Abstract
This article presents a generic structured approach supporting the detection of exploitable software vulnerabilities of given type. Its applicability is illustrated for two weakness types: buffer overflowing and race conditions.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Al Sardy, L., Neubaum, A., Saglietti, F., Rudrich, D.: Comparative evaluation of security fuzzing approaches. In: Romanovsky, A., Troubitsyna, E., Gashi, I., Schoitsch, E., Bitsch, F. (eds.) SAFECOMP 2019. LNCS, vol. 11699, pp. 49–61. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-26250-1_4
Al Sardy, L., Saglietti, F., Tang, T., Sonnenberg, H.: Constraint-based testing for buffer overflows. In: Gallina, B., Skavhaug, A., Schoitsch, E., Bitsch, F. (eds.) SAFECOMP 2018. LNCS, vol. 11094, pp. 99–111. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-99229-7_10
Baldoni, R., Coppa, E., D’Elia, D., Demetrescu, C., Finocchi, I.: A survey of symbolic execution techniques. ACM Comput. Surv. 51(3), 1–39 (2018)
Blanc, N., Kroening, D.: Race analysis for SystemC using model checking. In: IEEE/ACM International Conference on Computer-Aided Design, pp. 356–363 (2008)
Cadar, C., Dunbar, D., Engler, D.: KLEE: unassisted and automatic generation of high-coverage tests for complex system programs. In: USENIX Symposium on Operating Systems Design and Implementation, pp. 209–224, USENIX Association (2008)
Carnegie Mellon University (SEI): CERT C++ Coding Standard, Concurrency (2016)
Common Attack Pattern Enumeration and Classification Community: Overflow Buffers. CAPEC-100 (2020)
Cisco: Most Common CWE Vulnerabilities. Annual Cybersecurity Report (2018)
de Moura, L., Bjørner, N.: Z3: an efficient SMT solver. In: Ramakrishnan, C.R., Rehof, J. (eds.) TACAS 2008. LNCS, vol. 4963, pp. 337–340. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-78800-3_24
Foster, J.C., Osipov, V., Bhalla, N., Heinen, N.: Buffer Overflow Attacks: Detect, Exploit Prevent. Syngress, Rockland (2005)
Ganesh, V., Dill, D.L.: A decision procedure for bit-vectors and arrays. In: Damm, W., Hermanns, H. (eds.) CAV 2007. LNCS, vol. 4590, pp. 519–531. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-73368-3_52
Goldberg, D.E., Holland, J.H.: Genetic algorithms and machine learning. Mach. Learn. 3, 95–99 (1988)
Holzmann, G.: The power of 10: rules for developing safety-critical code. IEEE Comput. 39, 95–97 (2006)
MITRE Corporation: Common Weakness Enumeration (CWE), Top 25 Most Dangerous Software Weaknesses (2020)
MITRE Corporation: Common Vulnerabilities and Exposures (CVE). CVE-2019-3568, CVE-2020-1839, CVE-2021-21006, CVE-2021-21148, CVE-2021-3156
Musuvathi, M.: Systematic concurrency testing using CHESS. In: Workshop on Parallel and Distributed Systems: Testing, Analysis, and Debugging. ACM (2008)
Nowotka, D., Traub, J.: MEMICS – Memory Interval Constraint Solving of (concurrent) Machine Code. Automotive – Safety & Security, LNI 210, pp. 69–83, Springer (2012)
Oulu University (Secure Programming Group): Radamsa (2010)
Qadeer, S., Wu, D.: KISS: keep it simple and sequential. SIGPLAN Not. 39, 14–24 (2004)
Schneider Electric Software Security Response Center: Remote Code Execution Vulnerability. Security Bulletin LFSEC00000125 (2018)
Tracey, N., Clark, J., Mander, K., McDermid, J.: An automated framework for structural test-data generation. In: Conference on Automated Software Engineering, pp. 285–288. IEEE (1998)
Wegener, J., Buhr, K., Pohlheim, H.: Automatic test data generation for structural testing of embedded software systems by evolutionary testing. In: Conference on Genetic and Evolutionary Computation, pp. 1233–1240. Morgan Kaufmann (2002)
Yun, I., Lee, S., Xu, M., Jang, Y., Kim, T.: QSYM: a practical concolic execution engine tailored for hybrid fuzzing. In: USENIX Security Symposium, pp. 745–761. USENIX (2018)
Zalewski, M.: American Fuzzy Lop (2017)
Acknowledgment
The authors gratefully acknowledge that the work presented was supported by the German Federal Ministry for Economic Affairs and Energy (BMWi), project no. 1501600C (SMARTEST2).
Author information
Authors and Affiliations
Corresponding authors
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 Springer Nature Switzerland AG
About this paper
Cite this paper
Neubaum, A., Al Sardy, L., Spisländer, M., Saglietti, F., Biener, Y. (2021). Testing for IT Security: A Guided Search Pattern for Exploitable Vulnerability Classes. In: Habli, I., Sujan, M., Gerasimou, S., Schoitsch, E., Bitsch, F. (eds) Computer Safety, Reliability, and Security. SAFECOMP 2021 Workshops. SAFECOMP 2021. Lecture Notes in Computer Science(), vol 12853. Springer, Cham. https://doi.org/10.1007/978-3-030-83906-2_8
Download citation
DOI: https://doi.org/10.1007/978-3-030-83906-2_8
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-83905-5
Online ISBN: 978-3-030-83906-2
eBook Packages: Computer ScienceComputer Science (R0)