{"created":"2025-01-19T01:13:37.718917+00:00","updated":"2025-01-19T17:24:53.396218+00:00","metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:00212695","sets":["6164:6165:6522:10650"]},"path":["10650"],"owner":"44499","recid":"212695","title":["A Framework for Automatic Detection of Vulnerabilities in Human-Machine Pair Programming"],"pubdate":{"attribute_name":"公開日","attribute_value":"2021-08-30"},"_buckets":{"deposit":"e9dfe3d1-c32c-4f6b-82f8-8451e4707718"},"_deposit":{"id":"212695","pid":{"type":"depid","value":"212695","revision_id":0},"owners":[44499],"status":"published","created_by":44499},"item_title":"A Framework for Automatic Detection of Vulnerabilities in Human-Machine Pair Programming","author_link":["543026","543031","543030","543029","543027","543028"],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"A Framework for Automatic Detection of Vulnerabilities in Human-Machine Pair Programming"},{"subitem_title":"A Framework for Automatic Detection of Vulnerabilities in Human-Machine Pair Programming","subitem_title_language":"en"}]},"item_keyword":{"attribute_name":"キーワード","attribute_value_mlt":[{"subitem_subject":"安全性・セキュリティ","subitem_subject_scheme":"Other"}]},"item_type_id":"18","publish_date":"2021-08-30","item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"eng"}]},"item_18_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"Hiroshima University"},{"subitem_text_value":"Hiroshima University"},{"subitem_text_value":"Hiroshima University"}]},"item_18_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"Hiroshima University","subitem_text_language":"en"},{"subitem_text_value":"Hiroshima University","subitem_text_language":"en"},{"subitem_text_value":"Hiroshima University","subitem_text_language":"en"}]},"item_publisher":{"attribute_name":"出版者","attribute_value_mlt":[{"subitem_publisher":"情報処理学会","subitem_publisher_language":"ja"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/212695/files/IPSJ-SES2021022.pdf","label":"IPSJ-SES2021022.pdf"},"date":[{"dateType":"Available","dateValue":"2023-08-30"}],"format":"application/pdf","billing":["billing_file"],"filename":"IPSJ-SES2021022.pdf","filesize":[{"value":"919.4 kB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"660","billingrole":"5"},{"tax":["include_tax"],"price":"330","billingrole":"6"},{"tax":["include_tax"],"price":"0","billingrole":"12"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_date","version_id":"806e047e-03dd-4ba8-a6d2-947eb985f072","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2021 by the Information Processing Society of Japan"}]},"item_18_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Pingyan, Wang"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Shaoying, Liu"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Ai, Liu"}],"nameIdentifiers":[{}]}]},"item_18_creator_6":{"attribute_name":"著者名(英)","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Pingyan, Wang","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Shaoying, Liu","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Ai, Liu","creatorNameLang":"en"}],"nameIdentifiers":[{}]}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_5794","resourcetype":"conference paper"}]},"item_18_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"In order to mitigate the severe consequences of security threats, many software-based systems are endeavoring to detect security vulnerabilities as early as possible in the software life cycle. In this paper, we present a framework for systematically detecting and mitigating potential security vulnerabilities during the construction of programs using a particular programming paradigm known as Human-Machine Pair Programming. The framework allows developers to address the vulnerability problem in the coding phase rather than fix it at a high price when the system is in operation. Our framework advocates three critical steps: (1) generate an attack tree to model a specific security threat, (2) construct code-matching patterns based on the result of the attack tree analysis, and (3) detect corresponding vulnerable code based on the patterns during the program construction. We also present a case study to demonstrate how it works in practice.","subitem_description_type":"Other"}]},"item_18_description_8":{"attribute_name":"論文抄録(英)","attribute_value_mlt":[{"subitem_description":"In order to mitigate the severe consequences of security threats, many software-based systems are endeavoring to detect security vulnerabilities as early as possible in the software life cycle. In this paper, we present a framework for systematically detecting and mitigating potential security vulnerabilities during the construction of programs using a particular programming paradigm known as Human-Machine Pair Programming. The framework allows developers to address the vulnerability problem in the coding phase rather than fix it at a high price when the system is in operation. Our framework advocates three critical steps: (1) generate an attack tree to model a specific security threat, (2) construct code-matching patterns based on the result of the attack tree analysis, and (3) detect corresponding vulnerable code based on the patterns during the program construction. We also present a case study to demonstrate how it works in practice.","subitem_description_type":"Other"}]},"item_18_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicPageEnd":"136","bibliographic_titles":[{"bibliographic_title":"ソフトウェアエンジニアリングシンポジウム2021論文集"}],"bibliographicPageStart":"129","bibliographicIssueDates":{"bibliographicIssueDate":"2021-08-30","bibliographicIssueDateType":"Issued"},"bibliographicVolumeNumber":"2021"}]},"relation_version_is_last":true,"weko_creator_id":"44499"},"id":212695,"links":{}}