Show simple item record

dc.contributor.advisorCukier, Michelen_US
dc.contributor.authorSivaramakrishnan, Hariharanen_US
dc.date.accessioned2006-06-14T06:02:22Z
dc.date.available2006-06-14T06:02:22Z
dc.date.issued2006-05-04en_US
dc.identifier.urihttp://hdl.handle.net/1903/3566
dc.description.abstractThe advent of the Internet has enabled developers to write and share software components with each other more easily. Developers have become increasingly reliant on code other than their own for application development; code that is often not well tested, and lacking any kind of security review, thus exposing its consumers to security vulnerabilities. The goal of this thesis is to adapt existing techniques, and discover new approaches that can be used to discover security vulnerabilities in applications. We use fault injection in each of our techniques and define a set of criteria to evaluate these approaches. The hierarchy of approaches, starting from a black box and ending in a full white box approach, allows a security reviewer to choose a technique depending on the amount of information available about the application under review, time constraints, and extent of security analysis and confidence desired in the program.en_US
dc.format.extent559322 bytes
dc.format.mimetypeapplication/pdf
dc.language.isoen_US
dc.titleOn the Use of Fault Injection to Discover Security Vulnerabilities in Applicationsen_US
dc.typeThesisen_US
dc.contributor.publisherDigital Repository at the University of Marylanden_US
dc.contributor.publisherUniversity of Maryland (College Park, Md.)en_US
dc.contributor.departmentElectrical Engineeringen_US
dc.subject.pqcontrolledEngineering, Electronics and Electricalen_US
dc.subject.pqcontrolledComputer Scienceen_US
dc.subject.pquncontrolledfault injectionen_US
dc.subject.pquncontrolledvulnerabilitiesen_US
dc.subject.pquncontrolledenvironmental approachen_US


Files in this item

Thumbnail

This item appears in the following Collection(s)

Show simple item record