Software Vulnerability Discovery Techniques: A Survey

被引:64
|
作者
Liu, Bingchang [1 ]
Shi, Liang [1 ]
Cai, Zhuhua [1 ]
Li, Min [1 ]
机构
[1] Xiamen Univ, Software Sch, Xiamen, Peoples R China
来源
2012 FOURTH INTERNATIONAL CONFERENCE ON MULTIMEDIA INFORMATION NETWORKING AND SECURITY (MINES 2012) | 2012年
关键词
Vulnerability; Software static analysis; Fuzzing; Penetration testing; vulnerability discovery model;
D O I
10.1109/MINES.2012.202
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
Software vulnerabilities are the root cause of computer security problem. How people can quickly discover vulnerabilities existing in a certain software has always been the focus of information security field. This paper has done research on software vulnerability techniques, including static analysis, Fuzzing, penetration testing. Besides, the authors also take vulnerability discovery models as an example of software vulnerability analysis methods which go hand in hand with vulnerability discovery techniques. The ending part of the paper analyses the advantages and disadvantages of each technique introduced here and talks about the future direction of this field.
引用
收藏
页码:152 / 156
页数:5
相关论文
共 50 条
  • [21] A Survey of Techniques for Internet Topology Discovery
    Motamedi, Reza
    Rejaie, Reza
    Willinger, Walter
    IEEE COMMUNICATIONS SURVEYS AND TUTORIALS, 2015, 17 (02): : 1044 - 1065
  • [22] A Survey on the State of the Art of Vulnerability Assessment Techniques
    Sotos Martinez, Eva
    Villanueva, Nora M.
    Adkinson Orellana, Lilian
    14TH INTERNATIONAL CONFERENCE ON COMPUTATIONAL INTELLIGENCE IN SECURITY FOR INFORMATION SYSTEMS AND 12TH INTERNATIONAL CONFERENCE ON EUROPEAN TRANSNATIONAL EDUCATIONAL (CISIS 2021 AND ICEUTE 2021), 2022, 1400 : 203 - 213
  • [23] Modeling Software Vulnerability Discovery Process Inculcating the Impact of Reporters
    Adarsh Anand
    Navneet Bhatt
    Omar H. Alhazmi
    Information Systems Frontiers, 2021, 23 : 709 - 722
  • [24] Deep Neural Embedding for Software Vulnerability Discovery: Comparison and Optimization
    Yuan, Xue
    Lin, Guanjun
    Tai, Yonghang
    Zhang, Jun
    Security and Communication Networks, 2022, 2022
  • [25] Cybersecurity: a predictive analytical model for software vulnerability discovery process
    Pokhrel, Nawa Raj
    Khanal, Netra
    Tsokos, Chris P.
    Pokhrel, Keshav
    Pokhrel, Nawa Raj (npokhrel@xula.edu), 1600, Taylor and Francis Ltd. (05): : 41 - 69
  • [26] Deep Neural Embedding for Software Vulnerability Discovery: Comparison and Optimization
    Yuan, Xue
    Lin, Guanjun
    Tai, Yonghang
    Zhang, Jun
    SECURITY AND COMMUNICATION NETWORKS, 2022, 2022
  • [27] Software security evaluation using multilevel vulnerability discovery modeling
    Sharma, Ruchi
    Shrivastava, Avinash K.
    Hoang Pham
    QUALITY ENGINEERING, 2023, 35 (02) : 341 - 352
  • [28] CLORIFI: software vulnerability discovery using code clone verification
    Li, Hongzhe
    Kwon, Hyuckmin
    Kwon, Jonghoon
    Lee, Heejo
    CONCURRENCY AND COMPUTATION-PRACTICE & EXPERIENCE, 2016, 28 (06): : 1900 - 1917
  • [29] Modeling Software Vulnerability Discovery Process Inculcating the Impact of Reporters
    Anand, Adarsh
    Bhatt, Navneet
    Alhazmi, Omar H.
    INFORMATION SYSTEMS FRONTIERS, 2021, 23 (03) : 709 - 722
  • [30] Auditability of Software: A Survey of Techniques and Costs
    Weiss, Ira R.
    MIS QUARTERLY, 1980, 4 (04) : 39 - 50
12345