Date of Award
5-1-2013
Degree Name
Doctor of Philosophy
Department
Computer Science
First Advisor
Zargham, Mehdi
Abstract
Security vulnerabilities pose a real threat to computing systems ranging from personal computers to mobile devices and critical systems. Quantification and prediction of vulnerabilities allows us to compare systems, orient and plan to mitigate vulnerabilities, and design reliable and secure systems. In this dissertation, the software Vulnerability Discovery Models (VDMs) are studied and it is illustrated that they cannot provide accurate vulnerability prediction even with large amount of historical vulnerability data. We then propose and study a scheme that incorporates software properties such as compliance with secure coding rules and code complexity measures to provide vulnerability prediction without reliance on historical data. The new scheme is evaluated by testing it on real-world software applications and comparing it with existing VDMs. The new scheme applies to C/C++ applications. In addition, the study is extended by developing and evaluating a scheme to measure and quantify the impact of protocol vulnerabilities. In this framework, simulation is used to analyze various protocol configurations and provide recommendations for secure configurations of Virtual Private Networks (VPNs). The evaluation results illustrate that the new schemes can accurately quantify software and protocol vulnerabilities.
Access
This dissertation is only available for download to the SIUC community. Current SIUC affiliates may also access this paper off campus by searching Dissertations & Theses @ Southern Illinois University Carbondale from ProQuest. Others should contact the interlibrary loan department of your local library or contact ProQuest's Dissertation Express service.