• home
• current students
• graduate
• events

Presenter: Alexander M. Hoole
Supervisor:

Date: Mon, October 2, 2017
Time: 14:00:00 - 15:30:00
Place: EOW 430

ABSTRACT

In the domain of application security, weaknesses are the bugs in software implementation, or code, which could lead to a system being vulnerable to attack if not addressed. Vulnerabilities are those weaknesses (or flaws) related to architecture, design, implementation and configuration which can be directly exploited during execution to gain access to a system. The existence of an exploitable weakness, once discovered, improves the likelihood that a malicious hacker can launch a successful offense. The identification, verification, and removal of weaknesses during the system development life cycle is part of having a strong defense. In this presentation we seek to identify ways in which the systems development life cycle (SDLC) can be augmented with improved software engineering practices to measurably address security concerns that have arisen relating to security vulnerability defects in software. By proposing a general model for identifying potential vulnerabilities (weaknesses) and using runtime monitoring for verifying their reachability, and exploitability, during development and testing reduces security risk in delivered products.