The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
In order to solve the problem that the accuracy of flaws identification in ultrasonic testing is not high enough due to the error in sensor information acquisition and the noise interference in the detection environment, a method of flaws identification in ultrasonic testing based on evidential reasoning rule (ER rule) is studied. Firstly, ER rule is proposed to consider the reliability and weights...
Current network protocol binary software testing methods cannot discover serious vulnerabilities in deep states. This article introduces a novel method based on multi-packet symbolic execution, which can drive the software to deep states, to test the whole network protocol binary software stacks. This article also presents a prototype system, S2EProtocol-multi, upon Selective Symbolic Execution (S2E)...
Traditional symbolic execution for testing software focuses on exploring the paths of the program. However, for stateful network protocol, this method is hard to explore all the protocol states. This paper proposes a novel method based on model-guided symbolic execution, which can associate the program paths with the protocol states and utilize the protocol model to guide the test to explore interesting...
The vulnerabilities existing in network protocol implementations are difficult to detect. The main reason is that the state space of complex protocol binary software is too large to explore. This paper proposes a novel approach that leverages selective symbolic execution to test network protocol binary software directly, which confines symbolic execution in the secure-sensitive area. This paper also...
In this paper a new vulnerability detecting method is proposed to detect buffer boundary violations. The main idea is to use the metric of array index manipulation rather than using any heuristic method. We employ a SVM-based classifier to classify the vulnerable functions and innocent functions. Then the vulnerable functions are fed to function call graph guided symbolic execution to precisely determine...
In this paper, we propose reversed taint analysis to dig out the root cause of the vulnerability leading to crash. In order to increase the efficiency, we propose that during the analysis process, we should only taint the EIP register when the crash happens and then trace back to analyze the data and operations, until we find out the influential inputs that can be controlled by the users. In addition,...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.