Reference : A Scalable and Accurate Hybrid Vulnerability Analysis Framework
Scientific congresses, symposiums and conference proceedings : Paper published in a book
Engineering, computing & technology : Computer science
http://hdl.handle.net/10993/21897
A Scalable and Accurate Hybrid Vulnerability Analysis Framework
English
Thome, Julian mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
2015
Doctoral Symposium co-located with 26th IEEE International Symposium on Software Reliability Engineering (2015)
Yes
International
Doctoral Symposium co-located with 26th IEEE International Symposium on Software Reliability Engineering (2015)
04-11-2015
[en] Software Security Assurance ; Vulnerability Analysis ; Program Analysis ; Symbolic Execution ; Constraint Solving ; Machine Learning
[en] Software security assurance is an important process in software development that protects the sensitive data and resources contained in and controlled by the software. Addressing security vulnerabilities at an early phase could decrease the cost of addressing them in later stages by two orders of magnitude. In order to detect vulnerabilities in Web services and Web applications in a scalable and accurate manner, we aim at developing a hybrid vulnerability analysis framework which combines program analysis, symbolic execution and machine learning. We use program analysis to identify potential vulnerable execution branches within the source code for the purpose of guiding the symbolic execution along the potentially vulnerable execution paths. We also propose scalable constraint solving techniques for vulnerability analysis. To further enhance scalability and accuracy, we also apply machine learning by incorporating predictors for identifying potentially vulnerable paths of the program based on known vulnerable cases.
SnT - Interdisciplinary Centre for Security, Reliability and Trust
National Research Fund, Luxembourg (FNR/P10/03 and FNR9132112)
Researchers ; Professionals ; Students
http://hdl.handle.net/10993/21897
FnR ; FNR9132112 > Julian Thomé > HyVAn > A Scalable and Accurate Hybrid Vulnerability Analysis Framework > 01/09/2014 > 14/04/2018 > 2014

File(s) associated to this reference

Fulltext file(s):

FileCommentaryVersionSizeAccess
Open access
doctoral-symposium.pdfPublisher postprint62.01 kBView/Open

Bookmark and Share SFX Query

All documents in ORBilu are protected by a user license.