STATIC CODE ANALYSIS TOOLS FOR DETECTING BROKEN AUTHENTICATION USING GRAPH REPRESENTATION
In software development, many stages must be passed starting from problem identification, design, implementation, testing, and maintenance. At the implementation stage, the source code will be written by the needs obtained at the time of problem identification. At the time of implementation, ther...
Saved in:
| Main Author: | |
|---|---|
| Format: | Final Project |
| Language: | Indonesia |
| Online Access: | https://digilib.itb.ac.id/gdl/view/56177 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Institut Teknologi Bandung |
| Language: | Indonesia |
| id |
id-itb.:56177 |
|---|---|
| spelling |
id-itb.:561772021-06-21T14:20:57ZSTATIC CODE ANALYSIS TOOLS FOR DETECTING BROKEN AUTHENTICATION USING GRAPH REPRESENTATION Ramadhan Syah Khair, Farhan Indonesia Final Project static code analysis, vulnerability, Broken Authentication, graph, software development. INSTITUT TEKNOLOGI BANDUNG https://digilib.itb.ac.id/gdl/view/56177 In software development, many stages must be passed starting from problem identification, design, implementation, testing, and maintenance. At the implementation stage, the source code will be written by the needs obtained at the time of problem identification. At the time of implementation, there could be an error in writing the source code which could lead to vulnerability that could harm users and developers. Therefore, a static code analysis tool was created which aims to detect security defect during software development. This final project aims to build a static code analysis tool to detect Broken Authentication. This tool will transform source code into a Control-Flow Graph (CFG) with help of Data Flow so that it can make it easier to search for vulnerability. The node formed from the CFG will be typed by the tool to determine whether a security vulnerability can occur or not. The result of this final project is a security vulnerability detection tool in the Flask application. This tool that has been built has been tested on 14 Flask open-source projects and 1 dummy project which previously had a manual analysis carried out first to determine whether there was a cause of security holes and this tool was able to find the vulnerability that had been analyzed well. There was 1 false positive found in tool, it occurred because tool had not been able to handle some cases that were not common or were outside the scope of tool. Further studies are needed to be able to make tools independent of the framework in search for security vulnerabilities. Tools can also be developed for other types of vulnerable. text |
| institution |
Institut Teknologi Bandung |
| building |
Institut Teknologi Bandung Library |
| continent |
Asia |
| country |
Indonesia Indonesia |
| content_provider |
Institut Teknologi Bandung |
| collection |
Digital ITB |
| language |
Indonesia |
| description |
In software development, many stages must be passed starting from problem
identification, design, implementation, testing, and maintenance. At the
implementation stage, the source code will be written by the needs obtained at the
time of problem identification. At the time of implementation, there could be an
error in writing the source code which could lead to vulnerability that could harm
users and developers. Therefore, a static code analysis tool was created which aims
to detect security defect during software development.
This final project aims to build a static code analysis tool to detect Broken
Authentication. This tool will transform source code into a Control-Flow Graph
(CFG) with help of Data Flow so that it can make it easier to search for
vulnerability. The node formed from the CFG will be typed by the tool to determine
whether a security vulnerability can occur or not. The result of this final project is
a security vulnerability detection tool in the Flask application. This tool that has
been built has been tested on 14 Flask open-source projects and 1 dummy project
which previously had a manual analysis carried out first to determine whether there
was a cause of security holes and this tool was able to find the vulnerability that had
been analyzed well. There was 1 false positive found in tool, it occurred because
tool had not been able to handle some cases that were not common or were outside
the scope of tool.
Further studies are needed to be able to make tools independent of the framework
in search for security vulnerabilities. Tools can also be developed for other types of
vulnerable. |
| format |
Final Project |
| author |
Ramadhan Syah Khair, Farhan |
| spellingShingle |
Ramadhan Syah Khair, Farhan STATIC CODE ANALYSIS TOOLS FOR DETECTING BROKEN AUTHENTICATION USING GRAPH REPRESENTATION |
| author_facet |
Ramadhan Syah Khair, Farhan |
| author_sort |
Ramadhan Syah Khair, Farhan |
| title |
STATIC CODE ANALYSIS TOOLS FOR DETECTING BROKEN AUTHENTICATION USING GRAPH REPRESENTATION |
| title_short |
STATIC CODE ANALYSIS TOOLS FOR DETECTING BROKEN AUTHENTICATION USING GRAPH REPRESENTATION |
| title_full |
STATIC CODE ANALYSIS TOOLS FOR DETECTING BROKEN AUTHENTICATION USING GRAPH REPRESENTATION |
| title_fullStr |
STATIC CODE ANALYSIS TOOLS FOR DETECTING BROKEN AUTHENTICATION USING GRAPH REPRESENTATION |
| title_full_unstemmed |
STATIC CODE ANALYSIS TOOLS FOR DETECTING BROKEN AUTHENTICATION USING GRAPH REPRESENTATION |
| title_sort |
static code analysis tools for detecting broken authentication using graph representation |
| url |
https://digilib.itb.ac.id/gdl/view/56177 |
| _version_ |
1822930121430925312 |