Corpus ID: 2450729

Partitioners Track : Generating Security Vulnerabilities in Source Code

@inproceedings{Schuckert2016PartitionersT,
  title={Partitioners Track : Generating Security Vulnerabilities in Source Code},
  author={Felix Schuckert},
  year={2016}
}
This paper describes a framework, which modifies existing source code to generate security issues. An example plugin for generating SQL injection in Java source code is described. The generation process is based on static code analysis techniques like dataflow analysis and abstract syntax trees. The framework is evaluated with the help of Java projects from GitHub. One modified project was successfully used in a capture the flag event as a challenge. 

Figures from this paper

References

SHOWING 1-5 OF 5 REFERENCES
Evaluation of static analysis tools for software security
  • Hamda Al-Breiki, Q. Mahmoud
  • Computer Science
  • 2014 10th International Conference on Innovations in Information Technology (IIT)
  • 2014
  • 15
; Seinturier , Lionel : Spoon : A Library for Implementing Analyses and Transformations of Java Source Code
  • 2014
Zorn : DieHard : probabilistic memory safety for unsafe languages
  • ACM SIGPLAN Conference on Programming Language Design and Implementation , S .