Proposal Revised
Members: Dan Crowley, Raajiv Rekha, Kyle Ross
Project: Source Code Vulnerability Analysis Engine A.K.A. GRaTS (Graphical RATS and Taint Scanner)
Description:
- Combines several vulnerability analysis techniques
- Taint analysis
- Static code analysis
- Manual code review
- Locates points of user input
- Traces potentially tainted variables through code
- Scans only relevant portions of code for potential vulnerabilities
- Using a Graphical User Interface to present:
- Time-line of variables
- Level of threat (if any) and extra information on the threat
- Location within program
- Time-line of variables allows a security professional to manually scan the source code for vulnerabilities
page revision: 0, last edited: 17 Jun 2009 15:46