Login | Register

Towards the automation of vulnerability detection in source code


Towards the automation of vulnerability detection in source code

Ling, Hai Zhou (2009) Towards the automation of vulnerability detection in source code. Masters thesis, Concordia University.

Text (application/pdf)
MR67245.pdf - Accepted Version


Software vulnerability detection, which involves security property specification and verification, is essential in assuring the software security. However, the process of vulnerability detection is labor-intensive, time-consuming and error-prone if done manually. In this thesis, we present a hybrid approach, which utilizes the power of static and dynamic analysis for performing vulnerability detection in a systematic way. The key contributions of this thesis are threefold. first, a vulnerability detection framework, which supports security property specification, potential vulnerability detection, and dynamic verification, is proposed. Second, an investigation of test data generation for dynamic verification is conducted. Third, the concept of reducing security property verification to reachability is introduced.

Divisions:Concordia University > Gina Cody School of Engineering and Computer Science > Computer Science and Software Engineering
Item Type:Thesis (Masters)
Authors:Ling, Hai Zhou
Pagination:xi, 128 leaves : ill. ; 29 cm.
Institution:Concordia University
Degree Name:M. Comp. Sc.
Program:Computer Science and Software Engineering
Thesis Supervisor(s):Debbabi, M
ID Code:976727
Deposited By: Concordia University Library
Deposited On:22 Jan 2013 16:32
Last Modified:18 Jan 2018 17:43
Related URLs:
All items in Spectrum are protected by copyright, with all rights reserved. The use of items is governed by Spectrum's terms of access.

Repository Staff Only: item control page

Downloads per month over past year

Back to top Back to top