It is argued that runtime verification techniques can be used to identify unknown application security vulnerabilities that are a consequence of unexpected execution paths in software. A methodology is proposed that can be used to build a model of expected application execution paths during the software development cycle. This model is used at runtime to detect exploitation of unknown security vulnerabilities using anomaly detection style techniques. The approach is evaluated by considering its effectiveness in identifying 19 vulnerabilities across 26 versions of Apache Struts over a 5 year period.
CITATION STYLE
Pieczul, O., & Foley, S. N. (2016). Runtime detection of zero-day vulnerability exploits in contemporary software systems. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 9766, pp. 347–363). Springer Verlag. https://doi.org/10.1007/978-3-319-41483-6_24
Mendeley helps you to discover research relevant for your work.