Vulnerable spots localization methods for software vulnerability analysis

doi:10.11887/j.cn.201505022

Home > Archive>Volume 37, Issue 5, 2015 >141-148. DOI:10.11887/j.cn.201505022

Vulnerable spots localization methods for software vulnerability analysis
DOI:
                        10.11887/j.cn.201505022
                    
CSTR:
                        
Author:
                        
Affiliation:
Clc Number:
Fund Project:

Article

Figures

Metrics

Reference

Cited by

Materials

Comments

Abstract:

Aiming at the difficulty in analysis of binary program vulnerabilities, an approach for software vulnerable spots localization based on taint analysis was proposed, and a corresponding tool named SwordChecker was implemented. This method is based on dynamic taint tracing. Software vulnerable spots were localized by character matching according to vulnerability patterns, and sensitive bytes which affected the vulnerable spots were localized by binary-search. Experiment results show that SwordChecker can accurately identify and localize three types of software vulnerable spots fast, has successfully analyzed the causes of multiple open vulnerabilities, and has assisted mining several undisclosed vulnerabilities.

Reference

Cited by

Get Citation

CAI Jun, ZOU Peng, YANG Shangfei, HE Jun. Vulnerable spots localization methods for software vulnerability analysis[J]. Journal of National University of Defense Technology,2015,37(5):141-148.

Copy

Article Metrics

Abstract:
PDF:
HTML:
Cited by:

History

Received:December 31,2014
Revised:
Adopted:
Online: November 09,2015
Published:

Home

About Journal

Guide for Authors

Editorial Board

Publication Statement

Open Access Statement

Contact

Journal Subscription

Rss

AI assistant

Chinese

Get Citation

Share

Article Metrics

History

Article QR Code