Software Vulnerability Discovery Techniques: A Survey

被引:64
|
作者
Liu, Bingchang [1 ]
Shi, Liang [1 ]
Cai, Zhuhua [1 ]
Li, Min [1 ]
机构
[1] Xiamen Univ, Software Sch, Xiamen, Peoples R China
来源
2012 FOURTH INTERNATIONAL CONFERENCE ON MULTIMEDIA INFORMATION NETWORKING AND SECURITY (MINES 2012) | 2012年
关键词
Vulnerability; Software static analysis; Fuzzing; Penetration testing; vulnerability discovery model;
D O I
10.1109/MINES.2012.202
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
Software vulnerabilities are the root cause of computer security problem. How people can quickly discover vulnerabilities existing in a certain software has always been the focus of information security field. This paper has done research on software vulnerability techniques, including static analysis, Fuzzing, penetration testing. Besides, the authors also take vulnerability discovery models as an example of software vulnerability analysis methods which go hand in hand with vulnerability discovery techniques. The ending part of the paper analyses the advantages and disadvantages of each technique introduced here and talks about the future direction of this field.
引用
收藏
页码:152 / 156
页数:5
相关论文
共 50 条
  • [41] Hackers vs. Testers: A Comparison of Software Vulnerability Discovery Processes
    Votipka, Daniel
    Stevens, Rock
    Redmiles, Elissa M.
    Hu, Jeremy
    Mazurek, Michelle L.
    2018 IEEE SYMPOSIUM ON SECURITY AND PRIVACY (SP), 2018, : 374 - 391
  • [42] Automatic Software Vulnerability Discovery and Exploit Under the Limited Resource Conditions
    Huang H.
    Wang J.
    Yang Y.
    Su P.
    Nie C.
    Xin W.
    Jisuanji Yanjiu yu Fazhan/Computer Research and Development, 2019, 56 (11): : 2299 - 2314
  • [43] Discovery of patterns in software metrics using clustering techniques
    Lopez Del Alamo, Cristian J.
    Pizarro, Diego Aracena
    Pinto, Ricardo Valdivia
    2012 XXXVIII CONFERENCIA LATINOAMERICANA EN INFORMATICA (CLEI), 2012,
  • [44] A Comparative Study of Vulnerability Discovery Modeling and Software Reliability Growth Modeling
    Kapur, P. K.
    Yadavali, V. S. S.
    Shrivastava, A. K.
    2015 1ST INTERNATIONAL CONFERENCE ON FUTURISTIC TRENDS ON COMPUTATIONAL ANALYSIS AND KNOWLEDGE MANAGEMENT (ABLAZE), 2015, : 246 - 251
  • [45] Ontology-based services for software vulnerability detection: a survey
    Wang, Bingquan
    Cui, Baojiang
    SERVICE ORIENTED COMPUTING AND APPLICATIONS, 2019, 13 (04) : 333 - 339
  • [46] Survey on Software Vulnerability Analysis method based on Machine Learning
    Gong Jie
    Kuang Xiao-hui
    Liu Qiang
    2016 IEEE FIRST INTERNATIONAL CONFERENCE ON DATA SCIENCE IN CYBERSPACE (DSC 2016), 2016, : 642 - 647
  • [47] Software Vulnerability Detection Using Deep Neural Networks: A Survey
    Lin, Guanjun
    Wen, Sheng
    Han, Qing-Long
    Zhang, Jun
    Xiang, Yang
    PROCEEDINGS OF THE IEEE, 2020, 108 (10) : 1825 - 1848
  • [48] Survey of Software Vulnerability Mining Methods Based on Machine Learning
    Li Y.
    Huang C.-L.
    Wang Z.-F.
    Yuan L.
    Wang X.-C.
    Ruan Jian Xue Bao/Journal of Software, 2020, 31 (07): : 2040 - 2061
  • [49] Ontology-based services for software vulnerability detection: a survey
    Bingquan Wang
    Baojiang Cui
    Service Oriented Computing and Applications, 2019, 13 : 333 - 339
  • [50] A Survey on Data-driven Software Vulnerability Assessment and Prioritization
    Le, Triet H. M.
    Chen, Huaming
    Babar, M. Ali
    ACM COMPUTING SURVEYS, 2023, 55 (05)
12345