• DocumentCode
    3672897
  • Title

    An Open Source Code Analyzer and Reviewer (OSCAR) Framework

  • Author

    Simon Tjoa;Patrick Kochberger;Christoph Malin;Andreas Schmoll

  • Author_Institution
    Inst. for IT Security Res., St. Poelten Univ. of Appl. Sci., St. Poelten, Austria
  • fYear
    2015
  • Firstpage
    511
  • Lastpage
    515
  • Abstract
    Due to the intense usage of IT and the growing number of fields of application, we rely more than ever on functional software components. In conjunction with this development it could be observed that in the last years the popularity of open source software was on the rise for various reasons. However, in the recent past, serious vulnerabilities have been discovered. In order to support open source developers testing their source code for security bugs, in this paper, we present the idea of a framework which combines existing open source security checkers. After presenting the architecture of the framework we demonstrate the functionality of the framework using the vulnerable application Web Goat.
  • Keywords
    "Java","Security","Databases","Open source software","Testing","Prototypes"
  • Publisher
    ieee
  • Conference_Titel
    Availability, Reliability and Security (ARES), 2015 10th International Conference on
  • Type

    conf

  • DOI
    10.1109/ARES.2015.36
  • Filename
    7299959
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3672897