安全百科

来自Bug Killer
跳转至: 导航搜索

学习资料

相关课程

相关书籍

深度学习相关论文

  • Detecting Deep Neural Network Defects with Data Flow Analysis
  • DeepHunter: A Coverage-Guided Fuzz Testing Framework for Deep Neural Networks
  • A Review on Machine Learning Techniques for Software Defect Prediction
  • An Improved CNN Model for Within-Project Software Defect Prediction https://web.njit.edu/~davidsw/papers/oopsla19_id_201.pdf

数据流分析相关论文

  • 2020:Optimal and Perfectly Parallel Algorithms for On-demand Data-flow Analysis, [Optimal and Perfectly Parallel Algorithms for On-demand Data-flow Analysis 链接]
  • 2020: Pipelining Bottom-up Data Flow Analysis, 链接
  • 2019:Deterministic parallel fixpoint computation, 链接
  • 2019: Performance-Boosting Sparsification of the IFDS Algorithm with Applications to Taint Analysis, 链接
  • 2019:BigSpa: An Efficient Interprocedural Static Analysis Engine in the Cloud, 链接
  • 2019:Grapple: A graph system for static finite-state property checking of large-scale systems code, 链接
  • 2019:Scalable Static Analysis Using Facebook Infer, 链接
  • 2019'ICSE:SMOKE: Scalable Path-Sensitive Memory Leak Detection for Millions of Lines of Code, 链接
  • 2019'TACAS:PhASAR: An Inter-procedural Static Analysis Framework for C/C++, 链接
  • 2018':On accelerating source code analysis at massive scale, 链接
  • 2017'OSDI:Graspan: A single-machine disk-based graph system for interprocedural static analyses of large-scale systems code, 链接
  • 2017:Systemized Program Analyses: A Big Data Perspective on Scaling Large-Scale Code Analyses, 链接
  • 2015:https://ruor.uottawa.ca/bitstream/10393/32267/5/Zou_Di_2015_Thesis.pdf, 链接
  • 2013:Engineering an efficient reachability algorithm for directed graphs, 链接

集成学习相关论文

  • 2019'OpenSym:Ranking warnings from multiple source code static analyzers via ensemble learning, 链接
  • 2018'SQUDE:Prioritizing Alerts from Multiple Static Analysis Tools, using Classification Models, 链接
  • 2017'FUSION:Trust-based fusion of classifiers for static code analysis, 链接
  • 2017'QRS-C:A Framework for Combining and Ranking Static Analysis Tool Findings Based on Tool Performance Statistics 链接
  • 2008'The Eighth International Conference on Quality Software:An Approach to Merge Results of Multiple Static Analysis Tools (Short Paper), 链接

错误排序相关论文

  • 2019'LADC:An Exploratory Study on Machine Learning to Combine Security Vulnerability Alerts from Static Analysis Tools 链接
  • 2019'Spring:A variable-level automated defect identification model based on machine learning 链接
  • 2019'IEEE:The Analysis of Existing Methods of Software Verification 链接
  • 2018: 链接
  • 2017'xxx:Improving the Usefulness of Alerts Generated by Automated Static Analysis Tools 链接
  • 2017'SER&IP:Identifying and Documenting False Positive Patterns Generated by Static Code Analysis Tools, 链接
  • 2016'IEEE:Survey of Approaches for Handling Static Analysis Alarms 链接
  • 2014'MSR:Finding patterns in static analysis alerts: improving actionable alert ranking 链接
  • 2013'IEEE:Review efforts reduction by partitioning of static analysis warnings 链接
  • 2012'Spring:Sound Non-statistical Clustering of Static Analysis Alarms 链接
  • 2011'IEEE:EFindBugs: Effective Error Ranking for FindBugs 链接
  • 2008'ESEM:On establishing a benchmark for evaluating static analysis alert prioritization and classification techniques 链接
  • 2007'ACM:Adaptively ranking alerts generated from automated static analysis 链接
  • 2007'ICSE:Adaptive Probabilistic Model for Ranking Code-Based Static Analysis Alerts 链接
  • 2006'ISSRE:Automated Adaptive Ranking and Filtering of Static Analysis Alerts, 链接
  • 2004'xxx!!:Correlation exploitation in error ranking, 链接

硬件描述语言缺陷检测

  • 2020'DATE:Is Register Transfer Level Locking Secure?, 论文
  • 2020'DATE:SOLOMON: An Automated Framework for Detecting Fault Attack Vulnerabilities in Hardware, 论文
  • 2020'arxiv:SIMCom: Statistical Sniffing of Inter-Module Communications for Runtime Hardware Trojan Detection, [http]
  • 2019'DATE:Evaluating Assertion Set Completeness to Expose Hardware Trojans and Verification Blindspots, 论文
  • 2018'AsianHost:Detecting RTL Trojans using Artificial Immune Systems and High Level Behavior Classification, 论文
  • 2018'Computer & Security: Symbolic execution based test-patterns generation algorithm for hardware Trojan detection, 论文
  • 2017'ASPDAC:Detecting hardware trojans in unspecified functionality through solving satisfiability problems, slides
  • 2016'Verification Techniques for Hardware Security, 论文

其他

  • 2016, Johannes Dahse, Static Detection of Complex Vulnerabilities in Modern PHP Applications, link
  • Software Vulnerabilities Overview A Descriptive Study论文链接

文章的核心思想:通过将软件漏洞数据库NVD中2015、2016和2017三年的软件漏洞数据进行获取和整理,得到面向漏洞本身和面向漏洞类别这两方面的结果。漏洞本身:计算各个漏洞的impact,并按年度根据impact对漏洞进行排名;漏洞类别:将漏洞按照类别进行统计,并按照各类别中漏洞的数量进行排名。最终对上述两方面结果进行分析,得出impact最大的漏洞、最常见的漏洞类别以及年度之间的变化趋势,最终对本文意义进行总结,并对buffer overflow这一最常见的漏洞类别提出一些建议。

文件:范例.jpg

测试集

最热词条

百科分类

  • 信息安全术语
    • 0day漏洞:信息安全意义上的0Day是指在系统商在知晓并发布相关补丁前就被掌握或者公开的漏洞信息
    • DDOS攻击:DDoS攻击(分布式拒绝服务攻击)通过大量合法的请求占用大量网络资源,以达到瘫痪网络的目的。
    • 僵尸网络( Botnet): 是指采用一种或多种传播手段,将大量主机感染bot程序(僵尸程序)病毒,从而在控制者和被感染主机之间所形成的一个可一对多控制的网络。
  • 安全术语
    • 静态分析
    • 动态分析
    • 缺陷
    • 坏味道

程序开发领域,代码中的任何可能导致深层次问题的症状都可以叫做代码坏味道. 通常,在对代码做简短的反馈迭代时,代码坏味道会暴露出一些深层次的问题,这里的反馈迭代,是指以一种小范围的、可控的方式重构代码。基于这些暴露的问题,人们会进一步的检查设计和代码中是否还存在别的代码坏味道,然后再做进一步的重构。从负责重构的开发者的角度来看,代码坏味道可以启发何时重构,如何重构。因此,可以说代码坏味道推动着重构的进行。 常见的坏味道有:代码重复、类过大、类冗余、方法过长、参数列表过长等。

    • 度量
    • SQL注入
    • 资源泄漏
  • 安全工具
  • 其他问题
    • 为什么很多扫描工具称之为Lint?

Stephen C. Johnson, a computer scientist at Bell Labs, came up with lint in 1978 while debugging the yacc grammar he was writing for C and dealing with portability issues stemming from porting Unix to a 32-bit machine.[3][2] The term "lint" was derived from the name of the undesirable bits of fiber and fluff found in sheep's wool. In 1979, lint was used outside of Bell Labs for the first time in the seventh version (V7) of the Unix operating system. Over the years, different versions of lint were developed for many C and C++ compilers and while modern-day compilers have lint-like functions, lint-like tools have also advanced their capabilities. For example, Gimpel's PC-Lint, used to analyze C++ source code, is still being sold even though it was introduced in 1985.

贝尔实验室(Bell Labs)的计算机科学家斯蒂芬·约翰逊(Stephen C.Johnson)1978年在调试他为C编写的yacc语法和处理将Unix移植到32位计算机上所产生的可移植性问题时提出了lint这个词。[3][2]术语“lint”是从羊毛中发现的不需要的纤维和绒毛的名称派生出来的。1979年,lint首次在第七版(V7)的Unix操作系统中在贝尔实验室之外使用。 多年来,针对许多C和C++编译器开发了不同版本的LIT,而现代编译器具有类似Link的功能,类皮棉工具也提高了它们的能力。例如,GIMEPEL的PC皮特,用于分析C++源代码,即使在1985被引入,仍在销售。