Improving security using extensible lightweight static analysis
نویسندگان
چکیده
منابع مشابه
Improving Security Using Extensible Lightweight Static Analysis
0 7 4 0 7 4 5 9 / 0 2 / $ 1 7 . 0 0 © 2 0 0 2 I E E E education, better interface design, and security-conscious defaults. With software implementation flaws, however, the problems are typically both preventable and well understood. Analyzing reports of security attacks quickly reveals that most attacks do not result from clever attackers discovering new kinds of flaws, but rather stem from rep...
متن کاملImproving Software Assurance Using Lightweight Static Analysis
Gopalakrishna Rajeev. Ph.D., Purdue University, May, 2006. Improving Software Assurance Using Lightweight Static Analysis. Major Professors: Prof. Eugene H. Spafford and Prof. Jan Vitek. Software assurance is of paramount importance given the increasing impact of software on our lives. This dissertation describes research that explores two techniques to improve software assurance: a runtime app...
متن کاملFindings Security Errors in Java Applications Using Lightweight Static Analysis
Application security is becoming increasingly important in Java. In this paper, we focus on security issues that frequently occur in enterprise Java components. We describe two commonly violated security patterns and show how such violations can be prevented with static analysis of the application source. We describe our techniques and experimentally evaluate them on a set of 10 large open-sour...
متن کاملImproving Computer Security Using Extended Static Checking
We describe a method for finding security flaws in source code by way of static analysis. The method is notable because it allows a user to specify a wide range of security properties while also leveraging a set of predefined common flaws. It works by using an automated theorem prover to analyze verification conditions generated from C source code and a set of specifications that define securit...
متن کاملIntegrating Static Analysis Tools for Improving Operating System Security
Static analysis approach is widely used for detecting vulnerabilities within the code before the execution. C/C++ programming languages consist of highest number of vulnerabilities of which buffer overflow is the highest rated. Of all static analysis tools available none has enabled to detect all the vulnerabilities. Hence, we have proposed an integrated approach using two open-source static an...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: IEEE Software
سال: 2002
ISSN: 0740-7459
DOI: 10.1109/52.976940