Manipulating Program Functionality to Eliminate Security Vulnerabilities
نویسنده
چکیده
Security vulnerabilities can be seen as excess undesirable functionality present in a software system. We present several mechanisms that can either excise or change system functionality in ways that may 1) eliminate security vulnerabilities while 2) enabling the system to continue to deliver acceptable service.
منابع مشابه
Automata-based symbolic string analysis for vulnerability detection
Verifying string manipulating programs is a crucial problem in computer security. String operations are used extensively within web applications to manipulate user input, and their erroneous use is the most common cause of security vulnerabilities in web applications. We present an automata-based approach for symbolic analysis of string manipulating programs. We use deterministic finite automat...
متن کاملFailure-Oblivious Computing and Boundless Memory Blocks
Memory errors are a common cause of incorrect software execution and security vulnerabilities. We have developed two new techniques that help software continue to execute successfully through memory errors: failure-oblivious computing and boundless memory blocks. The foundation of both techniques is a compiler that generates code that checks accesses via pointers to detect out of bounds accesse...
متن کاملProactive Web Server Protocol for Complaint Assessment
Vulnerability Discovery with attack Injection security threats are increasing for the server software, when software is developed, the software tested for the functionality. Due to unawareness of software vulnerabilities most of the software before pre-Release the software should be thoroughly tested for not only functionality reliability, but should be tested for the security flaws (or) vulner...
متن کاملMitigating and Monitoring Program Security Vulnerabilities
Today's programs are implemented in a variety of languages and contain serious vulnerabilities which can be exploited to cause security breaches. These vulnerabilities have been exploited in real life and resulted in damages to related stakeholders such as program users. As most vulnerabilities belong to program code, many techniques have been applied to mitigate vulnerabilities before and afte...
متن کاملPreventing SQL Injection through Automatic Query Sanitization with ASSIST
Web applications are becoming an essential part of our everyday lives. Many of our activities are dependent on the functionality and security of these applications. As the scale of these applications grows, injection vulnerabilities such as SQL injection are major security challenges for developers today. This paper presents the technique of automatic query sanitization to automatically remove ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2011