ExploitMeter: Combining Fuzzing with Machine Learning for Automated Evaluation of Software Exploitability

机译：ExploitMeter：将模糊测试与机器学习相结合，以自动评估软件的可利用性

获取原文

获取原文并翻译 | 示例

页面导航

摘要
著录项
相似文献
相关主题

摘要

Exploitable software vulnerabilities pose severe threats to its information security and privacy. Although a great amount of efforts have been dedicated to improving software security, research on quantifying software exploitability is still in its infancy. In this work, we propose ExploitMeter, a fuzzing-based framework of quantifying software exploitability that facilitates decision-making for software assurance and cyber insurance. Designed to be dynamic, efficient and rigorous, ExploitMeter integrates machine learning-based prediction and dynamic fuzzing tests in a Bayesian manner. Using 100 Linux applications, we conduct extensive experiments to evaluate the performance of ExploitMeter in a dynamic environment.

机译：可利用的软件漏洞对其信息安全和隐私构成严重威胁。尽管已经为提高软件安全性做出了大量努力，但是关于量化软件可利用性的研究仍处于起步阶段。在这项工作中，我们提出了ExploitMeter，这是一个基于模糊的量化软件可利用性的框架，可以促进软件保障和网络保险的决策制定。 ExploitMeter设计为动态，高效和严格的，以贝叶斯方式集成了基于机器学习的预测和动态模糊测试。我们使用100个Linux应用程序进行了广泛的实验，以评估ExploitMeter在动态环境中的性能。

著录项

来源
《2017 IEEE Symposium on Privacy-Aware Computing》|2017年|164-175|共12页
会议地点 Washington(US)
作者
Guanhua Yan; Junchen Lu; Zhan Shu; Yunus Kucuk;
展开▼
作者单位

Dept. of Comput. Sci., Binghamton Univ., Binghamton, NY, USA;

Dept. of Comput. Sci., Binghamton Univ., Binghamton, NY, USA;

Dept. of Comput. Sci., Binghamton Univ., Binghamton, NY, USA;

Dept. of Comput. Sci., Binghamton Univ., Binghamton, NY, USA;

展开▼
会议组织
原文格式 PDF
正文语种 eng
中图分类
关键词
Software; Insurance; Predictive models; Feature extraction; Security; Bayes methods;

机译：软件;保险;预测模型;特征提取;安全性;贝叶斯方法;;
入库时间 2022-08-26 13:55:14

相似文献

外文文献
中文文献
专利

1. PES-Learn: An Open-Source Software Package for the Automated Generation of Machine Learning Models of Molecular Potential Energy Surfaces [J] . Abbott Adam S., Turney Justin M., Zhang Boyi, Journal of chemical theory and computation: JCTC . 2019,第8期

机译：PES-Learn：用于自动化的机器学习模型的开源软件包的分子潜在能量表面
2. Automated classification of software issue reports using machine learning techniques: an empirical study [J] . Nitish Pandey, Debarshi Kumar Sanyal, Abir Hudait, Innovations in Systems and Software Engineering . 2017,第4期

机译：使用机器学习技术自动分类软件问题报告：实证研究
3. Generating automated kidney transplant biopsy reports combining molecular measurements with ensembles of machine learning classifiers (vol 19, pg 2719, 2019) [J] . Nature reviews Cancer . 2020,第2期

机译：生成自动肾移植活检报告，将分子测量与机器学习分类器的合奏相结合（Vol 19，PG 2719,2019）
4. ExploitMeter: Combining Fuzzing with Machine Learning for Automated Evaluation of Software Exploitability [C] . Guanhua Yan, Junchen Lu, Zhan Shu, IEEE Symposium on Privacy-Aware Computing . 2017

机译：爆炸仪：将模糊与机器学习相结合，实现软件剥削性的自动评估
5. A combined machine-learning and graph-based framework for the 3-D automated segmentation of retinal structures in SD-OCT images. [D] . Antony, Bhavna Josephine. 2013

机译：结合了机器学习和基于图的框架，可对SD-OCT图像中的视网膜结构进行3-D自动分割。
6. Myosoft: An automated muscle histology analysis tool using machine learning algorithm utilizing FIJI/ImageJ software [O] . Lucas Encarnacion-Rivera, Steven Foltz, H. Criss Hartzell, 2020

机译：MyOSoft：使用斐济/ imagej软件的机器学习算法自动肌肉组织学分析工具
7. Cyberheart-Diagnostics Software Package for Automated Electrocardiogram Analysis Based on Machine Learning Techniques [O] . V.A. Moskalenko, A.V. Nikolskiy, N.Yu. Zolotykh, 2019

机译：基于机器学习技术的Cyber Heart-Diagnostics软件包，用于自动心电图分析

ExploitMeter: Combining Fuzzing with Machine Learning for Automated Evaluation of Software Exploitability

摘要

著录项

相似文献

相关主题

期刊订阅