Design of Exploitable Automatic Verification System for Secure Open Source Software

  • Bumryong Kim
  • Jun-ho Song
  • Jae-Pyo Park
  • Moon-seog Jun
Conference paper
Part of the Lecture Notes in Electrical Engineering book series (LNEE, volume 373)

Abstract

As more people use IT products, the application extent of software has increased along with demand for it. In addition to commercialized software, open source software is also seeing its market grow rapidly. But open source software is developed by those without expert knowledge in security. As a result, many security vulnerabilities arise and are taken advantage of for attacks. Therefore, in this paper, we suggested the design of an exploitable automatic verification system for secure open source software to address these issues. It is expected that, through the use of this system, the reliabilities of the open source software, the developers of the open source software, and the corporations using can be improved.

Keywords

Exploitable Exploit Exploitable verification Open source Software vulnerability 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Bodhani, A.: Feeling lucky [cybersecurity]. Engineering & Technology 10(1), 44–47 (2015)CrossRefGoogle Scholar
  2. 2.
    Korea OSS Promotion Forum. Business Guide of Open Software (2014)Google Scholar
  3. 3.
    Cothey, V.: Web-crawling reliability. Journal of the American Society for Information Science and Technology 55(14), 1228–1238 (2004)CrossRefGoogle Scholar
  4. 4.
    Patton, R.: Software testing. Sams Pub. (2006)Google Scholar
  5. 5.
    CWE - Common Weakness Enumeration. http://cwe.mitre.org
  6. 6.
    CWE/SANS Top 25 Most Dangerous Programming Errors (2011). http://cwe.mitre.org/top25/
  7. 7.
    CVE - Common Vulnerabilities and Exposures. http://cve.mitre.org
  8. 8.
    Mell, P., Scarfone, K., Romanosky, S.: Common vulnerability scoring system. IEEE Security & Privacy 4(6), 85–89 (2006)CrossRefGoogle Scholar
  9. 9.
    CAPEC - Common Attack Pattern Enumeration and Classification. http://capec.mitre.org
  10. 10.
    Barnum, S.: Common attack pattern enumeration and classification (capec) schema description. Cigital Inc., http://capec.mitre.org/documents/documentation/CAPEC_Schema_Description_v1 3 (2008)

Copyright information

© Springer Science+Business Media Singapore 2015

Authors and Affiliations

  • Bumryong Kim
    • 1
  • Jun-ho Song
    • 1
  • Jae-Pyo Park
    • 1
  • Moon-seog Jun
    • 1
  1. 1.Soongsil UniversityDongjak-GuRepublic of Korea

Personalised recommendations