[Review] Evaluation of Static Vulnerability Detection Tools with Java Cryptographic API Benchmarks

[Review] Evaluation of Static Vulnerability Detection Tools with Java Cryptographic API Benchmarks

Link here

The paper assesses the performance of the current static vulnerability detection tools in the era of Java cryptographic API misuse.

Main contributions:

  • provide two benchmarks: CryptoAPI-Bench, ApacheCryptoAPI-Bench.
    • CryptoAPI-Bench consists of 181 test cases covering 16 types of Cryptographic and SSL/TLS API misuse vulnerabilities, with basic level and advanced level.
    • ApacheCryptoAPI-Bench documents the API misuse vulnerabilities from 10 real-world Apache projects. This benchmark is for checking the scalability(the ability to induce low computational overhead to analyze large code-bases) of the detection tool.
  • evaluate four static analysis tools based on the two proposed benchmarks: specialized tools(CryptoGuard, CrySL), general purpose tools(SpotBugs, Coverity).
Read more
[Review] Automatic Detection of Java Cryptographic API Misuses: Are We There Yet?

[Review] Automatic Detection of Java Cryptographic API Misuses: Are We There Yet?

Link here

A large study of Java cryptographic API misuse.

Two main contributions are made:

  1. evaluate the effectiveness of existing cryptographic API misuse detection tools.
  2. conduct a study with the developers, measuring the real-world performance of detectors.

Introduction:

JCA (Java Cryptography Architecture), JSSE (Java Secure Socket Extension).

Java cryptographic API misuses are common, which may cause a extensive security problems.

13 Java types frequently mentioned in the API-misuse patterns.

Read more
[Review] Whole Test Suite Generation

[Review] Whole Test Suite Generation

Link here

The paper presents a Genetic Algorithm(GA) in which whole test suites are evolved with the aim of covering all coverage goals at the same time.

  • Whole test suite generation achieves higher coverage than single branch test case generation.
  • Whole test suite generation produces smaller test suites than single branch test case generation.

http://www.evosuite.org

Background:

  • Current work only target at one coverage goal at a time.
  • Engineers should manually write assertion for every test case, so the length of the test case should be as short as possible(after satisfying the coverage prerequisite).
Read more