Static Techniques for Vulnerability Detection

نویسندگان

Kamran Zafar

Asad Ali

چکیده

Software vulnerabilities provide a way to an attacker as vulnerabilities are the well-known and well understood flaws by the carelessness of developer of the software. For example buffer overflow and format string vulnerabilities are most common and well known class of vulnerabilities. In order to identify these vulnerabilities a comprehensive analysis is required to develop some standard solutions against vulnerabilities.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Using Testing Techniques for Vulnerability Detection in C Programs

This paper presents a technique for vulnerability detection in C programs. It is based on a vulnerability formal model called “Vulnerability Detection Conditions" (VDCs). This model is used together with passive testing techniques for the automatic detection of vulnerabilities. The proposed technique has been implemented in a dynamic code analysis tool, TestInv-Code, which detects the presence ...

متن کامل

Assessment of Diagnostic Value of Single View Dynamic Technique in Diagnosis of Developmental Dysplasia of Hip: A Comparison with Static and Dynamic Ultrasond Techniques

Background: Developmental dysplasia of hip (DDH) is a common childhood disorder, and ultrasonography examination is routinely used for screening purposes. In this study, we aimed to evaluate a modified combined static and dynamic ultrasound technique for the detection of DDH and to compare with the results of static and dynamic ultrasound techniques. Methods:In this cross-sectional study...

متن کامل

Measuring the Effect of Code Complexity on Static Analysis Results

To understand the effect of code complexity on static analysis, thirty-five format string vulnerabilities were selected from the National Vulnerability Database. We analyzed two sets of code for each vulnerability. The first set of code contained the vulnerability, while the second was a later version of the code in which the vulnerability had been fixed. We examined the effect of both code com...

متن کامل

Statically-Guided Fork-based Symbolic Execution for Vulnerability Detection

Fork-based symbolic execution would waste large amounts of computing time and resource on invulnerable paths when applied to vulnerability detection. In this paper, we propose a statically-guided fork-based symbolic execution technique for vulnerability detection to mitigate this problem. In static analysis, we collect all valid jumps along vulnerable paths, and define the priority for each pro...

متن کامل

Improving Software Assurance Using Lightweight Static Analysis

Gopalakrishna Rajeev. Ph.D., Purdue University, May, 2006. Improving Software Assurance Using Lightweight Static Analysis. Major Professors: Prof. Eugene H. Spafford and Prof. Jan Vitek. Software assurance is of paramount importance given the increasing impact of software on our lives. This dissertation describes research that explores two techniques to improve software assurance: a runtime app...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}

با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره شماره

صفحات -

تاریخ انتشار 2007

Static Techniques for Vulnerability Detection

نویسندگان

چکیده

منابع مشابه

Using Testing Techniques for Vulnerability Detection in C Programs

Assessment of Diagnostic Value of Single View Dynamic Technique in Diagnosis of Developmental Dysplasia of Hip: A Comparison with Static and Dynamic Ultrasond Techniques

Measuring the Effect of Code Complexity on Static Analysis Results

Statically-Guided Fork-based Symbolic Execution for Vulnerability Detection

Improving Software Assurance Using Lightweight Static Analysis

عنوان ژورنال:

اشتراک گذاری