%0 Journal Article
%T New method of software vulnerability detection based on fuzzing<br>一种基于fuzzing技术的漏洞发掘新思路
%A SHAO Lin
%A ZHANG Xiao-song
%A SU En-biao
%A <br>邵林
%A 张小松
%A 苏恩标
%J 计算机应用研究
%D 2009
%I 
%X The techniques of buffer overflow vulnerabilities detection was single and limited to manual analysis, binary-patch comparison, fuzzing and so on. These techniques of vulnerabilities detection were either too dependent on manual analysis or too blind, leading up to the low efficiency of vulnerabilities detection. Introduced a new method of buffer overflow vulnerabilities detection, which was based on fuzzing, data-flow dynamic analysis and automated exception analysis. Overcame the disadvantages of old techniques, this new method effectively improves the detection of potential unknown security vulnerabilities (0day) in software. Besides, this method is more automated and performs better in finding new security vulnerabilities.
%K automation
%K buffer overflow
%K fuzzing
%K security vulnerability
%K vulnerability detection<br>自动化
%K 缓冲区溢出
%K 黑盒测试
%K 安全漏洞
%K 漏洞发掘
%U http://www.alljournals.cn/get_abstract_url.aspx?pcid=5B3AB970F71A803DEACDC0559115BFCF0A068CD97DD29835&cid=8240383F08CE46C8B05036380D75B607&jid=A9D9BE08CDC44144BE8B5685705D3AED&aid=FD389B382E6B257869629C9640A44AB8&yid=DE12191FBD62783C&vid=96C778EE049EE47D&iid=38B194292C032A66&sid=3395C64999261B75&eid=61EDB4BBA42E40FF&journal_id=1001-3695&journal_name=计算机应用研究&referenced_num=3&reference_num=10