鲁伊莎,曾庆凯

DOI: https://doi.org/10.3724/sp.j.1087.2008.02244

2009-01-01

Journal of Computer Applications

Abstract:Vulnerability taxonomies with creative features were introduced and analyzed.The uniqueness lied in criteria,classification rules,schemas or perspectives.Essential factors of vulnerability taxonomies were extracted,including purposes,objects,taxonomy principles and criteria.The paper provided comparative analysis based on the factors,and discussed the key issues and probable trends.

张永铮,云晓春,胡铭曾

DOI: https://doi.org/10.3321/j.issn:1000-436x.2004.07.013

2004-01-01

Abstract:On the basis of analyzing of research achievements of typical vulnerability taxonomies in the world, a privilege-escalating based vulnerability taxonomy with multidimensional quantitative attribute is presented in this paper. Then we give examples of three vulnerabilities to illustrate the characteristics of this taxonomy, and present the risk evaluation formula and ranks of the evaluation level of risk.

Shuyuan Jin,Yong Wang,Xiang Cui,Xiaochun Yun

DOI: https://doi.org/10.1109/icsmc.2009.5345951

2009-01-01

Abstract:Classification of network vulnerability is critical to detection and risk analysis of network vulnerability. A broad range of classification methods have been proposed in literature. This paper reviews a total of 25 selected approaches and identifies the differences and relations among them. It also points out some open issues for research in this field.

朱辉,沈明星,李善平

DOI: https://doi.org/10.3969/j.issn.1000-3428.2010.10.059

2010-01-01

Abstract:This paper studies the code injection vulnerabilities of Web application,modifies and expands the definition of this kind of vulnerabilities with summarizing and analyzing the features of them,and transforms the causes of vulnerabilities into two kinds of coding errors to present a new test method based on testing the two kinds of coding errors.Experimental result shows that the test method can test all the code injection vulnerabilities of Web application effectively with less test workload.

Hazim Hanif,Mohd Hairul Nizam Md Nasir,Mohd Faizal Ab Razak,Ahmad Firdaus,Nor Badrul Anuar

DOI: https://doi.org/10.1016/j.jnca.2021.103009

IF: 7.574

2021-04-01

Journal of Network and Computer Applications

Abstract:The detection of software vulnerability requires critical attention during the development phase to make it secure and less vulnerable. Vulnerable software always invites hackers to perform malicious activities and disrupt the operation of the software, which leads to millions in financial losses to software companies. In order to reduce the losses, there are many reliable and effective vulnerability detection systems introduced by security communities aiming to detect the software vulnerabilities as early as in the development or testing phases. To summarise the software vulnerability detection system, existing surveys discussed the conventional and data mining approaches. These approaches are widely used and mostly consist of traditional detection techniques. However, they lack discussion on the newly trending machine learning approaches, such as supervised learning and deep learning techniques. Furthermore, existing studies fail to discuss the growing research interest in the software vulnerability detection community throughout the years. With more discussion on this, we can predict and focus on what are the research problems in software vulnerability detection that need to be urgently addressed. Aiming to reduce these gaps, this paper presents the research interests' taxonomy in software vulnerability detection, such as methods, detection, features, code and dataset. The research interest categories exhibit current trends in software vulnerability detection. The analysis shows that there is considerable interest in addressing methods and detection problems, while only a few are interested in code and dataset problems. This indicates that there is still much work to be done in terms of code and dataset problems in the future. Furthermore, this paper extends the machine learning approaches taxonomy, which is used to detect the software vulnerabilities, like supervised learning, semi-supervised learning, ensemble learning and deep learning. Based on the analysis, supervised learning and deep learning approaches are trending in the software vulnerability detection community as these techniques are able to detect vulnerabilities such as buffer overflow, SQL injection and cross-site scripting effectively with a significant detection performance, up to 95% of F1 score. Finally, this paper concludes with several discussions on potential future work in software vulnerability detection in terms of datasets, multi-vulnerabilities detection, transfer learning and real-world applications.

computer science, interdisciplinary applications, software engineering, hardware & architecture

Ming Huang,Yisha Lu,Qingkai Zeng

2010-01-01

Abstract:As the core of various security problems, software vulnerability is the main challenge in the information security field. Particularly, software vulnerability modeling is an actively defensive measure for software security, aiming to detect and eliminate the potential vulnerabilities before they have been exploited. In this paper, a structured and graphic method for modeling vulnerability is proposed. The method combines the advantages of existing methods to depict and reason about security vulnerabilities, which would be useful for a better understanding of the nature of vulnerabilities, and become an effective way to detect and prevent the software vulnerabilities. The practical application result shows that GSM could reveal some related information and properties that existing methods cannot find in the vulnerability databases in public.

OU Xin-feng,HU Ming-zeng,ZHANG Tao,ZHANG Yong-zheng

DOI: https://doi.org/10.3969/j.issn.1001-3695.2007.03.062

2007-01-01

Abstract:Authors designed and established a multi-attribute quantitative vulnerability database,by introducing attributes like privilege sets,confidentiality,integrality,availability.The vulnerability information was also analyzed further.Practice has proved that it is a more comprehensive and powerful way for security assessment system by using this vulnerability information support.

Gabriele Modena

DOI: https://doi.org/10.48550/arXiv.1212.3669

2014-07-22

Abstract:Vulnerability discovery and exploits detection are two wide areas of study in software engineering. This preliminary work tries to combine existing methods with machine learning techniques to define a metric classification of vulnerable computer programs. First a feature set has been defined and later two models have been tested against real world vulnerabilities. A relation between the classifier choice and the features has also been outlined.

Software Engineering,Machine Learning

徐海涛,李斌,王垚

DOI: https://doi.org/10.3969/j.issn.1008-0570.2008.12.037

2008-01-01

Abstract:DNS (Domain Name System) is the most critical infrastructure. And its safety is of paramount importance. DNS was regard-ed as a completely open system from the beginning,It makes DNS vulnerable to attack. In this paper,the resolution process of DNS server and client is described by Finite State Machine. The existing vulnerabilities of DNS are matched to transfers of the Finite State Machine,classification of these vulnerabilities by the Finite State Machine makes them more accurate. It can guide the future security protection of DNS and make it free from attacks.

Assane Gueye,Peter Mell

DOI: https://doi.org/10.48550/arXiv.2102.01722

2021-02-02

Cryptography and Security

Abstract:Understanding the landscape of software vulnerabilities is key for developing effective security solutions. Fortunately, the evaluation of vulnerability databases that use a framework for communicating vulnerability attributes and their severity scores, such as the Common Vulnerability Scoring System (CVSS), can help shed light on the nature of publicly published vulnerabilities. In this paper, we characterize the software vulnerability landscape by performing a historical and statistical analysis of CVSS vulnerability metrics over the period of 2005 to 2019 through using data from the National Vulnerability Database. We conduct three studies analyzing the following: the distribution of CVSS scores (both empirical and theoretical), the distribution of CVSS metric values and how vulnerability characteristics change over time, and the relative rankings of the most frequent metric value over time. Our resulting analysis shows that the vulnerability threat landscape has been dominated by only a few vulnerability types and has changed little during the time period of the study. The overwhelming majority of vulnerabilities are exploitable over the network. The complexity to successfully exploit these vulnerabilities is dominantly low; very little authentication to the target victim is necessary for a successful attack. And most of the flaws require very limited interaction with users. However on the positive side, the damage of these vulnerabilities is mostly confined within the security scope of the impacted components. A discussion of lessons that could be learned from this analysis is presented.

ZHUGE Jianwei,YE Zhiyuan,ZOU Wei

DOI: https://doi.org/10.3969/j.issn.1000-3428.2005.21.043

2005-01-01

Abstract:For the goal to systemize an attack knowledge base which provides knowledge for intrusion detection and prevention,the classification of attack technologies is researched from the point of view of attackers,and a classification taxonomy which accords with the classification criterions is proposed,furthermore,each type of attack technology is introduced in summary.

Zhongqiang Chen,Yuan Zhang,Zhongrong Chen

DOI: https://doi.org/10.1093/comjnl/bxp040

2009-01-01

The Computer Journal

Abstract:The dictionary of common vulnerabilities and exposures (CVEs) is a compilation of known security loopholes whose objective is to both facilitate the exchange of security-related information and expedite vulnerability analysis of computer systems. Its lack of categorization and generalization capability renders the dictionary ineffective when it comes to developing defense strategies for clustered vulnerabilities instead of individual exploits. To address this issue, we propose a CVE categorization framework termed CVE Classifier that transforms the dictionary into a classifier that not only categorizes CVEs with respect to diverse taxonomic features but can also evaluate general trends in the evolution of vulnerabilities. With the help of support vector machines, CVE Classifier builds learning models for taxonomic features based on training data automatically extracted from pertinent vulnerability databases including BID, X-Force and Secunia, and CVE entries containing telltale keywords unique to taxonomic features. We use word-stemming and stopword-removal techniques to reduce the dimensions of the feature space formed by CVEs and develop a data fusion and cleansing process to eliminate data inconsistencies to improve classification performance. The CVE classification produced by the proposed framework reveals that the majority of the Internet security loopholes are harbored by a small set of services. Moreover, it becomes evident that the widespread deployment of security devices provides many additional attack points as such devices demonstrate a great mount of vulnerabilities. Finally, the CVE Classifier points out that remotely exploitable security loopholes continue to dominate the CVEs landscape.

Gong Jie,Kuang Xiao-hui,Liu Qiang

DOI: https://doi.org/10.1109/dsc.2016.33

2016-01-01

Abstract:With the increasingly rich of vulnerability related data and the extensive application of machine learning methods, software vulnerability analysis methods based on machine learning is becoming an important research area of information security. In this paper, the up-to-date and well-known works in this research area were analyzed deeply. A framework for software vulnerability analysis based on machine learning was proposed. And the existing works were described and compared, the limitations of these works were discussed. The future research directions on software vulnerability analysis based on machine learning were put forward in the end.

WEI Tao,WANG Guisi,ZOU Wei

DOI: https://doi.org/10.3321/j.issn:1000-0054.2009.z2.003

2009-01-01

Abstract:Software vulnerability closely relates to information security.This paper discusses the industry, technology and relative economic research since 2000 in detail.Software vulnerabilities are rooted in both technical and economic challenges.The software vulnerability industry can be divided into vulnerability discovering in upstream, security information provider (SIP) in midstream, and various applications in downstream.Both economic and technical approaches must be used to resolve software vulnerability problems.This paper suggests that China should develop the industry in SIP, tools, infrastructures, etc.

张涛,董占球

2004-01-01

Abstract:This paper first introduces the foreign classification technology of network attacks. Then from perspective of security systems and security product benchmarking,it discusses the views of considering the classification problems in study of classification,and gives a principle and criterion of attack classification suitable for benchmarking requirements.

曾凡平,陈明辉,尹凯涛,王煦法

DOI: https://doi.org/10.3969/j.issn.1009-8054.2009.10.037

2009-01-01

Abstract:This paper presents a measurement method for process integrity.This measurement method is applied in the test of software vulnerability.The method uses source-code conversion and the state information of function-call to check and analyze the process integrity.By checking whether the measurement for process integrity is true, the fact that whether there is a vulnerability in the software is determined.The experiment shows that this method could accurately check the attack of buffer overflow, in the circumstances of with no large performance loss.

SUN Hao,ZENG Qing-Kai

DOI: https://doi.org/10.13328/j.cnki.jos.004793

2015-01-01

Journal of Software

Abstract:In C/C++ language, limited rages represented by integer types and castings between different signs or widths cause integer-based weakness, including integer overflow, integer underflow, signedness error and truncation error. Attackers usually exploit them indirectly to commit damaging acts such as arbitrary code execution and denial of service. This paper presents a survey on integer-based vulnerabilities. A novel security model is proposed in view of behaviors resulting from the weakness occurrence, and the sufficient conditions in determining integer-based vulnerabilities are also presented. A thorough comparison among detecting methods is further conducted in consideration of covering sufficient conditions. Through an empirical study on real-world integer bug cases, the characteristics and distributions are discussed. Finally, the challenges and research directions of integer-based vulnerabilities are explored.

WANG Zhao

DOI: https://doi.org/10.3969/j.issn.2095-347X.2009.06.005

2009-01-01

Abstract:Based on the six elements of the network attacking classification principle put forward previously,a variety of classifications method to network attacking is compared and analyzed.To meet the needs of automatic security testing evaluation,a kind of classification scheme of network attacks based on multi-attributes is proposed.

张世琨,胡文蕙,陈兆良,王立福

DOI: https://doi.org/10.3321/j.issn:0372-2112.2004.03.022

2004-01-01

Abstract:Variability existing in real world and customized requirements of users,require adequate flexibility of software systems.This paper proposes an open variability control framework,which discusses origin of variability,representative forms,control mechanisms and implementation technologies from five dimensions of organization,functionality,data,presentation and process connection.This framework provides a systematic variability solution.As an example,practices of variability control in business domain application development platform are also discussed.

Georgios Spanos,Lefteris Angelis

DOI: https://doi.org/10.1016/j.jss.2018.09.039

IF: 3.5

2018-12-01

Journal of Systems and Software

Abstract:Software vulnerabilities constitute a great risk for the IT community. The specification of the vulnerability characteristics is a crucial procedure, since the characteristics are used as input for a plethora of vulnerability scoring systems. Currently, the determination of the specific characteristics -that represent each vulnerability- is a process that is performed manually by the IT security experts. However, the vulnerability description can be very informative and useful to predict vulnerability characteristics. The primary goal of this research is the enhancement, the acceleration and the support of the manual procedure of the vulnerability characteristic assignment. To achieve this goal, a model, which combines texts analysis and multi-target classification techniques was developed. This model estimates the vulnerability characteristics and subsequently, calculates the vulnerability severity scores from the predicted characteristics. To perform the present research, a dataset that contains 99,091 records from a large -publicly available- vulnerability database was used. The results are encouraging, since they show accuracy in the prediction of the vulnerability characteristics and scores.

computer science, theory & methods, software engineering