Finding vulnerabilities using automatic test generation
RiuNet: Repositorio Institucional de la Universidad Politécnica de Valencia
JavaScript is disabled for your browser. Some features of this site may not work without it.
Buscar en RiuNet
Listar
Mi cuenta
Estadísticas
Ayuda RiuNet
Admin. UPV
Finding vulnerabilities using automatic test generation
Mostrar el registro sencillo del ítem
Ficheros en el ítem
![[Cerrado]](/themes/UPV/images/candado.png)
| dc.contributor.advisor | Sánchez López, Miguel
|
es_ES |
| dc.contributor.advisor | Victor, Björn
|
es_ES |
| dc.contributor.author | Bueno Domínguez, Jordi
|
es_ES |
| dc.date.accessioned | 2014-11-04T10:12:36Z | |
| dc.date.available | 2014-11-04T10:12:36Z | |
| dc.date.created | 2014-09-18 | |
| dc.date.issued | 2014-11-04T10:12:36Z | |
| dc.identifier.uri | http://hdl.handle.net/10251/43836 | |
| dc.description.abstract | Software bugs are still present in modern software, and they are a major concern for every user, specially security related bugs. Classical approaches for bug detection fall short to uncover some of them, as it has been proved on several occasions when a hidden bug has been used to compromise the security of many systems. In this report an approach for automatic bug detection is presented and analysed. Using KLEE, a tool that can explore all the possible paths in a piece of code, bugs can be discovered. As an example for bug detection in a security software, the Heartbleed bug that affected the OpenSSL library is analysed. The behaviour of this bug is explained here, and KLEE is used to expose this bug. If this worked, it would be useful for developers in order to prevent dangerous bugs from staying undetected. The results show that the tool is not ready to be used in real software due to its limitations. However, despite the difficulties these limitations pose, KLEE proves to be useful in a controlled scenario. As long as the software is kept simple, the tool can be used to effectively execute all the code. With some improvements, it could be a major step for a future without bugs. | es_ES |
| dc.format.extent | 40 | es_ES |
| dc.language | Inglés | es_ES |
| dc.publisher | Universitat Politècnica de València | es_ES |
| dc.rights | Reserva de todos los derechos | es_ES |
| dc.subject.classification | ARQUITECTURA Y TECNOLOGIA DE COMPUTADORES | es_ES |
| dc.subject.other | Grado en Ingeniería Informática-Grau en Enginyeria Informàtica | es_ES |
| dc.title | Finding vulnerabilities using automatic test generation | es_ES |
| dc.type | Proyecto/Trabajo fin de carrera/grado | es_ES |
| dc.rights.accessRights | Cerrado | es_ES |
| dc.contributor.affiliation | Universitat Politècnica de València. Escola Tècnica Superior d'Enginyeria Informàtica | es_ES |
| dc.description.bibliographicCitation | Bueno Domínguez, J. (2014). Finding vulnerabilities using automatic test generation. http://hdl.handle.net/10251/43836. | es_ES |
| dc.description.accrualMethod | Archivo delegado | es_ES |
Este ítem aparece en la(s) siguiente(s) colección(ones)
-
ETSINF - Trabajos académicos [4774]
Escola Tècnica Superior d'Enginyeria Informàtica
Universitat Politècnica de València. Unidad de Documentación Científica de la Biblioteca (+34) 96 387 70 85 · RiuNet@bib.upv.es
El contenido de este sitio está bajo una licencia Creative Commons Reconocimiento – No Comercial – Sin Obra Derivada (by-nc-nd), salvo que se indique lo contrario.
Los metadatos de este sitio están bajo una licencia Dominio Público.
