Sciweavers

Share
ICSE
2007
IEEE-ACM

Mining Security-Sensitive Operations in Legacy Code Using Concept Analysis

11 years 4 months ago
Mining Security-Sensitive Operations in Legacy Code Using Concept Analysis
This paper presents an approach to statically retrofit legacy servers with mechanisms for authorization policy enforcement. The approach is based upon the observation that security-sensitive operations performed by a server are characterized by idiomatic resource manipulations, called fingerprints. Candidate fingerprints are automatically mined by clustering resource manipulations using concept analysis. These fingerprints are then used to identify security-sensitive operations performed by the server. Case studies with three real-world servers show that the approach can be used to identify security-sensitive operations with a few hours of manual effort and modest domain knowledge.
Vinod Ganapathy, Dave King 0002, Trent Jaeger, Som
Added 09 Dec 2009
Updated 09 Dec 2009
Type Conference
Year 2007
Where ICSE
Authors Vinod Ganapathy, Dave King 0002, Trent Jaeger, Somesh Jha
Comments (0)
books