|
Article information
2026 , Volume 31, ¹ 3, p.114-127
Lapina M.A., Sajid M., Koronskiy A.A., Lapin V.G.
Use of dynamic application security testing for error detection in the program complex
This article studies the principles of software analysis, focusing on dynamic analysis for detecting sensitive data vulnerabilities. The paper describes main analysis principles, their operational of specifics, advantages, disadvantages, and detectable vulnerability types. It also examines code analysis methods used in software development, their features, and pros and cons. Based on these principles and methods, the study applies dynamic analysis of sensitive data to the Debian operating system with an embedded vulnerability and the PyCharm Python development environment. The analysis tool is the Lure dynamic analyzer, developed by the Institute of System Programming of the Russian Academy of Sciences, Moscow. The aim of this study is examine software analysis methods and test real software to detect vulnerabilities related to sensitive data leak. The method involves use testing software products using the Lure dynamic analysis tool. The result includes an analysis of Debian with an artificial vulnerability, an analysis of PyCharm, and a classification of the detected vulnerabilities by criticality level.
Keywords: code analysis, detecting errors, the white-box testing method, the black-box testing method, the grey-box testing method, operating system, Debian, Lure, sensitive data
Author(s): Lapina Maria Anatolyevna PhD. , Associate Professor Position: Associate Professor Office: North Caucasus Federal University, Faculty of Mathematics and Computer Science named after Professor N.I. Chervyakov Address: 355017, Russia, Stavropol, Pushkin Str., 1
E-mail: mlapina@ncfu.ru SPIN-code: 5472-6001Sajid Mohammad PhD. , Associate Professor Office: Aligarh University Address: 202001, India, Aligarh, Pushkin Str., 1
E-mail: sajid.cst@gmail.com Koronskiy Anton Alexandrovich Position: Student Office: North Caucasus Federal University, Faculty of Mathematics and Computer Science named after Professor N.I. Chervyakov Address: 355017, Russia, Stavropol, Pushkin Str., 1
E-mail: anton.koronskiy@gmail.com Lapin Vitaly Gennadievich PhD. , Associate Professor Position: Associate Professor Office: North Caucasus Federal University, Faculty of Mathematics and Computer Science named after Professor N.I. Chervyakov Address: 355017, Russia, Stavropol, Pushkin Str., 1
E-mail: vitlx@yandex.ru SPIN-code: 1980-1824 Bibliography link: Lapina M.A., Sajid M., Koronskiy A.A., Lapin V.G. Use of dynamic application security testing for error detection in the program complex // Computational technologies. 2026. V. 31. ¹ 3. P. 114-127
|