Abstract
Most software development companies conduct in-house testing of their code prior to releasing their product, yet software vulnerabilities are still found every single day in the most prevalent of applications. Memory corruption vulnerabilities are amongst the most difficult to detect, but can be the most dangerous. This research presents both an effective taxonomy of these vulnerabilities, which can be used to identify software threats and a methodology to maximize the number of memory corruption vulnerabilities that are identified during software testing. A means of cataloguing such vulnerabilities was required: As design patterns were already familiar to software engineers the use of a pattern language seemed appropriate, particularly as the solution to the vulnerabilities lay in the software engineering domain.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Chen S, Xu J, Nakka N, Kalbarczyk Z, Iyer RK. Defeating memory corruption attacks via pointer taintedness detection. In: IEEE international conference on dependable systems and networks (DSN). 2005;. doi:10.1109/DSN.2005.36.
Klein T. A bug hunter’s diary: a guided tour through the wilds of software security. San Francisco, CA: No Starch Press; 2011.
Gamma E, Helm R Johnson. Design patterns: elements of reusable object-oriented software. Reading, Mass: Addison-Wesley; 1995.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this chapter
Cite this chapter
Walker, N., Coull, N., Ferguson, I., Milne, A. (2014). A Method for Resolving Security Vulnerabilities Through the Use of Design Patterns. In: Blackwell, C., Zhu, H. (eds) Cyberpatterns. Springer, Cham. https://doi.org/10.1007/978-3-319-04447-7_12
Download citation
DOI: https://doi.org/10.1007/978-3-319-04447-7_12
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-04446-0
Online ISBN: 978-3-319-04447-7
eBook Packages: Computer ScienceComputer Science (R0)