Partitioners Track : Generating Security Vulnerabilities in Source Code
@inproceedings{Schuckert2016PartitionersT,
title={Partitioners Track : Generating Security Vulnerabilities in Source Code},
author={Felix Schuckert},
year={2016}
}This paper describes a framework, which modifies existing source code to generate security issues. An example plugin for generating SQL injection in Java source code is described. The generation process is based on static code analysis techniques like dataflow analysis and abstract syntax trees. The framework is evaluated with the help of Java projects from GitHub. One modified project was successfully used in a capture the flag event as a challenge.
References
SHOWING 1-5 OF 5 REFERENCES
Static analysis of source code security: Assessment of tools against SAMATE tests
- Computer Science
- Inf. Softw. Technol.
- 2013
- 37
Evaluation of static analysis tools for software security
- Computer Science
- 2014 10th International Conference on Innovations in Information Technology (IIT)
- 2014
- 15
Programming languages and program analysis for security: a three-year retrospective
- Computer Science
- SIGP
- 2009
- 10
; Seinturier , Lionel : Spoon : A Library for Implementing Analyses and Transformations of Java Source Code
- 2014
Zorn : DieHard : probabilistic memory safety for unsafe languages
- ACM SIGPLAN Conference on Programming Language Design and Implementation , S .