The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Java is dominating in object-oriented computing. However, Java relies on Java Virtual Machine to process Java bytecodes, such that it imposes large overhead on the embedded system. In addition, as security is always a major concern in most of the networked computer systems, embedded systems should provide security features to defend against attacks. Many viruses use the security loopholes to trigger...
Traditional test case generation methods usually consider coverage criteria like statement or path coverage and ignore security characteristics. The result is that a test case may fail to find vulnerabilities even if it covers the vulnerable statements. However, we argue that existing test cases are still of great value because significant human effort and time have been invested to achieve high coverage...
Piromsopa and Enbody (2006) proposed Secure Bit, an architectural approach to protect against buffer-overflow attacks on control data (return-addresses and function pointers). This paper explores the possibility of extending Secure Bit to protect non-control data (variables, pointers and arrays). A hardware bit, provided by Secure Bit, helps preserving the integrity of an associated address. We propose...
This is a survey of the processes, practices, and technologies that can help software maintenance engineers improve the security of software systems. A particular emphasis is placed on validating security architectures, verifying that the implementation of an architecturepsilas constituent applications adhere to secure coding practices, and protecting software systems against malicious software. In...
This position paper proposes a research agenda for the field of security testing. It gives a critical account of the state of the art as seen by a practitioner and identifies questions that research failed to answer so far, or failed to answer in such a way that it would have had an impact in the real world. Three categories of research problems are proposed: theory of vulnerabilities, theory of security...
A buffer overflow attack is perhaps the most common attack used to compromise the security of a host. This attack can be used to change the function return address and redirect execution to the attacker's code. We present a hardware-based solution, called SmashGuard, to protect against all known forms of attack on the function return addresses stored on the program stack. With each function call instruction,...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.