Table 1 - available via license: Creative Commons Attribution 4.0 International
Content may be subject to copyright.
Source publication
As hacking techniques become more sophisticated, vulnerabilities have been gradually increasing. Between 2010 and 2015, around 80,000 vulnerabilities were newly registered in the CVE (Common Vulnerability Enumeration), and the number of vulnerabilities has continued to rise. While the number of vulnerabilities is increasing rapidly, the response to...
Context in source publication
Citations
... The dynamic analysis method [13] needs to run the target program and observe and analyze the execution status of the program so as to achieve the purpose of detecting vulnerabilities. For example, environment injection error is to inject error information into its execution environment without modifying the program to be tested and then observing the running status of the program. ...
The existence of software vulnerabilities will cause serious network attacks and information leakage problems. Timely and accurate detection of vulnerabilities in software has become a research focus on the security field. Most existing work only considers instruction-level features, which to some extent overlooks certain syntax and semantic information in the assembly code segments, affecting the accuracy of the detection model. In this paper, we propose a binary code vulnerability detection model based on multi-level feature fusion. The model considers both word-level features and instruction-level features. In order to solve the problem that traditional text embedding methods cannot handle polysemy, this paper uses the Embeddings from Language Models (ELMo) model to obtain dynamic word vectors containing word semantics and other information. Considering the grammatical structure in the assembly code segment, the model randomly embeds the normalized assembly code segment to represent it. Then the model uses bidirectional Gated Recurrent Unit (GRU) to extract word-level sequence features and instruction-level sequence features respectively. Then, the weighted feature fusion method is used to study the impact of different sequence features on the model performance. During model training, adding standard deviation regularization to constrain model parameters can prevent the occurrence of overfitting problems. To evaluate our proposed method, we conduct experiments on two datasets. Our method achieves an F1-score of 98.9 percent on the Juliet Test Suite dataset and a F1-score of 87.7 percent on the NDSS18 (Whole) dataset. The experimental results show that the model can improve the accuracy of binary code vulnerability detection.
... RELRO [49] is a mitigation technique which in general makes Global Offset Table read-only so that GOT overwriting techniques cannot be used during buffer overflow exploitation. It has two levels of protection: Partial RELRO and Full RELRO [50]. Partial RELRO makes the .got ...
Buffer Overflow (BOF) has been a ubiquitous security vulnerability for more than three decades, potentially compromising any software application or system. This vulnerability occurs primarily when someone attempts to write more bytes of data (shellcode) than a buffer can handle. To date, this primitive attack has been used to attack many different software systems, resulting in numerous buffer overflows. The most common type of buffer overflow is the stack overflow vulnerability, through which an adversary can gain admin privileges remotely, which can then be used to execute shellcode. Numerous mitigation techniques have been developed and deployed to reduce the likelihood of BOF attacks, but attackers still manage to bypass these techniques. A variety of mitigation techniques have been proposed and implemented on the hardware, operating system, and compiler levels. These techniques include No-EXecute (NX) and Address Space Layout Randomization (ASLR). The NX bit prevents the execution of malicious code by making various portions of the address space of a process inoperable. The ASLR algorithm randomly assigns addresses to various parts of the logical address space of a process as it is loaded in memory for execution. Position Independent Executable (PIE) and ASLR provide more robust protection by randomly generating binary segments. Read-only relocation (RELRO) protects the Global Offset Table (GOT) from overwriting attacks. StackGuard protects the stack by placing the canary before the return address in order to prevent stack smashing attacks. Despite all the mitigation techniques in place, hackers continue to be successful in bypassing them, making buffer overflow a persistent vulnerability. The current work aims to describe the stack-based buffer overflow vulnerability and review in detail the mitigation techniques reported in the literature as well as how hackers attempt to bypass them.
... Fuzzing, at its core, is a testing method that generates random inputs (i.e., numbers, chars, metadata, binary, and especially "known-to-be-dangerous" values such as zero, negative or very large numbers, SQL requests, special characters) that causes the target software to crash [26]. It can be divided into dumb fuzzing and smart fuzzing. ...
... It can be divided into dumb fuzzing and smart fuzzing. Dumb fuzzing simply generates defects by randomly changing the input variables; this is very fast as changing the input variable is simple, but it is not very good at finding defects as code coverage is narrow [26]. Smart fuzzing, on the other hand, generates input values suitable for the target software based on the software's format and error generation. ...
... Smart fuzzing, on the other hand, generates input values suitable for the target software based on the software's format and error generation. This software analysis is a big advantage for smart fuzzing as it allows the fuzzing algorithm to know where errors can occur; however, developing an efficient smart fuzzing algorithm takes expert knowledge and tuning [26]. ...
In recent years, the use of the Internet of Things (IoT) has increased exponentially, and cybersecurity concerns have increased along with it. On the cutting edge of cybersecurity is Artificial Intelligence (AI), which is used for the development of complex algorithms to protect networks and systems, including IoT systems. However, cyber-attackers have figured out how to exploit AI and have even begun to use adversarial AI in order to carry out cybersecurity attacks. This review paper compiles information from several other surveys and research papers regarding IoT, AI, and attacks with and against AI and explores the relationship between these three topics with the purpose of comprehensively presenting and summarizing relevant literature in these fields.
... According to the selected features the train model has build to generate the Background Knowledge (BK) and this BK has used during the classification of vulnerability assessment. This paper also produces using this approach system can achieve around 90% heterogeneous dataset.. Jeesoo Jurn, ET. al. [5], introduced a trend of systems and tools associated with machine-driven vulnerability detection and correction. we tend to propose an automatic vulnerability detection technique supported binary complexness analysis to stop a zero-day attack. ...
... If the program does not meet the criteria for independent evaluation criteria within the intervention factors of the useful evaluation, then a fuzzy measurement model is applied (Cho et al. 2016). Jeesoo et al. (2018) provided information on the automated method for the error detection and failure elimination to ensure software security. The study analyzes the methods for software failure detection and recovery. ...
Technique for Order of Prevention by Similarity to Ideal Solution (TOPSİS) method is used for decision-making to improve software efficiency and to optimize its management by using methodological approaches. TOPSIS method is a multi-criteria decision-making analysis method. TOPSIS identifies the best alternative variant based on compromise solution. The basic concept of the TOPSIS method is that the chosen alternate variant has to be at the shortest Euclidean distance from the positive ideal solution and at the farthest Euclidean distance from the negative ideal solution. Criteria and alternatives for software are identified. Two or three of software features from other studies are used. Based on international experience, practically, only few characteristics of software efficiency have been used in the articles so far, but not all eight characteristics. Eight attributes of software efficiency are used, which distinguish this study from others. The values of the worst and best alternatives are found in multi-criterion decision-making by using the estimations of four expert programmers. The software currently run in three systems was used in experiments. The skills of the experts are also taken into account for finding the values. The results of the experiments are estimated to be good.
... Second, how to move these examples from known vulnerabilities to other code segments? [3]. They proposed a technique to render manual auditing increasingly viable by helping and managing the investigation of source code [3]. ...
... [3]. They proposed a technique to render manual auditing increasingly viable by helping and managing the investigation of source code [3]. This extrapolation procedure comprises of four steps.1. ...
... Helped vulnerability disclosure. [3]. Zhen Li et al has invented VulDeePecker as the first approach using deep learning for vulnerability detection. ...
... According to the selected features the train model has build to generate the Background Knowledge (BK) and this BK has used during the classification of vulnerability assessment. This paper also produces using this approach system can achieve around 90% heterogeneous dataset.. Jeesoo Jurn, ET. al. [5], introduced a trend of systems and tools associated with machine-driven vulnerability detection and correction. we tend to propose an automatic vulnerability detection technique supported binary complexness analysis to stop a zero-day attack. ...
Software vulnerability is most common issues in software engineering, many applications has suffering vulnerability, information leakage, and data hijacking such kind of problems facing since couple of years. Sometimes developers should be making some mistakes during code making which generate vulnerability issues for entire application. In this research work, we carried out an approach to software vulnerability detection using deep learning approach behalf of metadata processing. The system carried software vulnerability detection based on the Deep Neural Network (DNN). a new dynamic vulnerability classification approach has suggested. The model basic build based on TF-IDF as well density based feature selection approach for DNN. basically TF-IDF has used to measured the frequency and weight of specific word of vulnerability description; the Vector Space Model (VSM) is used for feature selection to achieve an finest set of feature term, and; the DNN neural network model is used to built an dynamic weakness classifier to achieve effectiveness into the bug detection. The overall system has categorized into four phases in first phase we detect the code clone to eliminate the data redundancy and execution time complexity, in second we apply Vector Space Model (VSM) recommend the re-factor possibility in entire code while in third section we build DNN module for software vulnerability detection and finally recommend the vulnerability for entire code. The system partial implementation has evaluated in java environment which provide satisfactory results for heterogeneous code modules .
... As a rule, IoT systems are big consumers of computational resources, memory resources, and bandwidth. Therefore, existing approaches [5] for software solutions are not proven to be reliable for IoT systems also [3]. In this paper, we focus on IoT vulnerabilities found in IoT-specific technologies. ...
... To sustain the need of using, as an initial database, the list of IoT-oriented CVEs in our current proposal, numerous articles consider CVEs as main data source for vulnerabilities [5,[13][14][15]. In Reference [14], the authors emphasize the need for a structured and trustworthy database of information regarding vulnerabilities, attacks, threats, countermeasures, and risks within the task of information security risk management processes. ...
The aim of this paper was to enhance the process of diagnosing and detecting possible vulnerabilities within an Internet of Things (IoT) system by using a named entity recognition (NER)-based solution. In both research and practice, security system management experts rely on a large variety of heterogeneous security data sources, which are usually available in the form of natural language. This is challenging as the process is very time consuming and it is difficult to stay up to date with the constant findings in the areas of security threats, vulnerabilities, attacks, countermeasures, and risks. The proposed system is conceived as a semantic indexing solution of existing vulnerabilities and serves as an information tool for security management experts. By integrating the proposed system, the users can easily discover the potential vulnerabilities of their IoT devices. The proposed solution integrates ontologies and NER techniques in order to obtain a high rate of automation with the scope of reaching a self-maintained and up-to-date system in terms of vulnerabilities and common exposures knowledge. To achieve this, a total of 312 CVEs (common vulnerabilities and exposures) specific to the IoT field were identified. CVEs are arguably one of the most important cybersecurity resources nowadays, containing information about the latest discovered vulnerabilities. This set is further used as data corpus for an NER model designed to identify the main entities and relations that are relevant to IoT security. The goal is to automatically monitor cybersecurity information relevant to IoT, and filter and present it in an organized and structured framework based on users’ needs. The taxonomies specific to IoT security are implemented via a domain ontology, which is later used to process natural language. Relevant tokens are marked as entities and the relations between them identified. The text analysis solution is connected to a gateway which scans the environment and identifies the main IoT devices and communication technologies. The strength of the approach proposed within this research is that the designed semantic gateway is using context-aware searches in the modeled IoT security database and can identify possible vulnerabilities before they can be exploited.
... The information on the method for automated detection of errors and elimination of defects to ensure software security is provided in [12]. The mentioned study analyzes the methods for detecting and elimination of software defects. ...
This study reviews software security, etc. It studies the methods for the analysis of software security. The problems of software protection are identified. The risks for software projects, their management, determination and categories are studied. Software development process includes the construction of an agreed structure for software development. The design of large distributed systems uses many
programming languages, which in turn causes certain difficulties. That is, security in these cases is not provided. Software security is a set of measures aimed at its protection. Security in software exploitation is also a key issue. Software security is understood as its functioning without any problems. Information security threats arise in the process of software exploitation.
... vasitələrin tətbiq edilməsi; və s. Proqram təminatının təhlükəsizliyinin təmin olunması üçün xətaların aşkar edilməsinin və qüsurların aradan qaldırmasının avtomatlaşdırılmış metodu haqqında məlumat [12]-də verilmişdir. İşdə PT-də qüsurların aşkar edilməsi və bərpası ilə bağlı metodlar təhlil edilmişdir. ...
This paper provides information about software security. Methods of analysis of software security have been studied. The problems that are important to protect software have been identified. Risks for software projects, their management, assignment, categories and so on. studied.
