A method for resolving security vulnerabilities through the use of design patterns

Nick Walker, Natalie J. Coull, R. Ian Ferguson, Allan Milne

Research output: Chapter in Book/Report/Conference proceedingChapter

1 Citation (Scopus)

Abstract

Most software development companies conduct in-house testing of their code prior to releasing their product, yet software vulnerabilities are still found every single day in the most prevalent of applications. Memory corruption vulnerabilities are amongst the most difficult to detect, but can be the most dangerous. This research presents both an effective taxonomy of these vulnerabilities, which can be used to identify software threats and a methodology to maximize the number of memory corruption vulnerabilities that are identified during software testing. A means of cataloguing such vulnerabilities was required: As design patterns were already familiar to software engineers the use of a pattern language seemed appropriate, particularly as the solution to the vulnerabilities lay in the software engineering domain.
Original languageEnglish
Title of host publicationCyberpatterns
Subtitle of host publicationunifying design patterns with wecurity and attack patterns
EditorsClive Blackwell, Hong Zhu
Place of PublicationLondon
PublisherSpringer International Publishing
Chapter12
Pages149-155
Number of pages7
ISBN (Electronic)9783319044477
ISBN (Print)9783319044460, 9783319352183
DOIs
Publication statusPublished - 14 May 2014

Fingerprint Dive into the research topics of 'A method for resolving security vulnerabilities through the use of design patterns'. Together they form a unique fingerprint.

  • Cite this

    Walker, N., Coull, N. J., Ferguson, R. I., & Milne, A. (2014). A method for resolving security vulnerabilities through the use of design patterns. In C. Blackwell, & H. Zhu (Eds.), Cyberpatterns: unifying design patterns with wecurity and attack patterns (pp. 149-155). Springer International Publishing. https://doi.org/10.1007/978-3-319-04447-7_12