STATIC CODE ANALYSIS TOOLS FOR DETECTING BROKEN AUTHENTICATION USING GRAPH REPRESENTATION

STATIC CODE ANALYSIS TOOLS FOR DETECTING BROKEN AUTHENTICATION USING GRAPH REPRESENTATION

In software development, many stages must be passed starting from problem identification, design, implementation, testing, and maintenance. At the implementation stage, the source code will be written by the needs obtained at the time of problem identification. At the time of implementation, ther...

Full description

Saved in:
Bibliographic Details
Main Author: Ramadhan Syah Khair, Farhan
Format: Final Project
Language:Indonesia
Online Access:https://digilib.itb.ac.id/gdl/view/56177
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Institut Teknologi Bandung
Language: Indonesia
Description
Summary:In software development, many stages must be passed starting from problem identification, design, implementation, testing, and maintenance. At the implementation stage, the source code will be written by the needs obtained at the time of problem identification. At the time of implementation, there could be an error in writing the source code which could lead to vulnerability that could harm users and developers. Therefore, a static code analysis tool was created which aims to detect security defect during software development. This final project aims to build a static code analysis tool to detect Broken Authentication. This tool will transform source code into a Control-Flow Graph (CFG) with help of Data Flow so that it can make it easier to search for vulnerability. The node formed from the CFG will be typed by the tool to determine whether a security vulnerability can occur or not. The result of this final project is a security vulnerability detection tool in the Flask application. This tool that has been built has been tested on 14 Flask open-source projects and 1 dummy project which previously had a manual analysis carried out first to determine whether there was a cause of security holes and this tool was able to find the vulnerability that had been analyzed well. There was 1 false positive found in tool, it occurred because tool had not been able to handle some cases that were not common or were outside the scope of tool. Further studies are needed to be able to make tools independent of the framework in search for security vulnerabilities. Tools can also be developed for other types of vulnerable.

Similar Items