Biblio
Filters: Author is Egorov, Danila [Clear All Filters]
.
2021. Detecting Attack Surface With Full-System Taint Analysis. 2021 IEEE 21st International Conference on Software Quality, Reliability and Security Companion (QRS-C). :1161–1162.
Attack surface detection for the complex software is needed to find targets for the fuzzing, because testing the whole system with many inputs is not realistic. Researchers that previously applied taint analysis for dealing with different security tasks in the virtual machines did not examined how to apply it for attack surface detection. I.e., getting the program modules and functions, that may be affected by input data. We propose using taint tracking within a virtual machine and virtual machine introspection to create a new approach that can detect the internal module interfaces that can be fuzz tested to assure that software is safe or find the vulnerabilities.