On the Impact of Refactorings on Software Attack Surface

dc.contributor.authorEdward, E.
dc.contributor.authorNyamawe, A. S.
dc.contributor.authorElisa, N.
dc.date.accessioned2024-08-31T02:30:14Z
dc.date.available2024-08-31T02:30:14Z
dc.date.issued2024
dc.descriptionAbstract. Full-text available at https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=10536085
dc.description.abstractRefactoring is one of the techniques mostly employed by software developers to improve thequality attributes of their systems. However, little has been done to investigate how refactoring operations specifically aimed at improving the internal structure of software can impact its security. Refactoring usually entails different code change operations including the decomposition of classes, methods, and the reallocation of code elements. While this refinement aims to improve the internal design of a system, it might inadvertently disperse security-critical code elements throughout the codebase. Consequently, such dispersion could affect the software attack surface. To this end, this paper presents an empirical study of 30 open-source software systems developed in Python, C, and Javascript. The study scrutinized two subsequent versions of each subject application to uncover the refactoring operations applied and the trend of the software attack surface. Specifically, the study focused on the injection or removal of bugs, code smells and other vulnerabilities aiming to discern the impact of refactorings on the software attack surface. Data was collected using wellknown tools, namely SonarQube, RefDiff, and PyReff. The findings suggest that refactorings can have multiple impacts (i.e., positive, negative, or neutral) on bugs, code smells, and vulnerabilities. The findings further confirm that developers must be aware of the combination or sequence of refactoring operations that can improve software quality without compromising its security.
dc.identifier.citationEdward, E., Nyamawe, A. S., & Elisa, N. (2024). On the impact of refactorings on software attack surface. IEEE Access.
dc.identifier.doi10.1109/access.2024.3404058
dc.identifier.otherURL: https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=10536085
dc.identifier.urihttps://repository.udom.ac.tz/handle/20.500.12661/4921
dc.language.isoen
dc.publisherInstitute of Electrical and Electronics Engineers (IEEE)
dc.relation.ispartofIEEE Access
dc.subjectAttack Surface
dc.subjectBugs
dc.subjectCode Smells
dc.subjectRefactoring
dc.subjectVulnerabilities
dc.titleOn the Impact of Refactorings on Software Attack Surface
dc.typeArticle
Files
Original bundle
Now showing 1 - 1 of 1
Loading...
Thumbnail Image
Name:
Estomii, E. On the Impact of Refactorings on Software Attack Surface.pdf
Size:
6.78 KB
Format:
Adobe Portable Document Format
License bundle
Now showing 1 - 1 of 1
No Thumbnail Available
Name:
license.txt
Size:
1.71 KB
Format:
Item-specific license agreed upon to submission
Description:
Collections