Conversational Code Analysis: The Future of Secure Coding

05/07/2021
by   Fitzroy D. Nembhard, et al.
0

The area of software development and secure coding can benefit significantly from advancements in virtual assistants. Research has shown that many coders neglect security in favor of meeting deadlines. This shortcoming leaves systems vulnerable to attackers. While a plethora of tools are available for programmers to scan their code for vulnerabilities, finding the right tool can be challenging. It is therefore imperative to adopt measures to get programmers to utilize code analysis tools that will help them produce more secure code. This chapter looks at the limitations of existing approaches to secure coding and proposes a methodology that allows programmers to scan and fix vulnerabilities in program code by communicating with virtual assistants on their smart devices. With the ubiquitous move towards virtual assistants, it is important to design systems that are more reliant on voice than on standard point-and-click and keyboard-driven approaches. Consequently, we propose MyCodeAnalyzer, a Google Assistant app and code analysis framework, which was designed to interactively scan program code for vulnerabilities and flaws using voice commands during development. We describe the proposed methodology, implement a prototype, test it on a vulnerable project and present our results.

READ FULL TEXT

page 5

page 7

page 8

page 10

research
05/23/2018

Evaluation of Static Analysis Tools for Finding Vulnerabilities in Java and C/C++ Source Code

It is quite common for security testing to be delayed until after the so...
research
08/06/2021

A Smart and Defensive Human-Machine Approach to Code Analysis

Static analysis remains one of the most popular approaches for detecting...
research
02/10/2021

Is Secure Coding Education in the Industry Needed? An Investigation Through a Large Scale Survey

The Department of Homeland Security in the United States estimates that ...
research
12/24/2020

Implementation of Security Features in Software Development Phases

Security holds an important role in a software. Most people are not awar...
research
05/12/2022

Conversational DevBots for Secure Programming: An Empirical Study on SKF Chatbot

Conversational agents or chatbots are widely investigated and used acros...
research
09/28/2022

Does Collaborative Editing Help Mitigate Security Vulnerabilities in Crowd-Shared IoT Code Examples?

Background: With the proliferation of crowd-sourced developer forums, so...
research
01/06/2021

Design of Secure Coding Challenges for Cybersecurity Education in the Industry

According to a recent survey with more than 4000 software developers, le...

Please sign up or login with your details

Forgot password? Click here to reset