Loading [a11y]/accessibility-menu.js
A software vulnerability analysis environment based on virtualization technology | IEEE Conference Publication | IEEE Xplore

A software vulnerability analysis environment based on virtualization technology

Publisher: IEEE

Abstract:

The accurate identification and effective analysis of software vulnerabilities depends on flexible and extensible analysis environment. However, current research work can...View more

Abstract:

The accurate identification and effective analysis of software vulnerabilities depends on flexible and extensible analysis environment. However, current research work cannot provide highly available environment supporting for different types of vulnerabilities. Aiming at the problem, this paper proposes a novel method for constructing software vulnerability analysis environment based upon virtualization technique, defines the system level simulation model for vulnerability analysis, and describes the simulation model based vulnerability analysis method. Based upon the simulation model and analysis method, we have designed and implemented the Virtualization-based Vulnerability Analysis Environment (VirtualVAE), which can examine the operation behaviors of guest operation system and applications at hardware level, and analyze the operation process of sensitive data in the whole system. Therefore, it can accurately simulate a wide variety of system behaviors, and provide dynamic analysis capabilities for different types of vulnerabilities. The experimental results show that it provides a flexible environment for accurately identifying and analyzing the vulnerabilities of software systems.
Date of Conference: 25-27 June 2010
Date Added to IEEE Xplore: 05 August 2010
ISBN Information:
Publisher: IEEE
Conference Location: Beijing, China

References

References is not available for this document.