Assisting Vulnerability Detection by Prioritizing Crashes with Incremental Learning

Page view(s)
12
Checked on Dec 24, 2022
Assisting Vulnerability Detection by Prioritizing Crashes with Incremental Learning
Title:
Assisting Vulnerability Detection by Prioritizing Crashes with Incremental Learning
Other Titles:
TENCON 2018 - 2018 IEEE Region 10 Conference
Publication Date:
28 October 2018
Citation:
L. Zhang and V. L. L. Thing, "Assisting Vulnerability Detection by Prioritizing Crashes with Incremental Learning," TENCON 2018 - 2018 IEEE Region 10 Conference, Jeju, Korea (South), 2018, pp. 2080-2085. doi: 10.1109/TENCON.2018.8650188
Abstract:
The proliferation of Internet of Things (IoT) devices is accompanied by the tremendous increase of the attack surface of the networked embedded systems. Software vulnerabilities in these systems become easier than ever to be exploited by cybercriminals. Although fuzz testing is an effective technique to detect memory corruption induced vulnerabilities, it requires in-depth analysis of the typically massive crashes, which impedes the in-time identification and patching of potentially disastrous vulnerabilities. In this paper, we present a new approach that can efficiently classify crashes based on their exploitability, which facilitates the human analysts to prioritize the crashes to be examined and hence accelerate the discovery of vulnerabilities. A compact fingerprint for the dynamic execution trace of each crashing input is firstly generated based on n-gram analysis and feature hashing. The fingerprints are then fed to an online classifier to build the distinguishing model. The incremental learning enabled by the online classifier makes the built model scale well even for a large amount of crashes and at the same time easy to be updated for new crashes. Experiments on 4,392 exploitable crashes and 33,934 non-exploitable crashes show that our method can achieve an F1-score of 95% in detecting the exploitable crashes and significantly better accuracy than the popular crash classification tool !exploitable.
License type:
PublisherCopyrights
Funding Info:
This material is based on research work supported by the Singapore National Research Foundation under NCR Award No. NRF2014NCR-NCR001-034.
Description:
© 2018 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.
ISSN:
2159-3450
2159-3442
ISBN:
978-1-5386-5457-6
978-1-5386-5458-3
Files uploaded:
File Size Format Action
There are no attached files.