Analysis and detection of security vulnerabilities in contemporary software

Show simple item record

dc.contributor.advisor Foley, Simon en
dc.contributor.author Pieczul, Olgierd
dc.date.accessioned 2017-05-17T10:49:00Z
dc.date.available 2017-05-17T10:49:00Z
dc.date.issued 2017
dc.date.submitted 2017
dc.identifier.citation Pieczul, P. 2017. Analysis and detection of security vulnerabilities in contemporary software. PhD Thesis, University College Cork. en
dc.identifier.endpage 159 en
dc.identifier.uri http://hdl.handle.net/10468/3975
dc.description.abstract Contemporary application systems are implemented using an assortment of high-level programming languages, software frameworks, and third party components. While this may help to lower development time and cost, the result is a complex system of interoperating parts whose behavior is difficult to fully and properly comprehend. This difficulty of comprehension often manifests itself in the form of program coding errors that are not directly related to security requirements but can have an impact on the security of the system. The thesis of this dissertation is that many security vulnerabilities in contemporary software may be attributed to unintended behavior due to unexpected execution paths resulting from the accidental misuse of the software components. Unlike many typical programmer errors such as missed boundary checks or user input validation, these software bugs are not easy to detect and avoid. While typical secure coding best practices, such as code reviews, dynamic and static analysis, offer little protection against such vulnerabilities, we argue that runtime verification of software execution against a specified expected behavior can help to identify unexpected behavior in the software. The dissertation explores how building software systems using components may lead to the emergence of unexpected software behavior that results in security vulnerabilities. The thesis is supported by a study of the evolution of a popular software product over a period of twelve years. While anomaly detection techniques could be applied to verify software verification at runtime, there are several practical challenges in using them in large-scale contemporary software. A model of expected application execution paths and a methodology that can be used to build it during the software development cycle is proposed. The dissertation explores its effectiveness in detecting exploits on vulnerabilities enabled by software errors in a popular, enterprise software product. en
dc.format.mimetype application/pdf en
dc.language.iso en en
dc.publisher University College Cork en
dc.rights © 2017, Olgierd Pieczul. en
dc.rights.uri http://creativecommons.org/licenses/by-nc-nd/3.0/ en
dc.subject Anomaly detection en
dc.subject Security vulnerabilities en
dc.subject Runtime verification en
dc.subject Software security en
dc.title Analysis and detection of security vulnerabilities in contemporary software en
dc.type Doctoral thesis en
dc.type.qualificationlevel Doctoral Degree (Structured) en
dc.internal.availability Full text available en
dc.check.info No embargo required en
dc.description.version Accepted Version
dc.contributor.funder International Business Machines Corporation en
dc.description.status Not peer reviewed en
dc.internal.school Computer Science en
dc.check.type No Embargo Required
dc.check.reason No embargo required en
dc.check.opt-out No en
dc.thesis.opt-out false
dc.check.embargoformat Not applicable en
ucc.workflow.supervisor s.foley@cs.ucc.ie
dc.internal.conferring Summer 2017 en


Files in this item

This item appears in the following Collection(s)

Show simple item record

© 2017, Olgierd Pieczul. Except where otherwise noted, this item's license is described as © 2017, Olgierd Pieczul.
This website uses cookies. By using this website, you consent to the use of cookies in accordance with the UCC Privacy and Cookies Statement. For more information about cookies and how you can disable them, visit our Privacy and Cookies statement