PORTALE DELLA DIDATTICA

Ricerca CERCA
  KEYWORD

Evaluation of Static Security Analysis Tools on Open-Source Distributed Applications

keywords JAVA, SECURITY ANALISYS, VULNERABILITY ANALYSIS

Reference persons RICCARDO SISTO

Research Groups COMPUTER NETWORKS GROUP - NETGROUP, DAUIN - GR-03 - COMPUTER NETWORKS GROUP - NETGROUP, GR-03 - COMPUTER NETWORKS GROUP - NETGROUP, NETGROUP

Thesis type THEORETICAL/EXPERIMENTAL

Description  Static Security Alaysis tools are becoming more and more common practice in the development of distributed applications. The thesis aims at performing an evaluation of some static security analysis tools, by applying them to a collection of open-source distributed applications. While today some benchmarks already exist, they are not well aligned with the most recent web development techniques. The work of the candidate will consist in identifying some relevant, modern, open-source projects to be used as bechmarks. Then, the candidate will experiment some of the static analysis tools on these projects and collect results about their performance, according to the OWASP evaluation methodology.
The candidate should have good programming skills in Java and in web programming. Basic knowledge of static security analysis tools is also useful to get started more rapidly. Taking this thesis the candidate will get more skilled in the use of static security analysis tools for distributed applications.

Required skills Programmazione Java, Reti di Calcolatori, Cybersecurity


Deadline 19/10/2021      PROPONI LA TUA CANDIDATURA