Master/Bachelor-arbeiten im Bereich "Software Security"

Auch ohne Registrierung können Beiträge in diesem Unterforum geschrieben werden.

Antwort erstellen

Bitte gib deine E-Mail-Adresse an, demit du nachträglich Updates zu deinem Post hinzufügen kannst.

:D :) :( :o :shock: :? 8) :lol: :x :P :oops: :cry: :evil: :twisted: :roll: :wink: :!: :?: :idea: :arrow: :| :mrgreen:

BBCode ist eingeschaltet
[img] ist eingeschaltet
[flash] ist ausgeschaltet
[url] ist eingeschaltet
Smilies sind eingeschaltet

Die letzten Beiträge des Themas

Ansicht erweitern Die letzten Beiträge des Themas: Master/Bachelor-arbeiten im Bereich "Software Security"

Master/Bachelor-arbeiten im Bereich "Software Security"

von nik_alexo » 30. Aug 2019 13:34

Two topics are available on quantitative analysis of open-source software security. Specifically, we will look into several interesting attributes of vulnerabilities affecting software that is distributed in Debian GNU/Linux. We are looking for Linux-native people with knowledge/experience on security (showcased by lectures etc.) and great motivation for high-impact research.

Topic 1: "Milk or Wine"
Back in 2006 Ozment and Schechter [USENIX Sec.'06] counted the age and lifetime of vulnerabilities in the OpenBSD kernel and concluded that it matures like wine, meaning it becomes better with age. We want to reproduce their study on a much bigger scale, for all packages of Debian GNU/Linux. This will require developing a tool that can pinpoint which version of the software was the first that contained a given vulnerability. Nguyen, Dashevskyi & Massacci [ESE'16] developed such a method in a smaller scale...

Topic 2: "What can static analysis tell us?"
Edwards and Chen [CCS'12] showed some correlation between the number of issues flagged by static analysis tools and vulnerabilities discovered later. We want to investigate this hypothesis on a much bigger scale. We also want to find out which static analysis tools perform best by comparing a selection of them on our dataset.

Contact: Nikolaos Alexopoulos (alexopoulos at

Nach oben