A Software Engineering Approach for Vulnerability Analysis
Due to the increasing dependency on networked computer system, it is important to make a network reliable and dependent. This is even more relevant as new threats of attack are constantly being revealed, compromising the security of systems. This paper addresses this problem by presenting an attack injection methodology for the automatic discovery of vulnerabilities in software components. The proposed methodology, implemented in XDoS & TCP/IP, follows an approach similar to hackers and security analysts to discover vulnerabilities in network-connected servers. To assess the usefulness of this approach, several attack injections are made in POP and IMAP servers.