Security metrics for Java bytecode programs
Alshammari, Bandar, Fidge, Colin J., & Corney, Diane (2013) Security metrics for Java bytecode programs. In Proceedings of the Twenty-Fifth International Conference on Software Engineering and Knowledge Engineering (SEKE 2013), Knowledge Systems Institute, Hyatt Harborside at Logan Int'l Airport, Boston, Mass, pp. 394-399.
Although there are many approaches for developing secure programs, they are not necessarily helpful for evaluating the security of a pre-existing program. Software metrics promise an easy way of comparing the relative security of two programs or assessing the security impact of modifications to an existing one. Most studies in this area focus on high level source code but this approach fails to take compiler-specific code generation into account. In this work we describe a set of object-oriented Java bytecode security metrics which are capable of assessing the security of a compiled program from the point of view of potential information flow. These metrics can be used to compare the security of programs or assess the effect of program modifications on security using a tool which we have developed to automatically measure the security of a given Java bytecode program in terms of the accessibility of distinguished ‘classified’ attributes.
Impact and interest:
Citation counts are sourced monthly from and citation databases.
These databases contain citations from different subsets of available publications and different time periods and thus the citation count from each is usually different. Some works are not in either database and no count is displayed. Scopus includes citations from articles published in 1996 onwards, and Web of Science® generally from 1980 onwards.
Citations counts from theindexing service can be viewed at the linked Google Scholar™ search.
Full-text downloads displays the total number of times this work’s files (e.g., a PDF) have been downloaded from QUT ePrints as well as the number of downloads in the previous 365 days. The count includes downloads for all files if a work has more than one.
|Item Type:||Conference Paper|
|Keywords:||Object-orientation, Security metrics, Security analyser, Java bytecode|
|Divisions:||Current > Schools > School of Electrical Engineering & Computer Science
Current > QUT Faculties and Divisions > Science & Engineering Faculty
|Copyright Owner:||Copyright 2013 Knowledge Systems Institute|
|Deposited On:||25 Mar 2014 23:46|
|Last Modified:||27 Mar 2014 04:20|
Repository Staff Only: item control page