Please use this identifier to cite or link to this item: https://hdl.handle.net/11147/3039
Full metadata record
DC FieldValueLanguage
dc.contributor.advisorTuğlular, Tuğkanen
dc.contributor.authorTopuz, Bertan-
dc.date.accessioned2014-07-22T13:50:46Z-
dc.date.available2014-07-22T13:50:46Z-
dc.date.issued2010en
dc.identifier.urihttp://hdl.handle.net/11147/3039-
dc.descriptionThesis (Master)--Izmir Institute of Technology, Computer Engineering, Izmir, 2010en
dc.descriptionIncludes bibliographical references (leaves: 57-60)en
dc.descriptionText in English Abstract: Turkish and Englishen
dc.descriptionix, 77 leavesen
dc.description.abstractThe scope of this thesis is to enhance a static analysis tool in order to find security limitations in java applications. This will contribute to the removal of some of the existing limitations related with the lack of java source codes. The generally used tools for a static analysis are FindBugs, Jlint, PMD, ESC/Java2, Checkstyle. In this study, it is aimed to utilize PMD static analysis tool which already has been developed to find defects Possible bugs (empty try/catch/finally/switch statements), Dead code (unused local variables, parameters and private methods), Suboptimal code (wasteful String/StringBuffer usage), Overcomplicated expressions (unnecessary if statements for loops that could be while loops), Duplicate code (copied/pasted code means copied/pasted bugs). On the other hand, faults possible unexpected exception, length may be less than zero, division by zero, stream not closed on all paths and should be a static inner class cases were not implemented by PMD static analysis tool. PMD performs syntactic checks and dataflow analysis on program source code.In addition to some detection of clearly erroneous code, many of the .bugs. PMD looks for are stylistic conventions whose violation might be suspicious under some circumstances. For example, having a try statement with an empty catch block might indicate that the caught error is incorrectly discarded. Because PMD includes many detectors for bugs that depend on programming style, PMD includes support for selecting which detectors or groups of detectors should be run. While PMD.s main structure was conserved, boundary overflow vulnerability rules have been implemented to PMD.en
dc.language.isoenen_US
dc.publisherIzmir Institute of Technologyen
dc.rightsinfo:eu-repo/semantics/openAccessen_US
dc.subject.lcshJava (Computer program language)en
dc.subject.lcshComputer securityen
dc.titleDevelopment of a static analysis tool to find securty vulnerabilities in java applicationsen_US
dc.typeMaster Thesisen_US
dc.institutionauthorTopuz, Bertan-
dc.departmentThesis (Master)--İzmir Institute of Technology, Computer Engineeringen_US
dc.relation.publicationcategoryTezen_US
item.openairetypeMaster Thesis-
item.openairecristypehttp://purl.org/coar/resource_type/c_18cf-
item.fulltextWith Fulltext-
item.languageiso639-1en-
item.cerifentitytypePublications-
item.grantfulltextopen-
Appears in Collections:Master Degree / Yüksek Lisans Tezleri
Files in This Item:
File Description SizeFormat 
T000185.pdfMasterThesis1.02 MBAdobe PDFThumbnail
View/Open
Show simple item record



CORE Recommender

Page view(s)

124
checked on Mar 25, 2024

Download(s)

246
checked on Mar 25, 2024

Google ScholarTM

Check





Items in GCRIS Repository are protected by copyright, with all rights reserved, unless otherwise indicated.