Vulnerability Detection in Open Source Software: The Cure and the Cause

Research output: Book/ReportOther report

769 Downloads (Pure)


Most companies do not have a reliable way of being notified when zero-day vulnerabilities are found, or when patches are made available. This means that attack vectors in Open Source Software (OSS) exist longer than they should. This paper discusses the cause of OSS vulnerabilities, why they are a major issue, and how they may be mitigated.
Original languageEnglish
PublisherQueen's University Belfast
Number of pages5
Publication statusUnpublished - 2017



  • Open Source
  • Information Security
  • Vulnerability Profiling
  • static analysis
  • dynamic analysis
  • software assurance
  • machine le

Cite this