COSAK: Code Security Analysis Kit

Abstract

There are two significant parts to the Code Security Analysis Kit (CoSAK) project. The first part of the project is called Front Line Functions (FLF) and involves the development of static analysis tools for C code to assist in the characterization of software functions that are most vulnerable to a security attack. The effectiveness of the FLF work was demonstrated empirically using a repository of open source software with known security vulnerabilities. The second part of the project is called Gemini and involves the development of tools to transform C programs into equivalent ones that are less susceptible to a buffer overflow security attack. The effectiveness of the Gemini project was demonstrated using a case study that involved transforming several software packages from the Linux operating system distribution.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Jan 01, 2004
Accession Number
ADA421440

Entities

People

  • Spiros Mancoridis

Organizations

  • Drexel University

Tags

Communities of Interest

  • Cyber
  • Materials and Manufacturing Processes

DTIC Thesaurus Topics

  • Air Force Research Laboratories
  • Buffer Overflow Attack
  • Case Studies
  • Computer Programming
  • Computer Programs
  • Computer Science
  • Computers
  • Databases
  • Debugging
  • Denial Of Service Attack
  • Information Operations
  • Language
  • Open Source Software
  • Operating Systems
  • Security
  • Storage
  • Vulnerability

Fields of Study

  • Computer science
  • Engineering

Readers

  • Database Systems and Applications
  • Economics
  • Manufacturing Engineering.