Networks"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/downloads.hindawi.com\/journals\/scn\/2019\/8391425.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/downloads.hindawi.com\/journals\/scn\/2019\/8391425.xml","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/downloads.hindawi.com\/journals\/scn\/2019\/8391425.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,3,3]],"date-time":"2019-03-03T18:35:31Z","timestamp":1551638131000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.hindawi.com\/journals\/scn\/2019\/8391425\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019,3,3]]},"references-count":13,"alternative-id":["8391425","8391425"],"URL":"https:\/\/doi.org\/10.1155\/2019\/8391425","relation":{},"ISSN":["1939-0114","1939-0122"],"issn-type":[{"type":"print","value":"1939-0114"},{"type":"electronic","value":"1939-0122"}],"subject":[],"published":{"date-parts":[[2019,3,3]]}}}