Abstract
Hidden functionality in software is a big problem, because we cannot be sure that the software does not contain malicious code. We conducted an experiment where we studied the relationship between architecture constructs, dynamic behavior and security vulnerabilities. We also studied to what extent architecture analysis tools can assist in detecting security vulnerabilities that are caused by architecture violations. Using the tool, we were able to capture the dynamic pattern of a user breaking in to the system using the back door. Based on the dynamic information in combination with the static information, we obtained a good picture of the "visual image" of the back door. Such "visual images" can be used to detect vulnerabilities and ultimately help to design software architectures that meet their security requirements.
Original language | English |
---|---|
Title of host publication | Proceedings of the 2008 IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW'08 |
Publisher | IEEE Institute of Electrical and Electronic Engineers |
Pages | 262-268 |
ISBN (Print) | 978-0-7695-3388-9 |
DOIs | |
Publication status | Published - 2008 |
MoE publication type | A4 Article in a conference publication |
Event | 2008 IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW'08 - Lillehammer, Norway Duration: 9 Apr 2008 → 11 Apr 2008 |
Conference
Conference | 2008 IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW'08 |
---|---|
Country/Territory | Norway |
City | Lillehammer |
Period | 9/04/08 → 11/04/08 |
Keywords
- Software architecture
- security