James W. Walker, Jean Mayo, Ching-Kuang Shene, S. Carr
{"title":"Visualization for Secure Coding in C","authors":"James W. Walker, Jean Mayo, Ching-Kuang Shene, S. Carr","doi":"10.1145/3059009.3072990","DOIUrl":null,"url":null,"abstract":"This paper describes a pedagogical system to visualize program execution.1 The visualization is designed to help students understand how to develop more secure and robust C programs. The system provides several perspectives on the execution including: the values of registers and the logical address space, a call graph, the file descriptor and inode tables, and the handling of sensitive data like passwords and keys. These visualizations are designed to help students understand fundamental concepts such as: buffer overflows, integer overflows, proper handling of sensitive data and application of the principle of least privilege in several contexts including file operations, secure SUID programming, and use and management of the process environment.","PeriodicalId":174429,"journal":{"name":"Proceedings of the 2017 ACM Conference on Innovation and Technology in Computer Science Education","volume":"39 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-06-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 2017 ACM Conference on Innovation and Technology in Computer Science Education","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3059009.3072990","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 1
Abstract
This paper describes a pedagogical system to visualize program execution.1 The visualization is designed to help students understand how to develop more secure and robust C programs. The system provides several perspectives on the execution including: the values of registers and the logical address space, a call graph, the file descriptor and inode tables, and the handling of sensitive data like passwords and keys. These visualizations are designed to help students understand fundamental concepts such as: buffer overflows, integer overflows, proper handling of sensitive data and application of the principle of least privilege in several contexts including file operations, secure SUID programming, and use and management of the process environment.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
