Advertisement

VulAware: Towards Massive-Scale Vulnerability Detection in Cyberspace

  • Zhiqiang Wang
  • Pingchuan Ma
  • Ruming Wang
  • Shichun Gao
  • Xuying Zhao
  • Tao Yang
Conference paper
Part of the Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering book series (LNICST, volume 251)

Abstract

Due to the delay of threat warning and vulnerability fixing, the critical servers in cyberspace are under potential threat. With the help of vulnerability detection system, we can reduce risk and manage servers efficiently. To date, substantial related works have been done, combined with unenjoyable performance. To address these issues, we present VulAware, which is a distributed framework for detecting vulnerabilities. It is able to detect remote vulnerabilities automatically. Finally, empirical results show that VulAware significantly outperforms the state-of-the-art methods in both speed and robustness.

Keywords

Cyber security Vulnerability detection Network attack Security vulnerability 

Notes

Acknowledgment

Our research is supported by Key Lab of Information Network Security of Ministry of Public Security, Open Project Foundation of Information Technology Research Base of Civil Aviation Administration of China (NO. CAAC-ITRB-201705), Beijing Common Construction Project (2017), National Innovation and Start-up Training Program (201710018026).

References

  1. 1.
    Bloom, B.H.: Space/time trade-offs in hash coding with allowable errors. Commun. ACM 13(7), 422–426 (1970)CrossRefGoogle Scholar
  2. 2.
    Broder, A., Mitzenmacher, M.: Network applications of bloom filters: a survey. Internet Math. 1(4), 485–509 (2004)MathSciNetCrossRefGoogle Scholar
  3. 3.
    Chen, T.M., Cai, J.M., Jiang, R.R., Feng, X.C.: Design of network security scanning system based on plug-in. Comput. Eng. Des. (2004)Google Scholar
  4. 4.
    Doupé, A., Cavedon, L., Kruegel, C., Vigna, G.: Enemy of the state: a state-aware black-box vulnerability scanner. In: USENIX Security Symposium (2012)Google Scholar
  5. 5.
    Doupé, A., Cova, M., Vigna, G.: Why Johnny can’t pentest: an analysis of black-box web vulnerability scanners. In: Kreibich, C., Jahnke, M. (eds.) DIMVA 2010. LNCS, vol. 6201, pp. 111–131. Springer, Heidelberg (2010).  https://doi.org/10.1007/978-3-642-14215-4_7CrossRefGoogle Scholar
  6. 6.
    Kals, S., Kirda, E., Kruegel, C., Jovanovic, N.: SecuBat: a web vulnerability scanner. In: International Conference on World Wide Web, pp. 247–256 (2006)Google Scholar
  7. 7.
    Liang, L., Zhang, Y., Gao, Y., Qian, X.: Research and implementation of a vulnerability detection and initiative recover system model. Comput. Eng. 3(3), 1–7 (2004)Google Scholar
  8. 8.
    Zhan, S.: Research and application of distributed vulnerability scanning model. Ph.D. thesis, Guangdong University of Technology (2013)Google Scholar

Copyright information

© ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering 2018

Authors and Affiliations

  • Zhiqiang Wang
    • 1
  • Pingchuan Ma
    • 1
  • Ruming Wang
    • 2
  • Shichun Gao
    • 1
  • Xuying Zhao
    • 1
  • Tao Yang
    • 3
  1. 1.Beijing Electronic Science and Technology InstituteBeijingPeople’s Republic of China
  2. 2.Hainan UniversityHaikouPeople’s Republic of China
  3. 3.Key Lab of Information Network Security of Ministry of Public SecurityShanghaiPeople’s Republic of China

Personalised recommendations