• Corpus ID: 2450729

Partitioners Track : Generating Security Vulnerabilities in Source Code

@inproceedings{Schuckert2016PartitionersT,
  title={Partitioners Track : Generating Security Vulnerabilities in Source Code},
  author={Felix Schuckert},
  year={2016}
}
This paper describes a framework, which modifies existing source code to generate security issues. An example plugin for generating SQL injection in Java source code is described. The generation process is based on static code analysis techniques like dataflow analysis and abstract syntax trees. The framework is evaluated with the help of Java projects from GitHub. One modified project was successfully used in a capture the flag event as a challenge. 

Figures from this paper

References

SHOWING 1-10 OF 19 REFERENCES

SPOON: A library for implementing analyses and transformations of Java source code

TLDR
SPOON enables Java developers to write a large range of domain‐specific analyses and transformations in an easy and concise manner and developers do not need to dive into parsing, to hack a compiler infrastructure, or to master a new formalism.

Comparing the Effectiveness of Penetration Testing and Static Code Analysis on the Detection of SQL Injection Vulnerabilities in Web Services

  • Nuno AntunesM. Vieira
  • Computer Science
    2009 15th IEEE Pacific Rim International Symposium on Dependable Computing
  • 2009
TLDR
This work used several commercial and open source tools to detect vulnerabilities in a set of vulnerable services and suggested that, in general, static code analyzers are able to detect more SQL Injection vulnerabilities than penetration testing tools.

Secure Programming with Static Analysis

The First Expert Guide to Static Analysis for Software Security!Creating secure code requires more than just good intentions. Programmers need to know that their code will be safe in an almost

Automated static code analysis : A tool for early vulnerability detection

TLDR
This thesis investigates the technical capabilities and limitations of using a static analysis tool as an early vulnerability detector and the most important limitation being the incorrect warnings that are reported by static analysis tools.

Evaluation of static analysis tools for software security

TLDR
Results show that security static analysis tools are, to some extent, effective in detecting security holes in source code; source code analyzers are able to detect more weaknesses than bytecode and binary code scanners; and while tools can assist the development team in security code review activities, they are not enough to uncover all common weaknesses in software.

Programming languages and program analysis for security: a three-year retrospective

TLDR
This paper is a three-year survey of PLAS papers that discusses the progress made in the area of language-based security, which has become very active with the advent of Web applications.

DieHard: probabilistic memory safety for unsafe languages

TLDR
Analytical and experimental results are presented that show DieHard's resilience to a wide range of memory errors, including a heap-based buffer overflow in an actual application.

https://www.owasp.org/index.php/Category:OWA SP Top Ten Project, last visit

  • https://www.owasp.org/index.php/Category:OWA SP Top Ten Project, last visit

SA10] SAMATE -Software Assurance Metrics and Tool Evaluation. https://samate.nist.gov, last visit

  • SA10] SAMATE -Software Assurance Metrics and Tool Evaluation. https://samate.nist.gov, last visit