Title :
A Novel Method of Software Vulnerability Detection based on Fuzzing Technique
Author :
Zhang, Xiao-Song ; Shao, Lin ; Zheng, Jiong
Author_Institution :
NSTL Security Lab., UESTC, Chengdu
Abstract :
Buffer overflow vulnerabilities can cause attacks that result in serious consequences. However the techniques of buffer overflow vulnerability detection are limited to manual analysis, binary-patch comparison, fuzzing and so on. They rely on manual analysis, thus cause high overhead. In this paper, we propose a novel method of detection of buffer overflow vulnerabilities, which is based on fuzzing, data-flow dynamic analysis and automated exception analysis. This new method effectively improves the detection of unknown security vulnerabilities (0 Day). Moreover, it is more automated and has better performance in finding new security vulnerabilities.
Keywords :
fuzzy set theory; security of data; automated exception analysis; binary-patch comparison; buffer overflow vulnerability detection; data-flow dynamic analysis; fuzzing technique; software vulnerability detection; Assembly; Automatic testing; Buffer overflow; Computer hacking; Computer security; Data security; Intrusion detection; Protection; Software testing; Vehicle crash testing; Automation; buffer overflow; fuzzing technique; security vulnerability; vulnerability detection;
Conference_Titel :
Apperceiving Computing and Intelligence Analysis, 2008. ICACIA 2008. International Conference on
Conference_Location :
Chengdu
Print_ISBN :
978-1-4244-3427-5
Electronic_ISBN :
978-1-4244-3426-8
DOI :
10.1109/ICACIA.2008.4770021
