This thesis endeavors to determine the feasibility of design metrics as a predictor
of attack surface size by finding a positive correlation between one or more design
metrics and an application’s attack surface measurement. An attack surface is the set of
ways in which an adversary can enter a system and potentially cause damage. For an
experimental setting, six open-source java-based projects were analyzed. For each
project, the attack surface is assessed using Microsoft’s Attack Surface Analyzer, which takes a snapshot of a system state before and after the installation of product(s) and displays the changes to a number of key elements of the Windows attack surface. A collection of design metrics was collected from each open-source project as well. The goal is to find a metric or set of metrics that predicted the attack surface changes identified by the Attack Surface Analyzer. / Department of Computer Science
| Identifer | oai:union.ndltd.org:BSU/oai:cardinalscholar.bsu.edu:123456789/195941 |
| Date | 05 May 2012 |
| Creators | Meek, Joshua A. |
| Contributors | Zage, Wayne M. |
| Source Sets | Ball State University |
| Detected Language | English |
Page generated in 0.002 seconds