Skip to main content
Conference ProceedingsOPEN ACCESS

Using testing techniques for vulnerability detection in C programs

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (2011) 7019 LNCS 80-96
DOI: 10.1007/978-3-642-24580-0_7
8Citations
Citations of this article
13Readers
Mendeley users who have this article in their library.

This article is free to access.

Abstract

This paper presents a technique for vulnerability detection in C programs. It is based on a vulnerability formal model called "Vulnerability Detection Conditions" (VDCs). This model is used together with passive testing techniques for the automatic detection of vulnerabilities. The proposed technique has been implemented in a dynamic code analysis tool, TestInv-Code, which detects the presence of vulnerabilities on a given code, by checking dynamically the VDCs on the execution traces of the given program. The tool has been applied to several C applications containing some well known vulnerabilities to illustrate its effectiveness. It has also been compared with existing tools in the market, showing promising performances. © 2011 IFIP International Federation for Information Processing.

Author supplied keywords

Cite

CITATION STYLE

APA

Mammar, A., Cavalli, A., Jimenez, W., Mallouli, W., & De Oca, E. M. (2011). Using testing techniques for vulnerability detection in C programs. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 7019 LNCS, pp. 80–96). Springer Verlag. https://doi.org/10.1007/978-3-642-24580-0_7

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free