Zeitschriftenartikel
Vulnerability Recognition by Execution Trace Differentiation
Vorschaubild nicht verfügbar
Volltext URI
Dokumententyp
Text/Journal Article
Zusatzinformation
Datum
2017
Autor:innen
Zeitschriftentitel
ISSN der Zeitschrift
Bandtitel
Verlag
Geselllschaft für Informatik e.V.
Zusammenfassung
In context of security, one of the major problems for software development is the difficult and timeconsuming task to find and fix known vulnerabilities through the vulnerability documentation resulting out of a penetration test. This documentation contains for example the location and description of found vulnerabilities. To be able to find and fix a vulnerability, developers have to check this documentation. We developed a tool-based semi-automated analysis approach to locate and fix security issues by recorded execution traces. For identifying the affected source code snippets in the project code, we determine the difference between a regular and a malicious execution trace. This difference is an indicator for a potential vulnerability. As case study for this analysis we use vulnerabilities, which enable remote code execution. We implemented this approach in a software prototype named FOCUS+. This tool visualizes the traces and differences by several views such as a method call graph view. All views facilitate direct access to affected code snippets and point to the possible vulnerabilities. Thus, identified security gaps can immediately be fixed in FOCUS+.