Vulnerability Assessment of Open Source Wireshark and Chrome Browser

Abstract

The objective of this effort was to conduct an in-depth vulnerability assessment of the Wireshark network protocol monitoring system. An in-depth assessment using First Principles Vulnerability Assessment (FPVA) methodology was performed that produced architectural, resource, privilege and trust analyses of the code, which, in turn, identified several verified security vulnerabilities. In addition, a similar analysis on the Google Chrome/Chromium web browser was performed, producing similar products and a vulnerability report. Other accomplishments included new work on tools to speed the task of analyst-driven vulnerability assessment of code, new techniques for statically analyzing source code for defects, and useful collaborations with industry and academia.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Aug 01, 2013
Accession Number
ADA589062

Entities

People

  • Barton P. Miller

Organizations

  • University of Wisconsin–Madison

Tags

Communities of Interest

  • Cyber

DTIC Thesaurus Topics

  • Air Force
  • Air Force Research Laboratories
  • Chromium
  • Computer Programming
  • Computer Programs
  • Computers
  • Computing System Architectures
  • Contracts
  • Cybersecurity
  • Electronic Mail
  • Governments
  • Network Protocols
  • Security
  • Standards
  • Teamwork
  • Vulnerability
  • Web Browsers

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Database Systems and Applications
  • Software Engineering