all InfoSec news
MASC: A Tool for Mutation-Based Evaluation of Static Crypto-API Misuse Detectors. (arXiv:2308.02310v1 [cs.CR])
cs.CR updates on arXiv.org arxiv.org
While software engineers are optimistically adopting crypto-API misuse
detectors (or crypto-detectors) in their software development cycles, this
momentum must be accompanied by a rigorous understanding of crypto-detectors'
effectiveness at finding crypto-API misuses in practice. This demo paper
presents the technical details and usage scenarios of our tool, namely Mutation
Analysis for evaluating Static Crypto-API misuse detectors (MASC). We developed
$12$ generalizable, usage based mutation operators and three mutation scopes,
namely Main Scope, Similarity Scope, and Exhaustive Scope, which can be …
api crypto demo development engineers evaluation momentum practice software software development software engineers technical tool understanding