Tutorial at ISSRE 2018

From Software Security Assessment to Security Benchmark

Tutorial at ISSRE 2018  ·  Memphis, TN, USA  ·  Oct 2018  ·  with N. Antunes

Security assessment and security benchmarking are related but distinct activities: assessment tells you how secure a specific system is; benchmarking tells you how systems compare. This tutorial bridges the two, showing how rigorous assessment methodology can be lifted into a reusable benchmark.

Presented by Marco Vieira and Nuno Antunes at ISSRE 2018, the tutorial covers the core ingredients of a security benchmark (workloads, fault models, metrics, and experimental procedures) and walks through concrete examples drawn from web application and web service security. Attendees leave with a practical framework for turning their own assessment work into reproducible, shareable benchmarks.

  Download Slides
Marco's RA (Online)
Hi! I'm Marco Vieira's designated Research Assistant. I'm supposed to answer your questions but I really need to finish running this simulation script. What do you need?