Toward large-scale vulnerability discovery using Machine Learning

G. Grieco, G. Grinblat, L. Uzal, S. Rawat, J. Feist, L. Mounier

Research output: Chapter in Book / Report / Conference proceedingConference contributionAcademicpeer-review

Abstract

With sustained growth of software complexity, finding security vulnerabilities in operating systems has become an important necessity. Nowadays, OS are shipped with thousands of binary executables. Unfortunately, methodologies and tools for an OS scale program testing within a limited time budget are still missing.

In this paper we present an approach that uses lightweight static and dynamic features to predict if a test case is likely to contain a software vulnerability using machine learning techniques. To show the effectiveness of our approach, we set up a large experiment to detect easily exploitable memory corruptions using 1039 Debian programs obtained from its bug tracker, collected 138,308 unique execution traces and statically explored 76,083 different subsequences of function calls. We managed to predict with reasonable accuracy which programs contained dangerous memory corruptions.

We also developed and implemented VDiscover, a tool that uses state-of-the-art Machine Learning techniques to predict vulnerabilities in test cases. Such tool will be released as open-source to encourage the research of vulnerability discovery at a large scale, together with VDiscovery, a public dataset that collects raw analyzed data.
Original languageEnglish
Title of host publicationProceedings of the Sixth ACM on Conference on Data and Application Security and Privacy, CODASPY 2016, New Orleans, LA, USA, March 9-11, 2016
PublisherACM
Pages85-96
ISBN (Print)978-1-4503-3935-3
DOIs
Publication statusPublished - 2016

Fingerprint

Dive into the research topics of 'Toward large-scale vulnerability discovery using Machine Learning'. Together they form a unique fingerprint.

Cite this