{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,4,25]],"date-time":"2025-04-25T12:27:50Z","timestamp":1745584070305},"reference-count":18,"publisher":"International Academy Publishing (IAP)","issue":"10","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["JSW"],"DOI":"10.4304\/jsw.8.10.2412-2424","type":"journal-article","created":{"date-parts":[[2013,9,30]],"date-time":"2013-09-30T15:11:37Z","timestamp":1380553897000},"source":"Crossref","is-referenced-by-count":3,"title":["Identification and Removal of Software Security Vulnerabilities using Source Code Analysis: A Case Study on a Java File Writer Program with Password Validation Features"],"prefix":"10.17706","volume":"8","author":[{"given":"Natarajan","family":"Meghanathan","sequence":"first","affiliation":[]}],"member":"7163","published-online":{"date-parts":[[2013,10,1]]},"reference":[{"key":"ref1","volume-title":"B Chess and J West Secure Programming with Static Analysis","year":"2008","unstructured":"[1] B. Chess, and J. West, Secure Programming with Static Analysis, Addison Wesley, 1st Edition, Boston, MA, USA, 2008."},{"key":"ref2","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2006.64"},{"key":"ref3","first-page":"804","article-title":"Static Code Analysis to Detect Software Security Vulnerabilities \u2013 Does Experience Matter?","volume-title":"Proceedings of the IEEE International Conference on Availability Reliability and Security","author":"Baca","year":"2009","unstructured":"[3] D. Baca, \"Static Code Analysis to Detect Software Security Vulnerabilities \u2013 Does Experience Matter?,\" Proceedings of the IEEE International Conference on Availability, Reliability and Security, pp. 804-810, 2009."},{"key":"ref4","doi-asserted-by":"publisher","DOI":"10.1049\/cp:20060221"},{"key":"ref5","first-page":"286","article-title":"Learning from Software Security Testing","volume-title":"Proceedings of the International Conference on Software Testing Verification and Validation Workshop","author":"Tondel","year":"2008","unstructured":"[5] I. A. Tondel, M. G. Jaatun and J. Jensen, \"Learning from Software Security Testing,\" Proceedings of the International Conference on Software Testing Verification and Validation Workshop, pp. 286-294, 2008."},{"key":"ref6","first-page":"1","article-title":"Detecting Type Errors and Secure Coding in C\/C++ Applications","volume-title":"Proceedings of the IEEE\/ACS International Conference on Computer Systems and Applications","author":"Mcheick","year":"2010","unstructured":"[6] H. Mcheick, H. Dhiab, M. Dbouk and R. Mcheik, \"Detecting Type Errors and Secure Coding in C\/C++ Applications,\" Proceedings of the IEEE\/ACS International Conference on Computer Systems and Applications, pp. 1-9, 2010."},{"key":"ref7","first-page":"15","article-title":"Comparison of Static Code Analysis Tools","volume-title":"Proceedings of the 3rd International Conference on Emerging Security Information Systems and Technologies","author":"Mantere","year":"2009","unstructured":"[7] M. Mantere, I. Uusitalo and J. Roning, \"Comparison of Static Code Analysis Tools,\" Proceedings of the 3rd International Conference on Emerging Security Information, Systems and Technologies, pp. 15-22, 2009."},{"key":"ref8","first-page":"418","article-title":"Taxonomy of Static Code Analysis Tools","volume-title":"Proceedings of the 33rd IEEE International Conference on Information and Communication Technology Electronics and Microelectronics","author":"Novak","year":"2010","unstructured":"[8] J. Novak, A. Krajnc and R. Zontar, \"Taxonomy of Static Code Analysis Tools,\" Proceedings of the 33rd IEEE International Conference on Information and Communication Technology, Electronics and Microelectronics, pp. 418-422, 2010."},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.1109\/PRDC.2009.54"},{"key":"ref10","volume-title":"Secure Coding Principles and Practices","author":"Graff","year":"2003","unstructured":"[11] M. G. Graff, and K. R. Van Wyk, Secure Coding: Principles and Practices, O'Reilly Media, Sebastopol, CA, USA, 2003."},{"key":"ref11","volume-title":"24 Deadly Sins of Software Security Programming Flaws and How to Fix them","author":"Howard","year":"2009","unstructured":"[12] M. Howard, D. Leblanc, and J. Viega, 24 Deadly Sins of Software Security: Programming Flaws and How to Fix them, McGraw-Hill, New York City, NY, USA, 2009."},{"key":"ref12","volume-title":"How to Break Software","author":"Whittaker","year":"2002","unstructured":"[13] J. A. Whittaker, How to Break Software, Addison-Wesley, Boston, MA, USA, 2002."},{"key":"ref13","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-70545-1_36"},{"key":"ref14","first-page":"7","article-title":"Why Source Code Analysis and Manipulation will always be Important","volume-title":"Proceedings of the 10th IEEE Working Conference on Source Code Analysis and Manipulation (SCAM)","author":"Harman","year":"2010","unstructured":"[15] M. Harman, \"Why Source Code Analysis and Manipulation will always be Important,\" Proceedings of the 10th IEEE Working Conference on Source Code Analysis and Manipulation (SCAM), pp. 7-19, 2010."},{"key":"ref15","first-page":"65","article-title":"Estimating the Optimal Number of Latent Concepts in Source Code Analysis","volume-title":"Proceedings of the 10th IEEE Working Conference on Source Code Analysis and Manipulation (SCAM)","author":"Grant","year":"2010","unstructured":"[16] S. Grant and J. R. Cordy, \"Estimating the Optimal Number of Latent Concepts in Source Code Analysis,\" Proceedings of the 10th IEEE Working Conference on Source Code Analysis and Manipulation (SCAM), pp. 65-74, 2010."},{"key":"ref16","first-page":"993","article-title":"Latent Dirichlet Allocation","volume":"3","author":"Blei","year":"2003","unstructured":"[17] D. M. Blei, A. Y. Ng, and M. I. Jordan, \"Latent Dirichlet Allocation,\" The Journal of Machine Learning Research, vol. 3, pp. 993-1022, March 2003.","journal-title":"J Mach Learn Res","ISSN":"http:\/\/id.crossref.org\/issn\/1532-4435","issn-type":"print"},{"key":"ref17","volume-title":"The CERT C Secure Coding Standard","author":"Seacord","year":"2009","unstructured":"[19] R. C. Seacord, The CERT C Secure Coding Standard, Addison-Wesley Professional, 2009."},{"key":"ref18","volume-title":"Secure Coding in C and C","author":"Seacord","year":"2006","unstructured":"[20] R. C. Seacord, Secure Coding in C and C++, Addison-Wesley Professional, 2006."}],"container-title":["Journal of Software"],"original-title":[],"deposited":{"date-parts":[[2015,9,15]],"date-time":"2015-09-15T11:24:01Z","timestamp":1442316241000},"score":1,"resource":{"primary":{"URL":"http:\/\/ojs.academypublisher.com\/index.php\/jsw\/article\/view\/9367"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2013,10,1]]},"references-count":18,"journal-issue":{"issue":"10","published-online":{"date-parts":[[2013,10,1]]}},"URL":"https:\/\/doi.org\/10.4304\/jsw.8.10.2412-2424","relation":{},"ISSN":["1796-217X"],"issn-type":[{"value":"1796-217X","type":"print"}],"subject":[],"published":{"date-parts":[[2013,10,1]]}}}