Browse wiki

From Navigators

Jump to: navigation, search
Abstract Some software faults, namely security vuln Some software faults, namely security vulnerabilities, tend to elude conventional testing methods. Since the effects of these faults may not be immediately perceived nor have a direct impact on the server's execution (e.g., a crash), they can remain hidden even if exercised by the test cases. Our detection approach consists in inferring a behavioral profile of a network server that models its correct execution by combining information about the implemented state machine protocol and the server's internal execution. Flaws are automatically detected if the server's behavior deviates from the profile while processing the test cases. This approach was implemented in a tool, which was used to analyze several FTP vulnerabilities, showing that it can effectively find various kinds of flaws. n effectively find various kinds of flaws.
Author João Antunes + , Nuno Ferreira Neves +
Booktitle Proceedings of the International Symposium on Software Reliability Engineering (ISSRE)  +
Key Antunes11d  +
Month nov  +
NumPubDate 2,011.11  +
Project Project:MASSIF + , Project:DIVERSE +
ResearchLine Fault And Intrusion Tolerance in Open Distributed Systems (FIT) +
Title Using Behavioral Profiles to Detect Software Flaws in Network Servers  +
Type inproceedings  +
Url  +
Year 2011  +
Categories Publication  +
Modification dateThis property is a special property in this wiki. 14 January 2013 14:40:44  +
hide properties that link here 
  No properties link to this page.


Enter the name of the page to start browsing from.
Personal tools
Navigators toolbox