350 rub
Journal Information-measuring and Control Systems №11 for 2009 г.
Article in number:
Dynamic technique to find vulnerability
Authors:
V. I. Vorobiev, R. R. Fatkieva
Abstract:
The main methods of dynamic software analysis are considered. Analysis and classification of existed analysators are performed. An example of vulnerability finding is shown as Peach Fuzzing Framework analyzator. As testing server the simple web-server was considered, waiting of joining with client and data transfer, returning to hearing stage at the end. To estimate analyzator work the vulnerability in the form of stack overflow was inserted in the server.
This example and experience of using such systems show effectiveness of that method to find vulnerability software code for which improvement of efficiency is necessary to make increase in depth of the dynamic analysis with application of high-efficiency calculations.
Pages: 28-31
References
- http://peachfuzzer.com/
- Козиол Д. и др. Искусство взлома и защиты систем: Пер. с англ. Е. Матвеева. СПб.: Питер, 2006.