A Vulnerability Model Construction Method Based on Chemical Abstract Machine
- 19 March 2018
- journal article
- computer science
- Published by EDP Sciences in Wuhan University Journal of Natural Sciences
- Vol. 23 (2), 150-162
- https://doi.org/10.1007/s11859-018-1305-2
Abstract
It is difficult to formalize the causes of vulnerability, and there is no effective model to reveal the causes and characteristics of vulnerability. In this paper, a vulnerability model construction method is proposed to realize the description of vulnerability attribute and the construction of a vulnerability model. A vulnerability model based on chemical abstract machine (CHAM) is constructed to realize the CHAM description of vulnerability model, and the framework of vulnerability model is also discussed. Case study is carried out to verify the feasibility and effectiveness of the proposed model. In addition, a prototype system is also designed and implemented based on the proposed vulnerability model. Experimental results show that the proposed model is more effective than other methods in the detection of software vulnerabilities.Keywords
This publication has 8 references indexed in Scilit:
- An effective long string searching algorithm towards component security testingChina Communications, 2016
- Overview of Root Causes of Software Vulnerabilities - Technical and User-Side PerspectivesPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2016
- Vulnerability Discovery Modeling and Weighted Criteria Based RankingJournal of the Indian Society for Probability and Statistics, 2016
- An approach of security testing for third‐party component based on state mutationSecurity and Communication Networks, 2015
- Software Vulnerability Detection Using Backward Trace Analysis and Symbolic ExecutionPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2013
- Have things changed now? An empirical study on input validation vulnerabilities in web applicationsComputers & Security, 2012
- COMPONENT SECURITY TESTING APPROACH BASED ON EXTENDED CHEMICAL ABSTRACT MACHINEInternational Journal of Software Engineering and Knowledge Engineering, 2012
- An Empirical Study on Using the National Vulnerability Database to Predict Software VulnerabilitiesLecture Notes in Computer Science, 2011