A Buffer Overflow Prediction Approach Based on Software Metrics and Machine Learning

Buffer overflow vulnerability is the most common and serious type of vulnerability in software today, as network security issues have become increasingly critical. To alleviate the security threat, many vulnerability mining methods based on static and dynamic analysis have been developed. However, t...

Full description

Saved in:
Bibliographic Details
Published in:Security and communication networks Vol. 2019; no. 2019; pp. 1 - 13
Main Authors: Wei, Zhiyao, Liu, Qian, Zheng, Zhangqi, Ren, Jiadong, Huaizhi, Yan
Format: Journal Article
Language:English
Published: Cairo, Egypt Hindawi Publishing Corporation 01.01.2019
Hindawi
John Wiley & Sons, Inc
Subjects:
Accuracy
Algorithms
Buffers
Computing time
Data mining
Data transmission
Decision trees
Embedded systems
Experiments
Machine learning
Overflow
Research methodology
Security
Software
Software reliability
Source code
Support vector machines
ISSN:1939-0114, 1939-0122
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Buffer overflow vulnerability is the most common and serious type of vulnerability in software today, as network security issues have become increasingly critical. To alleviate the security threat, many vulnerability mining methods based on static and dynamic analysis have been developed. However, the current analysis methods have problems regarding high computational time, low test efficiency, low accuracy, and low versatility. This paper proposed a software buffer overflow vulnerability prediction method by using software metrics and a decision tree algorithm. First, the software metrics were extracted from the software source code, and data from the dynamic data stream at the functional level was extracted by a data mining method. Second, a model based on a decision tree algorithm was constructed to measure multiple types of buffer overflow vulnerabilities at the functional level. Finally, the experimental results showed that our method ran in less time than SVM, Bayes, adaboost, and random forest algorithms and achieved 82.53% and 87.51% accuracy in two different data sets. The method presented in this paper achieved the effect of accurately predicting software buffer overflow vulnerabilities in C/C++ and Java programs.
Bibliography:ObjectType-Article-1
SourceType-Scholarly Journals-1
ObjectType-Feature-2
content type line 14
ISSN:1939-0114
1939-0122
DOI:10.1155/2019/8391425