Design of Exploitable Automatic Verification System for Secure Open Source Software
As more people use IT products, the application extent of software has increased along with demand for it. In addition to commercialized software, open source software is also seeing its market grow rapidly. But open source software is developed by those without expert knowledge in security. As a result, many security vulnerabilities arise and are taken advantage of for attacks. Therefore, in this paper, we suggested the design of an exploitable automatic verification system for secure open source software to address these issues. It is expected that, through the use of this system, the reliabilities of the open source software, the developers of the open source software, and the corporations using can be improved.
KeywordsExploitable Exploit Exploitable verification Open source Software vulnerability
Unable to display preview. Download preview PDF.
- 2.Korea OSS Promotion Forum. Business Guide of Open Software (2014)Google Scholar
- 4.Patton, R.: Software testing. Sams Pub. (2006)Google Scholar
- 5.CWE - Common Weakness Enumeration. http://cwe.mitre.org
- 6.CWE/SANS Top 25 Most Dangerous Programming Errors (2011). http://cwe.mitre.org/top25/
- 7.CVE - Common Vulnerabilities and Exposures. http://cve.mitre.org
- 9.CAPEC - Common Attack Pattern Enumeration and Classification. http://capec.mitre.org
- 10.Barnum, S.: Common attack pattern enumeration and classification (capec) schema description. Cigital Inc., http://capec.mitre.org/documents/documentation/CAPEC_Schema_Description_v1 3 (2008)