PT: Generating security vulnerabilities in source code
| dc.contributor.author | Schuckert, Felix | |
| dc.contributor.editor | Meier, Michael | |
| dc.contributor.editor | Reinhardt, Delphine | |
| dc.contributor.editor | Wendzel, Steffen | |
| dc.date.accessioned | 2017-06-21T07:43:28Z | |
| dc.date.available | 2017-06-21T07:43:28Z | |
| dc.date.issued | 2016 | |
| dc.description.abstract | This paper describes a framework, which modifies existing source code to generate security issues. An example plugin for generating SQL injection in Java source code is described. The generation process is based on static code analysis techniques like dataflow analysis and abstract syntax trees. The framework is evaluated with the help of Java projects from GitHub. One modified project was successfully used in a capture the flag event as a challenge. | en |
| dc.identifier.isbn | 978-3-88579-650-3 | |
| dc.identifier.pissn | 1617-5468 | |
| dc.language.iso | en | |
| dc.publisher | Gesellschaft für Informatik e.V. | |
| dc.relation.ispartof | Sicherheit 2016 - Sicherheit, Schutz und Zuverlässigkeit | |
| dc.relation.ispartofseries | Lecture Notes in Informatics (LNI) - Proceedings, Volume P-256 | |
| dc.title | PT: Generating security vulnerabilities in source code | en |
| dc.type | Text/Conference Paper | |
| gi.citation.endPage | 182 | |
| gi.citation.publisherPlace | Bonn | |
| gi.citation.startPage | 177 | |
| gi.conference.date | 5.-7. April 2016 | |
| gi.conference.location | Bonn |
Dateien
Originalbündel
1 - 1 von 1