Skip to main content
SpringerLink
Log in

Testing for IT Security: A Guided Search Pattern for Exploitable Vulnerability Classes

  • Conference paper
  • First Online:
Computer Safety, Reliability, and Security. SAFECOMP 2021 Workshops (SAFECOMP 2021)

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 12853))

Included in the following conference series:

Abstract

This article presents a generic structured approach supporting the detection of exploitable software vulnerabilities of given type. Its applicability is illustrated for two weakness types: buffer overflowing and race conditions.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 79.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 99.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Al Sardy, L., Neubaum, A., Saglietti, F., Rudrich, D.: Comparative evaluation of security fuzzing approaches. In: Romanovsky, A., Troubitsyna, E., Gashi, I., Schoitsch, E., Bitsch, F. (eds.) SAFECOMP 2019. LNCS, vol. 11699, pp. 49–61. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-26250-1_4

    Chapter  Google Scholar 

  2. Al Sardy, L., Saglietti, F., Tang, T., Sonnenberg, H.: Constraint-based testing for buffer overflows. In: Gallina, B., Skavhaug, A., Schoitsch, E., Bitsch, F. (eds.) SAFECOMP 2018. LNCS, vol. 11094, pp. 99–111. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-99229-7_10

    Chapter  Google Scholar 

  3. Baldoni, R., Coppa, E., D’Elia, D., Demetrescu, C., Finocchi, I.: A survey of symbolic execution techniques. ACM Comput. Surv. 51(3), 1–39 (2018)

    Article  Google Scholar 

  4. Blanc, N., Kroening, D.: Race analysis for SystemC using model checking. In: IEEE/ACM International Conference on Computer-Aided Design, pp. 356–363 (2008)

    Google Scholar 

  5. Cadar, C., Dunbar, D., Engler, D.: KLEE: unassisted and automatic generation of high-coverage tests for complex system programs. In: USENIX Symposium on Operating Systems Design and Implementation, pp. 209–224, USENIX Association (2008)

    Google Scholar 

  6. Carnegie Mellon University (SEI): CERT C++ Coding Standard, Concurrency (2016)

    Google Scholar 

  7. Common Attack Pattern Enumeration and Classification Community: Overflow Buffers. CAPEC-100 (2020)

    Google Scholar 

  8. Cisco: Most Common CWE Vulnerabilities. Annual Cybersecurity Report (2018)

    Google Scholar 

  9. de Moura, L., Bjørner, N.: Z3: an efficient SMT solver. In: Ramakrishnan, C.R., Rehof, J. (eds.) TACAS 2008. LNCS, vol. 4963, pp. 337–340. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-78800-3_24

    Chapter  Google Scholar 

  10. Foster, J.C., Osipov, V., Bhalla, N., Heinen, N.: Buffer Overflow Attacks: Detect, Exploit Prevent. Syngress, Rockland (2005)

    Google Scholar 

  11. Ganesh, V., Dill, D.L.: A decision procedure for bit-vectors and arrays. In: Damm, W., Hermanns, H. (eds.) CAV 2007. LNCS, vol. 4590, pp. 519–531. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-73368-3_52

    Chapter  Google Scholar 

  12. Goldberg, D.E., Holland, J.H.: Genetic algorithms and machine learning. Mach. Learn. 3, 95–99 (1988)

    Article  Google Scholar 

  13. Holzmann, G.: The power of 10: rules for developing safety-critical code. IEEE Comput. 39, 95–97 (2006)

    Article  Google Scholar 

  14. MITRE Corporation: Common Weakness Enumeration (CWE), Top 25 Most Dangerous Software Weaknesses (2020)

    Google Scholar 

  15. MITRE Corporation: Common Vulnerabilities and Exposures (CVE). CVE-2019-3568, CVE-2020-1839, CVE-2021-21006, CVE-2021-21148, CVE-2021-3156

    Google Scholar 

  16. Musuvathi, M.: Systematic concurrency testing using CHESS. In: Workshop on Parallel and Distributed Systems: Testing, Analysis, and Debugging. ACM (2008)

    Google Scholar 

  17. Nowotka, D., Traub, J.: MEMICS – Memory Interval Constraint Solving of (concurrent) Machine Code. Automotive – Safety & Security, LNI 210, pp. 69–83, Springer (2012)

    Google Scholar 

  18. Oulu University (Secure Programming Group): Radamsa (2010)

    Google Scholar 

  19. Qadeer, S., Wu, D.: KISS: keep it simple and sequential. SIGPLAN Not. 39, 14–24 (2004)

    Article  Google Scholar 

  20. Schneider Electric Software Security Response Center: Remote Code Execution Vulnerability. Security Bulletin LFSEC00000125 (2018)

    Google Scholar 

  21. Tracey, N., Clark, J., Mander, K., McDermid, J.: An automated framework for structural test-data generation. In: Conference on Automated Software Engineering, pp. 285–288. IEEE (1998)

    Google Scholar 

  22. Wegener, J., Buhr, K., Pohlheim, H.: Automatic test data generation for structural testing of embedded software systems by evolutionary testing. In: Conference on Genetic and Evolutionary Computation, pp. 1233–1240. Morgan Kaufmann (2002)

    Google Scholar 

  23. Yun, I., Lee, S., Xu, M., Jang, Y., Kim, T.: QSYM: a practical concolic execution engine tailored for hybrid fuzzing. In: USENIX Security Symposium, pp. 745–761. USENIX (2018)

    Google Scholar 

  24. Zalewski, M.: American Fuzzy Lop (2017)

    Google Scholar 

Download references

Acknowledgment

The authors gratefully acknowledge that the work presented was supported by the German Federal Ministry for Economic Affairs and Energy (BMWi), project no. 1501600C (SMARTEST2).

Author information

Authors and Affiliations

  1. Software Engineering (Informatik 11), University of Erlangen-Nuremberg, Martensstr. 3, 91058, Erlangen, Germany

    Andreas Neubaum, Loui Al Sardy, Marc Spisländer, Francesca Saglietti & Yves Biener

Authors
  1. Andreas Neubaum
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Loui Al Sardy
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Marc Spisländer
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Francesca Saglietti
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Yves Biener
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to Andreas Neubaum , Loui Al Sardy , Marc Spisländer or Francesca Saglietti .

Editor information

Editors and Affiliations

  1. University of York, York, UK

    Ibrahim Habli

  2. Human Factors Everywhere Ltd., Woking, UK

    Mark Sujan

  3. University of York, York, UK

    Simos Gerasimou

  4. AIT Austrian Institute of Technology GmbH, Vienna, Austria

    Erwin Schoitsch

  5. Thales Deutschland GmbH, Ditzingen, Germany

    Friedemann Bitsch

Rights and permissions

Reprints and permissions

Copyright information

© 2021 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Neubaum, A., Al Sardy, L., Spisländer, M., Saglietti, F., Biener, Y. (2021). Testing for IT Security: A Guided Search Pattern for Exploitable Vulnerability Classes. In: Habli, I., Sujan, M., Gerasimou, S., Schoitsch, E., Bitsch, F. (eds) Computer Safety, Reliability, and Security. SAFECOMP 2021 Workshops. SAFECOMP 2021. Lecture Notes in Computer Science(), vol 12853. Springer, Cham. https://doi.org/10.1007/978-3-030-83906-2_8

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-83906-2_8

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-83905-5

  • Online ISBN: 978-3-030-83906-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation