Affiliation:
1. Technische Universität Braunschweig, Institute of System Security, 38106 Braunschweig Germany
Abstract
Abstract
Discovering and eliminating critical vulnerabilities in program code is a key requirement for the secure operation of
software systems. This task rests primarily on the shoulders of experienced code analysts who inspect programs in-depth to
identify weaknesses. As software systems grow in complexity, while the amount of security critical code increases,
supplying these analysts with effective methods to assist in their work becomes even more crucial. Unfortunately, exact
methods for automated software analysis are rarely of help in practice, as they do not scale to the complexity of
contemporary software projects, and are not designed to benefit from the analyst's domain knowledge. To address this
problem, we present pattern-based vulnerability discovery, a novel approach of devising assistant methods for
vulnerability discovery that are build with a high focus on practical requirements. The approach combines techniques of
static analysis, machine learning, and graph mining to lend imprecise but highly effective methods that allow analysts to
benefit from the machine's pattern recognition abilities without sacrificing the strengths of manual analysis.
Cited by
6 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献