Characteristic Classification and Correlational Analysis of Source-level Vulnerabilities in Linux Kernel |
Ko Kwangsun
(Sungkyunkwan University)
Jang In-Sook (National Security Research Institute) Kang Yong-hyeog (Far East University) Lee Jin-Seok (National Security Research Institute) Eom Young Ik (Sungkyunkwan University) |
1 | B. Marick, 'A survey of software fault surveys,' Technical Report UIUCDCSR90- 1651, University of Illinois at Urbana-Chamaign, Dec. 1990 |
2 | K. Jiwnani and M. Zelkowitz, 'Maintaining Software with a Security Perspective,' International Conference on Software Maintenance (ICSM'02), Montreal, Quebec, Canada, Oct. 03-06, 2002 |
3 | http://www.garlic.com/~lynn/secure.htm |
4 | B. Marick, 'A survey of software fault surveys', Technical Report UIUCDCS -R-90-1651, University of Illinois at Urbana-Champaign, Dec. 1990 |
5 | R. Chillarege, 'ODC for Process Measurement, Analysis and Control,' Proc. of the Fourth International Conference on Software Quality, ASQC Software Division, McLean, VA, USA, Oct. 3-5, 1994 |
6 | R. Chillarege, I. S. Bhandari, J. K. Chaar, M. J. Halliday, D. S. Moebus, B. K. Ray, Man-Yuen Wong, 'Orthogonal Defect Classification - A Concept for In-Process Measurements,' IEEE Transactions on Software Engineering, Vol. 18, No. 11, Nov. 1992 |
7 | M. Bishop, 'A Taxonomy of UNIX System and Network Vulnerabilities,' Technical Report CSE-95-10, Purdue University, May 1995 |
8 | 박태규, 임연호, '커널 기반의 보안 리눅스 운영체제 구현,' 한국정보보호학회, 정보보호학회 논문지, Vol. 11, No. 4, Aug. 2001 |
9 | W. Du and A. P. Mathur, 'Categorization of Software Errors that led to Security Breaches,' Proc. of the 21st National Information Systems Security Conference (NISSC'98), Crystal City, VA, USA, 1998 |
10 | T. Aslam, 'A taxonomy of Security Faults in the Unix Operating System,' M.S. Thesis, Purdue University, 1995 |
11 | http://www.securityfocus.com |
12 | D. P. Bovet and M. Cesati, Understanding the Linux Kernel 2nd Ed., O'REILLY |
13 | C. E. Landwehr, A. R. Bull, J. P. McDermott, and W. S. Choi, 'A Taxonomy of Computer Program Security Flaws,' ACM Computing Surveys, Vol. 26, No. 3, 1994 |
14 | A. Rubini and J. Corbet, Linux Device Drivers 2nd Ed., O'REILLY |
15 | T. Aslam, 'Use of a taxonomy of Security Faults,' Technical Report 96-05, COAST Laboratory, Department of Computer Science, Purdue University, Mar. 1996 |