Abstract
Discovering and eliminating critical vulnerabilities in program code is a key requirement for the secure operation of software systems. This task rests primarily on the shoulders of experienced code analysts who inspect programs in-depth to identify weaknesses. As software systems grow in complexity, while the amount of security critical code increases, supplying these analysts with effective methods to assist in their work becomes even more crucial. Unfortunately, exact methods for automated software analysis are rarely of help in practice, as they do not scale to the complexity of contemporary software projects, and are not designed to benefit from the analyst's domain knowledge. To address this problem, we present pattern-based vulnerability discovery, a novel approach of devising assistant methods for vulnerability discovery that are build with a high focus on practical requirements. The approach combines techniques of static analysis, machine learning, and graph mining to lend imprecise but highly effective methods that allow analysts to benefit from the machine's pattern recognition abilities without sacrificing the strengths of manual analysis.
About the author
Dr. Fabian Yamaguchi, is a post-doctoral researcher at Technische Universität Braunschweig. He received his Diploma in computer engineering from Technische Universität Berlin in 2011 and his Doctorate in Computer Science from the University of Göttingen in 2015. In 2016, he was awarded the CAST/GI Dissertation prize for his thesis entitled Pattern-based Vulnerability Discovery. In his research, he focuses on program analysis, vulnerability discovery, machine learning, and de-anonymization.
Technische Universität Braunschweig, Institute of System Security, 38106 Braunschweig, Germany
©2017 Walter de Gruyter Berlin/Boston