Accession Number:

ADA589062

Title:

Vulnerability Assessment of Open Source Wireshark and Chrome Browser

Descriptive Note:

Final rept. Nov 2009-Jan 2013

Corporate Author:

WISCONSIN UNIV MADISON

Personal Author(s):

Report Date:

2013-08-01

Pagination or Media Count:

19.0

Abstract:

The objective of this effort was to conduct an in-depth vulnerability assessment of the Wireshark network protocol monitoring system. An in-depth assessment using First Principles Vulnerability Assessment FPVA methodology was performed that produced architectural, resource, privilege and trust analyses of the code, which, in turn, identified several verified security vulnerabilities. In addition, a similar analysis on the Google ChromeChromium web browser was performed, producing similar products and a vulnerability report. Other accomplishments included new work on tools to speed the task of analyst-driven vulnerability assessment of code, new techniques for statically analyzing source code for defects, and useful collaborations with industry and academia.

Subject Categories:

  • Computer Systems Management and Standards

Distribution Statement:

APPROVED FOR PUBLIC RELEASE