A framework for development of runtime monitors

Author

Dharam, Ramya ; Shiva, Sajjan G.

Author_Institution

Dept. of Comput. Sci., Univ. of Memphis, Memphis, TN, USA

Volume

2

fYear

2012

fDate

12-14 June 2012

Firstpage

953

Lastpage

957

Abstract

Software Testing is the process used to assure the correctness, completeness, performance, security and reliability of the software. Different software testing techniques are used during pre-deployment phase of the software. But, these do not ensure that all possible behaviors of implementation are analyzed, executed and tested. Because of the incomplete assurance from the testing methodology, software can sometimes behave very differently during the post-deployment phase. This is termed as software anomaly and they are caused mostly by external attacks such as SQL injection, cross-site scripting, path-traversal attack, etc. To detect such anomalies and to ensure the security and reliability of software during the post-deployment phase, a technique known as runtime monitoring can be used. This paper presents a framework for the development of runtime monitors to accomplish post-deployment monitoring of software to detect and prevent path traversal attack.

Keywords

SQL; program testing; security of data; software performance evaluation; software reliability; system monitoring; SQL injection; cross-site scripting; external attacks; path traversal attack prevention; path-traversal attack; postdeployment software monitoring; runtime monitoring; runtime monitors; software anomaly; software postdeployment phase; software predeployment phase; software reliability; software security; software testing techniques; Games; Java; Monitoring; Runtime; Security; Software; Testing;

fLanguage

English

Publisher

ieee

Conference_Titel

Computer & Information Science (ICCIS), 2012 International Conference on

Conference_Location

Kuala Lumpeu

Print_ISBN

978-1-4673-1937-9

Type

conf

DOI

10.1109/ICCISci.2012.6297163

Filename

6297163