Towards Assisted Remediation of Security Vulnerabilities
نویسندگان
چکیده
Security vulnerabilities are still prevalent in systems despite the existence of their countermeasures for several decades. In order to detect the security vulnerabilities missed by developers, complex solutions are undertaken like static analysis, often after the development phase and with a loss of context. Although vulnerabilities are found, there is also an absence of systematic protection against them. In this paper, we introduce an integrated Eclipse plug-in to assist developers in the detection and mitigation of security vulnerabilities using Aspect-Oriented Programming early in the development life-cycle. The work is a combination of static analysis and protection code generation during the development phase. We leverage the developer interaction with the integrated tool to obtain more knowledge about the system, and to report back a better overview of the different security aspects already applied, then we discuss challenges for such code correction approach. The results are an in-depth solution to assist developers to provide software with higher security standards. Keywords-Security, AOP, Software Engineering, Static Analysis, Vulnerability Remediation
منابع مشابه
Building Security In Are Patched Machines Really Fixed ?
Dozens of previously undetected software vulnerabilities are discovered in a variety of programs and systems every day.1 Once information about a security vulnerability becomes available to a vendor, or particularly to the public, the vendor typically is expected to provide a means of remediation promptly. A common way to do this is to patch or upgrade the software. Quick, effective remediation...
متن کاملQuantifying Security Risk by Critical Network Vulnerabilities Assessment
Network vulnerability is the weaknesses in the network configuration that inadvertently allows dangerous operations and poses serious security threats. An attacker can exploit these vulnerabilities to gain unauthorized access to the system. Hence, detection and remediation of network vulnerabilities is critical for network security. This paper proposed method for effective risk level estimation...
متن کاملPenetration Testing: A Roadmap to Network Security
Network penetration testing identifies the exploits and vulnerabilities those exist within computer network infrastruc‐ ture and help to confirm the security measures. The objective of this paper is to explain methodology and methos behind penetra‐ tion testing and illustrate remedies over it, which will provide substantial value for network security Penetration testing should model r...
متن کاملMembrane Assisted Liquid Extraction of Actinides and Remediation of Nuclear Waste: A Review
Membrane assisted liquid extraction(MALE) technologies are gaining an important role as an extraction /separation technique for actinides and are being deployed as a promising tool for remediation of nuclear waste generated in the reprocessing plant and other radioactive wastes containing a trace level of radionuclides. The present contribution outlines the classification of membrane assisted ...
متن کاملThe Effectiveness of Computer-Assisted Cognitive Remediation on the Difficulties of Emotion-Regulation among Students with Attention Deficit Hyperactivity Disorder
Introduction: The aim of the present study was to investigate the effectiveness of computer-assisted cognitive remediation on the difficulty of emotional regulation among students with attention deficit hyperactivity disorder (ADHD). Methods: The participants in this study included 24 (12 boys and 12 girls) students with ADHD and in the sixth to ninth grades of the seventh district of Tehran i...
متن کامل