Logo des Repositoriums
 
Zeitschriftenartikel

Vulnerability Recognition by Execution Trace Differentiation

Vorschaubild nicht verfügbar

Volltext URI

Dokumententyp

Text/Journal Article

Zusatzinformation

Datum

2017

Zeitschriftentitel

ISSN der Zeitschrift

Bandtitel

Verlag

Geselllschaft für Informatik e.V.

Zusammenfassung

In context of security, one of the major problems for software development is the difficult and timeconsuming task to find and fix known vulnerabilities through the vulnerability documentation resulting out of a penetration test. This documentation contains for example the location and description of found vulnerabilities. To be able to find and fix a vulnerability, developers have to check this documentation. We developed a tool-based semi-automated analysis approach to locate and fix security issues by recorded execution traces. For identifying the affected source code snippets in the project code, we determine the difference between a regular and a malicious execution trace. This difference is an indicator for a potential vulnerability. As case study for this analysis we use vulnerabilities, which enable remote code execution. We implemented this approach in a software prototype named FOCUS+. This tool visualizes the traces and differences by several views such as a method call graph view. All views facilitate direct access to affected code snippets and point to the possible vulnerabilities. Thus, identified security gaps can immediately be fixed in FOCUS+.

Beschreibung

Viertel, Fabien Patrick; Karras, Oliver; Schneider, Kurt (2017): Vulnerability Recognition by Execution Trace Differentiation. Softwaretechnik-Trends Band 37, Heft 3. Bonn: Geselllschaft für Informatik e.V.. PISSN: 0720-8928. pp. 5-7. Sonderteil: Proceedings of the 8th Symposium on Software Performance (SSP), Karlsruhe, 09. - 10. November 2017

Zitierform

DOI

Tags