Can source code auditing software identify common vulnerabilities and be used to evaluate software security?

Heffley, Jon; Meunier, Pascal

doi:10.1109/hicss.2004.1265654

Cited by 35 publications

(27 citation statements)

References 5 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Most security problems can be traced back to underlying errors in a program's source code. For example, 64% of the nearly 2,500 vulnerabilities in the National Vulnerability Database in 2004 were caused by programming errors [7]. Fixing these bugs through constant security patches has its own problems, since security patch management and distribution are known to be fairly ineffective [2].…”

Section: Introductionmentioning

confidence: 99%

Teaching the security mindset to CS1 students

Pournaghshband

2013

Proceeding of the 44th ACM Technical Symposium on Computer Science Education

View full text Add to dashboard Cite

In this 21st century technological world, the inherent problems of computer security are becoming increasingly important, and it is critical that our students gain the necessary skills and knowledge, early in their academic programs, to handle these problems. Specifically, the lack of security mindset is responsible for many overlooked and exploitable security bugs in the computer programs that these students design. While learning the security concepts generally requires a more advanced knowledge of computer science, learning the security mindset can be, and should be, addressed as early as CS 1.Although the primary focus of any traditional CS 1 course is that of basic programming concepts, we believe that teaching the security mindset in this course is valuable and effective. In this paper we discuss the course that we have taught for four terms-an introductory course that teaches the security mindset to beginner programmers.We start out by using the term-long incremental development of a security-sensitive program-the login program. Students develop the security mindset by thinking as both hackers and defenders, in order to catch and fix the logical and run-time errors that may lead to security breaches in the program.

show abstract

Section: Introductionmentioning

confidence: 99%

Teaching the security mindset to CS1 students

Pournaghshband

2013

Proceeding of the 44th ACM Technical Symposium on Computer Science Education

View full text Add to dashboard Cite

show abstract

“…The work presented in this paper naturally complements the work presented in [6], which addresses the problem of evaluating human factors, i.e. how useful, on average, the warnings given by the various tools are for the programmer.…”

Section: Discussionmentioning

confidence: 72%

“…However, as already noted in [6], soundness and completeness are of little use when considered separately. A complete tool can be practically useless if it gives too many false positives and the same is true for a sound tool that identifies only a minimal fraction of errors.…”

Section: Introductionmentioning

confidence: 99%

“…In short, no significant differences exist in the quality of the results given by the various tools: all of them just provide a list of lines of code which are to be analyzed further. The analysis of each warning has a considerable cost, as is also noted and experimentally verified in [6]. Thus, the amount of manual work needed to analyze the reported warnings is the predominant cost.…”

Section: Introductionmentioning

confidence: 99%

“…The first attempt to compare static analysis tools using a common base of test programs is [5], which, however, uses extremely simple artificial code samples which are not so representative of real code. Another evaluation work is [6], which reports some qualitative results of experiments where different programmers used various static analysis tools for buffer overflow detection on the same set of programs. In this case, the set of programs is significant, because it includes real world open source programs, but the aim of the work is more to evaluate human factors than to gain an objective and quantitative evaluation of the tools themselves.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Comparing Lexical Analysis Tools for Buffer Overflow Detection in Network Software

Pozza

Sisto

Durante

et al.

2006 1st International Conference on Communication Systems Software &Amp; Middleware

View full text Add to dashboard Cite

Abstract-Many of the bugs in distributed software modules are security vulnerabilities, the most common and also the most exploited of which are buffer overflows and they typically arise in programs written in the C language. This paper, focusing on static analysis tools for detecting buffer overflows in C programs, presents a methodology for experimentally evaluating and comparing the main objective features of such tools. The proposed method is based on testing all the tools on a common set of publicly available, open source software packages, and makes use of specific metrics defined to evaluate the main tool features. In particular, the evaluation aims at quantifying how close the tool is to a complete and sound tool. Our approach has been applied for an initial evaluation of the class of static analysis tools that are based on lexical analysis, using as test cases three well known network software packages. The results obtained, illustrated and commented on in this paper, offer some interesting indications.

show abstract