Abstract
In recent years, the increasing size and complexity of software packages has led to vulnerability mining gradually becoming more difficult and challenging. The theoretic research and systematic practice of traditional software vulnerability mining system emphasize models and data. Now, it gradually requires the participation of human vulnerability-miners in the mining procedure. To address the issue, from the human-center perspective, this paper holds that the role of human should be highlighted in the system building process. Aimed at solving the task of software vulnerability mining and integrating the natural intelligence of human into the system, it attempts to assign people who participate in the vulnerability-mining activities as the components of the system. This paper proposes a vulnerability mining system architecture based on human-computer coordination. Then, it designs the workflow of the vulnerability mining task based on human-computer coordination. Finally, it designs a task solving strategy based on human-computer coordination for the fuzz testing scenario.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Shahriari, H.R.: Software vulnerability analysis and discovery using machine-learning and data-mining techniques: a survey. ACM Comput. Surv. 50(4), 1–36 (2017)
Liu, J., He, D., Rao, Z.H.: An analysis model of buffer overflow vulnerability based on FSM. In: 2nd International Conference on Geoinformatics and Data Analysis (ICGDA), Prague, pp. 47–51. ACM (2019)
Woods, D.D., Roth, E.M., Bnett, K.: Explorations in joint human-machine cognitive systems. In: Cognition, Computing and Cooperation, pp. 123–158 (1990)
Jones, P.M., Chu, R.W., Mitehell, C.M.: A methodology for human-machine system research: knowledge engineering, modeling and simulation. IEEE Trans. Man Cybern. 25(7), 1025–1038 (1995)
Barthelemy, J.P., Bisdo, R., Coppin, G.: Human Centered Processes and Decision Support Systems. Eur. J. Oper. Res. 136(2), 233–252 (2002)
Grudin, J., Carroll, J.M.: From tool to partner: the evolution of human-computer interaction. In: Extended Abstracts of the Chi Conference (2017)
Kim, H.C., Choi, Y.H., Dong, H.L.: Efficient file fuzz testing using automated analysis of binary file format. J. Syst. Architect. 57(3), 259–268 (2011)
Acknowledgments
This work is supported by National Key R&D Program of China No. 2017YFB08029 and is supported by Sichuan Science and Technology Program No. 2018GZ0101.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Liu, J., He, D., Wang, Y., Chen, J., Rao, Z. (2020). Software Vulnerability Mining Based on the Human-Computer Coordination. In: Ahram, T., Karwowski, W., Vergnano, A., Leali, F., Taiar, R. (eds) Intelligent Human Systems Integration 2020. IHSI 2020. Advances in Intelligent Systems and Computing, vol 1131. Springer, Cham. https://doi.org/10.1007/978-3-030-39512-4_83
Download citation
DOI: https://doi.org/10.1007/978-3-030-39512-4_83
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-39511-7
Online ISBN: 978-3-030-39512-4
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)