• DocumentCode
    2551305
  • Title

    A Novel Method of Software Vulnerability Detection based on Fuzzing Technique

  • Author

    Zhang, Xiao-Song ; Shao, Lin ; Zheng, Jiong

  • Author_Institution
    NSTL Security Lab., UESTC, Chengdu
  • fYear
    2008
  • fDate
    13-15 Dec. 2008
  • Firstpage
    270
  • Lastpage
    273
  • Abstract
    Buffer overflow vulnerabilities can cause attacks that result in serious consequences. However the techniques of buffer overflow vulnerability detection are limited to manual analysis, binary-patch comparison, fuzzing and so on. They rely on manual analysis, thus cause high overhead. In this paper, we propose a novel method of detection of buffer overflow vulnerabilities, which is based on fuzzing, data-flow dynamic analysis and automated exception analysis. This new method effectively improves the detection of unknown security vulnerabilities (0 Day). Moreover, it is more automated and has better performance in finding new security vulnerabilities.
  • Keywords
    fuzzy set theory; security of data; automated exception analysis; binary-patch comparison; buffer overflow vulnerability detection; data-flow dynamic analysis; fuzzing technique; software vulnerability detection; Assembly; Automatic testing; Buffer overflow; Computer hacking; Computer security; Data security; Intrusion detection; Protection; Software testing; Vehicle crash testing; Automation; buffer overflow; fuzzing technique; security vulnerability; vulnerability detection;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Apperceiving Computing and Intelligence Analysis, 2008. ICACIA 2008. International Conference on
  • Conference_Location
    Chengdu
  • Print_ISBN
    978-1-4244-3427-5
  • Electronic_ISBN
    978-1-4244-3426-8
  • Type

    conf

  • DOI
    10.1109/ICACIA.2008.4770021
  • Filename
    4770021
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2551305