Analysis and detection of security vulnerabilities in contemporary software

Simple item page
dc.check.embargoformatNot applicableen
dc.check.infoNo embargo requireden
dc.check.opt-outNoen
dc.check.reasonNo embargo requireden
dc.check.typeNo Embargo Required
dc.contributor.advisorFoley, Simonen
dc.contributor.authorPieczul, Olgierd
dc.contributor.funderInternational Business Machines Corporationen
dc.date.accessioned2017-05-17T10:49:00Z
dc.date.available2017-05-17T10:49:00Z
dc.date.issued2017
dc.date.submitted2017
dc.description.abstractContemporary application systems are implemented using an assortment of high-level programming languages, software frameworks, and third party components. While this may help to lower development time and cost, the result is a complex system of interoperating parts whose behavior is difficult to fully and properly comprehend. This difficulty of comprehension often manifests itself in the form of program coding errors that are not directly related to security requirements but can have an impact on the security of the system. The thesis of this dissertation is that many security vulnerabilities in contemporary software may be attributed to unintended behavior due to unexpected execution paths resulting from the accidental misuse of the software components. Unlike many typical programmer errors such as missed boundary checks or user input validation, these software bugs are not easy to detect and avoid. While typical secure coding best practices, such as code reviews, dynamic and static analysis, offer little protection against such vulnerabilities, we argue that runtime verification of software execution against a specified expected behavior can help to identify unexpected behavior in the software. The dissertation explores how building software systems using components may lead to the emergence of unexpected software behavior that results in security vulnerabilities. The thesis is supported by a study of the evolution of a popular software product over a period of twelve years. While anomaly detection techniques could be applied to verify software verification at runtime, there are several practical challenges in using them in large-scale contemporary software. A model of expected application execution paths and a methodology that can be used to build it during the software development cycle is proposed. The dissertation explores its effectiveness in detecting exploits on vulnerabilities enabled by software errors in a popular, enterprise software product.en
dc.description.statusNot peer revieweden
dc.description.versionAccepted Version
dc.format.mimetypeapplication/pdfen
dc.identifier.citationPieczul, P. 2017. Analysis and detection of security vulnerabilities in contemporary software. PhD Thesis, University College Cork.en
dc.identifier.endpage159en
dc.identifier.urihttps://hdl.handle.net/10468/3975
dc.language.isoenen
dc.publisherUniversity College Corken
dc.rights© 2017, Olgierd Pieczul.en
dc.rights.urihttp://creativecommons.org/licenses/by-nc-nd/3.0/en
dc.subjectAnomaly detectionen
dc.subjectSecurity vulnerabilitiesen
dc.subjectRuntime verificationen
dc.subjectSoftware securityen
dc.thesis.opt-outfalse
dc.titleAnalysis and detection of security vulnerabilities in contemporary softwareen
dc.typeDoctoral thesisen
dc.type.qualificationlevelDoctoral Degree (Structured)en
ucc.workflow.supervisors.foley@cs.ucc.ie
Files
Original bundle
Now showing 1 - 2 of 2
Thumbnail Image
Name:
Abstract.pdf
Size:
40.76 KB
Format:
Adobe Portable Document Format
Description:
Abstract
Thumbnail Image
Name:
PieczulO_PhD2017.pdf
Size:
1.46 MB
Format:
Adobe Portable Document Format
Description:
Full Text E-thesis
Download
License bundle
Now showing 1 - 1 of 1
Thumbnail Image
Name:
license.txt
Size:
5.62 KB
Format:
Item-specific license agreed upon to submission
Description:
Download
Collections
Doctoral Theses
College of Science, Engineering and Food Science - Doctoral Theses
Computer Science - Doctoral Theses