Logo des Repositoriums
 
Konferenzbeitrag

PT: Generating security vulnerabilities in source code

Lade...
Vorschaubild

Volltext URI

Dokumententyp

Text/Conference Paper

Zusatzinformation

Datum

2016

Zeitschriftentitel

ISSN der Zeitschrift

Bandtitel

Verlag

Gesellschaft für Informatik e.V.

Zusammenfassung

This paper describes a framework, which modifies existing source code to generate security issues. An example plugin for generating SQL injection in Java source code is described. The generation process is based on static code analysis techniques like dataflow analysis and abstract syntax trees. The framework is evaluated with the help of Java projects from GitHub. One modified project was successfully used in a capture the flag event as a challenge.

Beschreibung

Schuckert, Felix (2016): PT: Generating security vulnerabilities in source code. Sicherheit 2016 - Sicherheit, Schutz und Zuverlässigkeit. Bonn: Gesellschaft für Informatik e.V.. PISSN: 1617-5468. ISBN: 978-3-88579-650-3. pp. 177-182. Bonn. 5.-7. April 2016

Schlagwörter

Zitierform

DOI

Tags