Software Vulnerability Discovery Techniques: A Survey

被引:64
|
作者
Liu, Bingchang [1 ]
Shi, Liang [1 ]
Cai, Zhuhua [1 ]
Li, Min [1 ]
机构
[1] Xiamen Univ, Software Sch, Xiamen, Peoples R China
来源
2012 FOURTH INTERNATIONAL CONFERENCE ON MULTIMEDIA INFORMATION NETWORKING AND SECURITY (MINES 2012) | 2012年
关键词
Vulnerability; Software static analysis; Fuzzing; Penetration testing; vulnerability discovery model;
D O I
10.1109/MINES.2012.202
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
Software vulnerabilities are the root cause of computer security problem. How people can quickly discover vulnerabilities existing in a certain software has always been the focus of information security field. This paper has done research on software vulnerability techniques, including static analysis, Fuzzing, penetration testing. Besides, the authors also take vulnerability discovery models as an example of software vulnerability analysis methods which go hand in hand with vulnerability discovery techniques. The ending part of the paper analyses the advantages and disadvantages of each technique introduced here and talks about the future direction of this field.
引用
收藏
页码:152 / 156
页数:5
相关论文
共 50 条
  • [1] Software Vulnerability Analysis and Discovery Using Deep Learning Techniques: A Survey
    Zeng, Peng
    Lin, Guanjun
    Pan, Lei
    Tai, Yonghang
    Zhang, Jun
    IEEE ACCESS, 2020, 8 : 197158 - 197172
  • [2] Survey of Software Vulnerability Discovery Technology
    Wang, Wei
    PROCEEDINGS OF THE 2017 7TH INTERNATIONAL CONFERENCE ON SOCIAL NETWORK, COMMUNICATION AND EDUCATION (SNCE 2017), 2017, 82 : 9 - 13
  • [3] Survey of software vulnerability detection techniques
    School of Computer Science and Engineering, Beihang University, Beijing
    100191, China
    不详
    410073, China
    Jisuanji Xuebao, 4 (717-732):
  • [4] Survey on Vulnerability Mining Techniques of Network Protocol Software
    Yu B.
    Su J.-S.
    Yang Q.
    Huang J.-X.
    Sheng Z.-S.
    Liu R.-H.
    Lu J.-J.
    Liang C.
    Chen C.
    Zhao L.
    Ruan Jian Xue Bao/Journal of Software, 2024, 35 (02): : 872 - 898
  • [5] Software Vulnerability Analysis and Discovery Using Machine-Learning and Data-Mining Techniques: A Survey
    Ghaffarian, Seyed Mohammad
    Shahriari, Hamid Reza
    ACM COMPUTING SURVEYS, 2017, 50 (04)
  • [6] Fuzzing vulnerability discovery techniques: Survey, challenges and future directions
    Beaman, Craig
    Redbourne, Michael
    Mummery, J. Darren
    Hakak, Saqib
    COMPUTERS & SECURITY, 2022, 120
  • [7] From automation to intelligence: Survey of research on vulnerability discovery techniques
    Zou Q.
    Zhang T.
    Wu R.
    Ma J.
    Li M.
    Chen C.
    Hou C.
    Zhang, Tao (zhangt@itsec.gov.cn), 2018, Tsinghua University (58): : 1079 - 1094
  • [8] A Survey on IoT Vulnerability Discovery
    Ban, Xinbo
    Ding, Ming
    Liu, Shigang
    Chen, Chao
    Zhang, Jun
    NETWORK AND SYSTEM SECURITY, NSS 2022, 2022, 13787 : 267 - 282
  • [9] A Survey of Automatic Software Vulnerability Detection, Program Repair, and Defect Prediction Techniques
    Shen, Zhidong
    Chen, Si
    SECURITY AND COMMUNICATION NETWORKS, 2020, 2020
  • [10] Vulnerability Scrying Method for Software Vulnerability Discovery Prediction Without a Vulnerability Database
    Rahimi, Sanaz
    Zargham, Mehdi
    IEEE TRANSACTIONS ON RELIABILITY, 2013, 62 (02) : 395 - 407
12345