1 |
Gary McGraw, Software Security: Building Security In, Addison-Wesley, Boston, Massachusetts, 2006.
|
2 |
John Viega, Gary MaGraw, Software Security: How to Avoid Security Problems the Right Way, Addison-Wesley, Boston, Massachusetts, 2006.
|
3 |
Common Weakness Enumeration(CWE): A community-Developed Dictionary of Software Weakness Types, http://cwe.mitre.org/, 2009.
|
4 |
J. McManus and D. Mohindra, The CERT Sun Microsystems Secure Coding Standard for Java, https://www.securecoding.cert.org/ confluence/pages/viewpage.action?pageId= 34669015/, 2009.
|
5 |
Roberta Cozza, Carolina Milanesi, Anshul Gupta, Hugues J. De La Vergne, Annette Zimmermann, CK Lu, Atsuro Sato, and Tuong Huy Nguyen, Competitive Landscape: Mobile Devices, Worldwide, 3Q10, Gartner Inc., Stamford, Connecticut, 2010.
|
6 |
H. Chen and D. Wagner, "MOPS: an Infrastructure for Examining Security Properties of Software," Proc. of the 9th ACM Conference on Computer and Communications Security, pp.235-244, 2002.
|
7 |
Fortify Software Inc., Fortify Source Code Analysis(SCA), http://www.fortify.com/products/ sca/, 2009.
|
8 |
Coverity, Inc., Coverity Static Analysis, http:// www.coverity.com/products/static-analysis. html, 2009.
|
9 |
FindBugs, http://findbugs.sourceforge.net/, 2012.
|
10 |
PMD, http://pmd.sourceforge.net/pmd-5.0.0/, 2012.
|
11 |
Jiwoo Park, Yunsik Son, Seokhoon Ko, and Seman Oh, "Design of A Compiler with Secure Coding Rules for Secure Software," CSIT2009, pp. 179-183, 2009.
|
12 |
Jiwoo Park, Yunsik Son, and Seman Oh, "Weakness Analysis Techniques for Mobile Applications," ICCCIT2011, pp. 50-55, 2011.
|
13 |
Yunsik Son and Seman Oh, "Design and Implementation of a Compiler with Secure Coding Rules for Secure Mobile Applications," International Journal of Security and Its Applications, Vol.6, No.4, pp. 201-206, 2012.
|
14 |
문일룡, 오세만, "모바일 애플리케이션을 위한 취약점 분석기의 설계 및 구현," 멀티미디어학회논문지, 제14권, 제10호, pp. 1335-1347, 2011.
|
15 |
Cigital, Cigital Java Security Rulepack, http:// www.cigital.com/securitypack/view/index. html, 2009.
|
16 |
Katrina Tsipenyuk, Brian Chess, and Gary McGraw, "Seven Pernicious Kingdoms: A Taxonomy of Software Security Errors," IEEE Security & Privacy, Vol.3, No.6, pp. 81-84, 2005.
DOI
|
17 |
최윤희, 최은만, "안티 패턴 기반의 정적 분석을 이용한 안드로이드 어플리케이션 취약점 분석," 정보과학회논문지: 컴퓨팅의 실제 및 레터, 제18 권, 제4호, pp. 316-320, 2012.
|
18 |
AppPerfect, http://www.appperfect.com, 2012.
|
19 |
소프트웨어 개발보안(시큐어 코딩) 가이드, 행정안전부, 2012.
|