Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Software Security Analysis: Managing source code audit
Blekinge Institute of Technology, School of Engineering, Department of Interaction and System Design.
Blekinge Institute of Technology, School of Engineering, Department of Interaction and System Design.
2004 (English)Independent thesis Advanced level (degree of Master (One Year))Student thesis
Abstract [en]

Software users have become more conscious of security. More people have access to Internet and huge databases of security exploits. To make secure products, software developers must acknowledge this threat and take action. A first step is to perform a software security analysis. The software security analysis was performed using automatic auditing tools. An experimental environment was constructed to check if the findings were exploitable or not. Open source projects were used as reference to learn what patterns to search for. The results of the investigation show the differences in the automatic auditing tools used. Common types of security threats found in the product have been presented. Four different types of software security exploits have also been presented. The discussion presents the effectiveness of the automatic tools for auditing software. A comparison between the security in the examined product and the open source project Apache is presented. Furthermore, the incorporation of the software security analysis into the development process, and the results and cost of the security analysis is discussed. Finally some conclusions were drawn.

Place, publisher, year, edition, pages
2004. , 20 p.
Keyword [en]
Software security, audit, exploit, closed source, open source, buffer overflow
National Category
Computer Science Software Engineering
Identifiers
URN: urn:nbn:se:bth-3615Local ID: oai:bth.se:arkivex592D8C21BD19DCD5C1256EC3002AC5ACOAI: oai:DiVA.org:bth-3615DiVA: diva2:830925
Uppsok
Technology
Supervisors
Available from: 2015-04-22 Created: 2004-06-30 Last updated: 2015-06-30Bibliographically approved

Open Access in DiVA

fulltext(376 kB)56 downloads
File information
File name FULLTEXT01.pdfFile size 376 kBChecksum SHA-512
156d4442a288502f04a5270410c4ff94257d39e7a8ac83a40f81bb7474b5b49800f61e0024a792857e28b2fcf09cc3e21e911274033022b2079be63426e82323
Type fulltextMimetype application/pdf

By organisation
Department of Interaction and System Design
Computer ScienceSoftware Engineering

Search outside of DiVA

GoogleGoogle Scholar
Total: 56 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

Total: 76 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf