Vulnerability Discovery: Solving the Vulnerability Uniqueness Problem

Vulnerability Discovery: Solving the Vulnerability Uniqueness Problem

Active / Technical Report | Accesssion Number: AD1145846 |

Abstract:

Current vulnerability discovery techniques such as black-box fuzz testing and concolic testing are so effective that they routinely and hundreds of thousands of crashers, which crash the target program. We created a new methodology for precisely and naturally defining vulnerabilities through the creation of patches. We use our methodology to study important questions regarding the practice of fuzzing.

Author(s):

No Author(s) Identified

Author Organization(s):

CARNEGIE-MELLON UNIV PITTSBURGH PA

Funding Organization(s):

Air Force Life Cycle Management Center, Hanscom AFB , MA

Document Type:

Technical Report/Technical Note

Publication Date:

2015 Jan 01

Pagination:

2

Security Markings

DOCUMENT & CONTEXTUAL SUMMARY

Distribution Code:

A - Approved For Public Release

Distribution Statement: Public Release

RECORD

Collection: TRECMS

Identifying Numbers

Contract Number(s):

FA8721-05-C-0003

Subject Terms

Communities of Interest:

No COI(s) Identified

Descriptor(s):

department of defense, guarantees, materials, software development, vulnerability, universities, copyrights, engineering, governments, contracts, intellectual property, law, patents, test methods, trademarks

Subject Categories:

Mathematical and Computer Sciences

Creation Date:

2021 Aug 25

Update Date:

2021 Nov 10