Применение технологий символьно-конкретного тестирования и машинного обучения для автоматизации обнаружения уязвимостей программного обеспечения; Перспективы развития фундаментальных наук; Т. 7 : IT-технологии и электроника
| Parent link: | Перспективы развития фундаментальных наук=Prospects of Fundamental Sciences Development: сборник научных трудов XIV Международной конференции студентов, аспирантов и молодых ученых, г. Томск, 25-28 апреля 2017 г./ Национальный исследовательский Томский политехнический университет (ТПУ) ; под ред. И. А. Курзиной, Г. А. Вороновой.— , 2017 Т. 7 : IT-технологии и электроника.— 2017.— [С. 78-80] |
|---|---|
| Main Author: | |
| Other Authors: | |
| Summary: | Заглавие с экрана Security testing is important stage of software development life cycle. However, security testing requires considerable time from highly skilled security experts. The aim of the article is to describe techniques for reducing the number of false positives and false negatives in the automation vulnerability disclosure process. This paper is about an approach for software vulnerabilities discovery using concolic testing and machine learning techniques. Machine learning techniques are used to reduce the number of execution paths during concolic testing. This approach can be used to automate security testing. In this paper, security test cases and traces of previous version of software and similar software are used for training dataset for our models. This scheme of automation vulnerability disclosure will be used to build automation security testing system of software. |
| Language: | Russian |
| Published: |
2017
|
| Subjects: | |
| Online Access: | http://earchive.tpu.ru/handle/11683/45335 |
| Format: | Electronic Book Chapter |
| KOHA link: | https://koha.lib.tpu.ru/cgi-bin/koha/opac-detail.pl?biblionumber=625686 |