Security metrics for Java bytecode programs

Alshammari, Bandar, Fidge, Colin J., & Corney, Diane (2013) Security metrics for Java bytecode programs. In Proceedings of the Twenty-Fifth International Conference on Software Engineering and Knowledge Engineering (SEKE 2013), Knowledge Systems Institute, Hyatt Harborside at Logan Int'l Airport, Boston, Mass, pp. 394-399.

View at publisher (open access)


Although there are many approaches for developing secure programs, they are not necessarily helpful for evaluating the security of a pre-existing program. Software metrics promise an easy way of comparing the relative security of two programs or assessing the security impact of modifications to an existing one. Most studies in this area focus on high level source code but this approach fails to take compiler-specific code generation into account. In this work we describe a set of object-oriented Java bytecode security metrics which are capable of assessing the security of a compiled program from the point of view of potential information flow. These metrics can be used to compare the security of programs or assess the effect of program modifications on security using a tool which we have developed to automatically measure the security of a given Java bytecode program in terms of the accessibility of distinguished ‘classified’ attributes.

Impact and interest:

0 citations in Scopus
Search Google Scholar™

Citation counts are sourced monthly from Scopus and Web of Science® citation databases.

These databases contain citations from different subsets of available publications and different time periods and thus the citation count from each is usually different. Some works are not in either database and no count is displayed. Scopus includes citations from articles published in 1996 onwards, and Web of Science® generally from 1980 onwards.

Citations counts from the Google Scholar™ indexing service can be viewed at the linked Google Scholar™ search.

Full-text downloads:

47 since deposited on 25 Mar 2014
7 in the past twelve months

Full-text downloads displays the total number of times this work’s files (e.g., a PDF) have been downloaded from QUT ePrints as well as the number of downloads in the previous 365 days. The count includes downloads for all files if a work has more than one.

ID Code: 69134
Item Type: Conference Paper
Refereed: Yes
Keywords: Object-orientation, Security metrics, Security analyser, Java bytecode
ISBN: 9781891706332
ISSN: 2325-9000
Divisions: Current > Schools > School of Electrical Engineering & Computer Science
Current > QUT Faculties and Divisions > Science & Engineering Faculty
Copyright Owner: Copyright 2013 Knowledge Systems Institute
Deposited On: 25 Mar 2014 23:46
Last Modified: 27 Mar 2014 04:20

Export: EndNote | Dublin Core | BibTeX

Repository Staff Only: item control page