A study of vulnerability assessment using fuzzing data suite and data flow analysis in software
- Authors
- 박재표; 전문석; Song, J.-H.
- Issue Date
- Sep-2016
- Publisher
- American Scientific Publishers
- Keywords
- Dependency structure matrices; Exploitable assessment; Software crash analysis; Taint analysis; Vulnerability
- Citation
- Advanced Science Letters, v.22, no.9, pp.2592 - 2597
- Journal Title
- Advanced Science Letters
- Volume
- 22
- Number
- 9
- Start Page
- 2592
- End Page
- 2597
- URI
- http://scholarworks.bwise.kr/ssu/handle/2018.sw.ssu/5734
- DOI
- 10.1166/asl.2016.7809
- ISSN
- 1936-6612
- Abstract
- Recently, there are many studies about infringement protection such as analysis study of potential abuse of weak point and researches for weak point of software. This study provide with Exploitable assessment method based on the data flow analysis and software clash analysis for the exploit prediction. This method analyze the limitation of existing clash analysis and the characteristics of existing data flow analysis, and improve the traceability of access violation clash weak point based on the relativity of functional unit by analyzing unit area of clash analysis and data flow analysis. In order to achieve this, I extracted the fuzzing data format, mapped data format to the knot of Dependency structure matrices based data flow analysis, and conducted the examination if the reading access violation from functions connected to clash was related to the clash value. The proposed method adapted functional flow analysis of software to weak point analysis method to overcome the excessive exhaustion of resources in overall flow analysis of software, related the dynamic-based analysis result such as fuzzing and taint analysis, which finally is able to extract the base data for assessment Exploitable. © 2016 American Scientific Publishers. All rights reserved.
- Files in This Item
- There are no files associated with this item.
- Appears in
Collections - College of Information Technology > School of Computer Science and Engineering > 1. Journal Articles
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.