A Large-Scale Empirical Study on Vulnerability Distribution within Projects and the Lessons Learned

The number of vulnerabilities increases rapidly in recent years, due to advances in vulnerability discovery solutions. It enables a thorough analysis on the vulnerability distribution and provides support for correlation analysis and prediction of vulnerabilities. Previous research either focuses on...

Celý popis

Uloženo v:
Podrobná bibliografie
Vydáno v:2020 IEEE/ACM 42nd International Conference on Software Engineering (ICSE) s. 1547 - 1559
Hlavní autoři: Liu, Bingchang, Meng, Guozhu, Zou, Wei, Gong, Qi, Li, Feng, Lin, Min, Sun, Dandan, Huo, Wei, Zhang, Chao
Médium: Konferenční příspěvek
Jazyk:angličtina
Vydáno: ACM 01.10.2020
Témata:
Crawlers
Empirical Study
Fuzzing
Manuals
Security
Semantics
Software engineering
Static analysis
Vulnerability Distribution
ISSN:1558-1225
On-line přístup:Získat plný text
Tagy: Přidat tag
Žádné tagy, Buďte první, kdo vytvoří štítek k tomuto záznamu!
Popis
Shrnutí:The number of vulnerabilities increases rapidly in recent years, due to advances in vulnerability discovery solutions. It enables a thorough analysis on the vulnerability distribution and provides support for correlation analysis and prediction of vulnerabilities. Previous research either focuses on analyzing bugs rather than vulnerabilities, or only studies general vulnerability distribution among projects rather than the distribution within each project. In this paper, we collected a large vulnerability dataset, consisting of all known vulnerabilities associated with five representative open source projects, by utilizing automated crawlers and spending months of manual efforts. We then analyzed the vulnerability distribution within each project over four dimensions, including files, functions, vulnerability types and responsible developers. Based on the results analysis, we presented 12 practical insights on the distribution of vulnerabilities. Finally, we applied such insights on several vulnerability discovery solutions (including static analysis and dynamic fuzzing), and helped them find 10 zero-day vulnerabilities in target projects, showing that our insights are useful.
ISSN:1558-1225
DOI:10.1145/3377811.3380923