Ling, Hai Zhou (2009) Towards the automation of vulnerability detection in source code. Masters thesis, Concordia University.
Preview |
Text (application/pdf)
3MBMR67245.pdf - Accepted Version |
Abstract
Software vulnerability detection, which involves security property specification and verification, is essential in assuring the software security. However, the process of vulnerability detection is labor-intensive, time-consuming and error-prone if done manually. In this thesis, we present a hybrid approach, which utilizes the power of static and dynamic analysis for performing vulnerability detection in a systematic way. The key contributions of this thesis are threefold. first, a vulnerability detection framework, which supports security property specification, potential vulnerability detection, and dynamic verification, is proposed. Second, an investigation of test data generation for dynamic verification is conducted. Third, the concept of reducing security property verification to reachability is introduced.
| Divisions: | Concordia University > Gina Cody School of Engineering and Computer Science > Computer Science and Software Engineering |
|---|---|
| Item Type: | Thesis (Masters) |
| Authors: | Ling, Hai Zhou |
| Pagination: | xi, 128 leaves : ill. ; 29 cm. |
| Institution: | Concordia University |
| Degree Name: | M. Comp. Sc. |
| Program: | Computer Science and Software Engineering |
| Date: | 2009 |
| Thesis Supervisor(s): | Debbabi, M |
| Identification Number: | LE 3 C66C67M 2010 L56 |
| ID Code: | 976727 |
| Deposited By: | Concordia University Library |
| Deposited On: | 22 Jan 2013 16:32 |
| Last Modified: | 13 Jul 2020 20:11 |
| Related URLs: |
Repository Staff Only: item control page
Download Statistics
Download Statistics