A study of vulnerability assessment using fuzzing data suite and data flow analysis in software

Abstract

Recently, there are many studies about infringement protection such as analysis study of potential abuse of weak point and researches for weak point of software. This study provide with Exploitable assessment method based on the data flow analysis and software clash analysis for the exploit prediction. This method analyze the limitation of existing clash analysis and the characteristics of existing data flow analysis, and improve the traceability of access violation clash weak point based on the relativity of functional unit by analyzing unit area of clash analysis and data flow analysis. In order to achieve this, I extracted the fuzzing data format, mapped data format to the knot of Dependency structure matrices based data flow analysis, and conducted the examination if the reading access violation from functions connected to clash was related to the clash value. The proposed method adapted functional flow analysis of software to weak point analysis method to overcome the excessive exhaustion of resources in overall flow analysis of software, related the dynamic-based analysis result such as fuzzing and taint analysis, which finally is able to extract the base data for assessment Exploitable. © 2016 American Scientific Publishers. All rights reserved.