Using Testing Techniques for Vulnerability Detection in C Programs
نویسندگان
چکیده
This paper presents a technique for vulnerability detection in C programs. It is based on a vulnerability formal model called “Vulnerability Detection Conditions" (VDCs). This model is used together with passive testing techniques for the automatic detection of vulnerabilities. The proposed technique has been implemented in a dynamic code analysis tool, TestInv-Code, which detects the presence of vulnerabilities on a given code, by checking dynamically the VDCs on the execution traces of the given program. The tool has been applied to several C applications containing some well known vulnerabilities to illustrate its effectiveness. It has also been compared with existing tools in the market, showing promising performances.
منابع مشابه
An advanced approach for modeling and detecting software vulnerabilities
Context. Passive testing is a technique in which traces collected from the execution of a system under test are examined for evidence of flaws in the system. Objective. In this paper we present a method for detecting the presence of security vulnerabilities by detecting evidence of their causes in execution traces. This is a new approach to security vulnerability detection. Method. Our method u...
متن کاملFault Detection of Anti-friction Bearing using Ensemble Machine Learning Methods
Anti-Friction Bearing (AFB) is a very important machine component and its unscheduled failure leads to cause of malfunction in wide range of rotating machinery which results in unexpected downtime and economic loss. In this paper, ensemble machine learning techniques are demonstrated for the detection of different AFB faults. Initially, statistical features were extracted from temporal vibratio...
متن کاملAlgebraic Matching of Vulnerabilities in a Low-Level Code
This paper explores the algebraic matching approach for detection of vulnerabilities in binary codes. The algebraic programming system is used for implementing this method. It is anticipated that models of vulnerabilities and programs to be verified are presented as behavior algebra and action language specifications. The methods of algebraic matching are based on rewriting rules and techniques...
متن کاملRapid molecular techniques for detection of foodborne Bacillus cereus pathogen
Background and Objective: Bacillus cereus is responsible for several outbreaks of foodborne diseases. Therefore, the purpose of the study was to replace routine culture testing, by employing PCR directly from food to detect the bacteria and its enterotoxins. Methods: In the present study, a total of 75 Kibda sandwiches, Sausage sandwiches, Luncheon chicken, Luncheon meat and shawarma sandwiche...
متن کاملLaboratory Diagnosis of Nosocomial Bacterial Infections Using Standard Methods
Background and objective: Implementation of standard methods for accurate detection of bacteria, correct antibiotic susceptibility testing and effective treatment of bacterial infections play important roles in development of public health and prevention of drug resistance. This study aimed to detect bacteria using standard methods and compare the results with the results obtained in teaching h...
متن کامل