James Walker
Steve Carr
ABSTRACT
This paper describes a pedagogical system to visualize program execution.1 The visualization is designed to help students understand how to develop more secure and robust C programs. The system provides several perspectives on the execution including: the values of registers and the logical address space, a call graph, the file descriptor and inode tables, and the handling of sensitive data like passwords and keys. These visualizations are designed to help students understand fundamental concepts such as: buffer overflows, integer overflows, proper handling of sensitive data and application of the principle of least privilege in several contexts including file operations, secure SUID programming, and use and management of the process environment.
- Intel Software. Pin - a dynamic binary instrumentation tool. https://software.intel.com/en-us/articles/pin-a-dynamic-binary-instrumentation-tool, 2017. {Online; accessed 10-Mar-2017}.Google Scholar
Index Terms
Visualization for Secure Coding in C
Recommendations
A Model and Framework for Visualization Exploration
Visualization exploration is the process of extracting insight from data via interaction with visual depictions of that data. Visualization exploration is more than presentation; the interaction with both the data and its depiction is as important as ...
Interactive visualization for OLAP
Business data collection is growing exponentially in recent years. A variety of industries and businesses have adopted new technologies of data storages such as data warehouses. On Line Analytical Processing (OLAP) has become an important tool for ...
Combining static and dynamic data in code visualization
The task of developing, tuning, and debugging compiler optimizations is a difficult one which can be facilitated by software visualization. There are many characteristics of the code which must be considered when studying the kinds of optimizations ...
Comments