A Large-Scale Empirical Study on Vulnerability Distribution within Projects and the Lessons Learned

The number of vulnerabilities increases rapidly in recent years, due to advances in vulnerability discovery solutions. It enables a thorough analysis on the vulnerability distribution and provides support for correlation analysis and prediction of vulnerabilities. Previous research either focuses on...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:2020 IEEE/ACM 42nd International Conference on Software Engineering (ICSE) S. 1547 - 1559
Hauptverfasser: Liu, Bingchang, Meng, Guozhu, Zou, Wei, Gong, Qi, Li, Feng, Lin, Min, Sun, Dandan, Huo, Wei, Zhang, Chao
Format: Tagungsbericht
Sprache:Englisch
Veröffentlicht: ACM 01.10.2020
Schlagworte:
Crawlers
Empirical Study
Fuzzing
Manuals
Security
Semantics
Software engineering
Static analysis
Vulnerability Distribution
ISSN:1558-1225
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:The number of vulnerabilities increases rapidly in recent years, due to advances in vulnerability discovery solutions. It enables a thorough analysis on the vulnerability distribution and provides support for correlation analysis and prediction of vulnerabilities. Previous research either focuses on analyzing bugs rather than vulnerabilities, or only studies general vulnerability distribution among projects rather than the distribution within each project. In this paper, we collected a large vulnerability dataset, consisting of all known vulnerabilities associated with five representative open source projects, by utilizing automated crawlers and spending months of manual efforts. We then analyzed the vulnerability distribution within each project over four dimensions, including files, functions, vulnerability types and responsible developers. Based on the results analysis, we presented 12 practical insights on the distribution of vulnerabilities. Finally, we applied such insights on several vulnerability discovery solutions (including static analysis and dynamic fuzzing), and helped them find 10 zero-day vulnerabilities in target projects, showing that our insights are useful.
ISSN:1558-1225
DOI:10.1145/3377811.3380923