This thesis contributes to three research areas in software security, namely security requirements and intrusion prevention via static analysis and runtime detection. We have investigated current practice in security requirements by doing a field study of eleven requirement specifications on IT systems. The conclusion is that security requirements are poorly specified due to three things: inconsistency in the selection of requirements, inconsistency in level of detail, and almost no requirements on standard security solutions. A follow-up interview study addressed the reasons for the inconsistencies and the impact of poor security requirements. It shows that the projects had relied heavily on in-house security competence and that mature pr...
Software vulnerabilities are added into programs during its development. Architectural flaws are int...
In this thesis, we report our research on systematic security hardening. We see how the software dev...
International audienceThis paper tackles the problems of generating concrete test cases for testing ...
Context: Security is a growing concern in many organizations. Industries developing software systems...
The software engineering community recognized the importance of addressing security requirements wit...
There are several ways to mitigate security breaches proactively. This thesis introduces portable se...
This research examines how software specifications could be used to build more-secure software. For ...
Computer Security has been a pressing issue that affects our society in multiple ways. Although a pl...
We have to face a simple, yet, disturbing fact: current computing is inherently insecure. The system...
Developing and delivering secure software is a challenging task, that gets even harder when the deve...
Most security attacks exploit instances of wellknown classes of implementation flaws. Many of these ...
Software security and reliability are aspects of major concern for software development enterprises ...
The goal of the research presented in this dissertation is to prevent, detect, and mitigate maliciou...
An important objective for low-level software security research is to develop techniques that make i...
147 p.Thesis (Ph.D.)--University of Illinois at Urbana-Champaign, 2003.Security problems in computer...
Software vulnerabilities are added into programs during its development. Architectural flaws are int...
In this thesis, we report our research on systematic security hardening. We see how the software dev...
International audienceThis paper tackles the problems of generating concrete test cases for testing ...
Context: Security is a growing concern in many organizations. Industries developing software systems...
The software engineering community recognized the importance of addressing security requirements wit...
There are several ways to mitigate security breaches proactively. This thesis introduces portable se...
This research examines how software specifications could be used to build more-secure software. For ...
Computer Security has been a pressing issue that affects our society in multiple ways. Although a pl...
We have to face a simple, yet, disturbing fact: current computing is inherently insecure. The system...
Developing and delivering secure software is a challenging task, that gets even harder when the deve...
Most security attacks exploit instances of wellknown classes of implementation flaws. Many of these ...
Software security and reliability are aspects of major concern for software development enterprises ...
The goal of the research presented in this dissertation is to prevent, detect, and mitigate maliciou...
An important objective for low-level software security research is to develop techniques that make i...
147 p.Thesis (Ph.D.)--University of Illinois at Urbana-Champaign, 2003.Security problems in computer...
Software vulnerabilities are added into programs during its development. Architectural flaws are int...
In this thesis, we report our research on systematic security hardening. We see how the software dev...
International audienceThis paper tackles the problems of generating concrete test cases for testing ...