A case study on software vulnerability coordination

Ruohonen, Jukka; Rauti, Sampsa; Hyrynsalmi, Sami; Leppänen, Ville

doi:10.1016/j.infsof.2018.06.005

Cited by 13 publications

(13 citation statements)

References 94 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Bug fixing times are a classical topic in software engineering. Although not all bugs found by fuzzing are security bugs, previous results generally indicate that also security bugs often take a surprisingly long time to fix in many different contexts [15], [16]. Some bugs are never fixed even though these have been recognized as vulnerabilities [17].…”

Section: Research Design a Research Questionsmentioning

confidence: 96%

“…For instance, different memory management bugs (such as CWE-415 and CWE-416) could be assumed to yield faster fixing times compared to stalls and deadlocks that are usually difficult to debug especially in the kernel development context. In general, a similar rationale applies to the coordination of CVE identifiers and vulnerabilities in general [16]. Of course, testing and reviewing take time, and thus RQ.3b implies a clear-cut hypothesis.…”

Section: Research Design a Research Questionsmentioning

confidence: 98%

“…No universal explanation is known for these and related results. Numerous different explanations are offered in the literature: some build on bug triaging aspects and different incentives for vendors, bug reporters, and developers [15], [18]; others stem from bug severity, testing, architectural flaws, dependencies, code complexity, and code churn [19], [20]; some are related to problems in vulnerability disclosure and associated coordination, including the allocation of CVEs for the vulnerabilities [16], [21]; and so forth. Whatever the explanations may be, the first research question is worth asking to better understand the time delays associated with continuous fuzzing and automated testing in general.…”

Section: Research Design a Research Questionsmentioning

confidence: 99%

See 2 more Smart Citations

Empirical Notes on the Interaction Between Continuous Kernel Fuzzing and Development

Ruohonen

Rindell

2019

2019 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)

Self Cite

View full text Add to dashboard Cite

Fuzzing has been studied and applied ever since the 1990s. Automated and continuous fuzzing has recently been applied also to open source software projects, including the Linux and BSD kernels. This paper concentrates on the practical aspects of continuous kernel fuzzing in four open source kernels. According to the results, there are over 800 unresolved crashes reported for the four kernels by the syzkaller/syzbot framework. Many of these have been reported relatively long ago. Interestingly, fuzzing-induced bugs have been resolved in the BSD kernels more rapidly. Furthermore, assertions and debug checks, use-afterfrees, and general protection faults account for the majority of bug types in the Linux kernel. About 23% of the fixed bugs in the Linux kernel have either went through code review or additional testing. Finally, only code churn provides a weak statistical signal for explaining the associated bug fixing times in the Linux kernel.

show abstract

Section: Research Design a Research Questionsmentioning

confidence: 96%

Section: Research Design a Research Questionsmentioning

confidence: 98%

Section: Research Design a Research Questionsmentioning

confidence: 99%

See 1 more Smart Citation

Empirical Notes on the Interaction Between Continuous Kernel Fuzzing and Development

Ruohonen

Rindell

2019

2019 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)

Self Cite

View full text Add to dashboard Cite

show abstract

“…The examples include hosting services, blogs, company websites, bug trackers, bug bounty platforms, so-called pastebins, other databases, media outlets, online archives, and personal homepages. Taken together, these diverse sources are a good example on the practical challenges for current vulnerability tracking [28]. Such practical challenges also translate into research challenges: mining a single software repository (or a few repositories, for that matter) is assuredly inadequate for empirically observing most known software (plugin) vulnerabilities.…”

Section: Overviewmentioning

confidence: 99%

A Demand-Side Viewpoint to Software Vulnerabilities in WordPress Plugins

Ruohonen

2019

Proceedings of the Evaluation and Assessment on Software Engineering

Self Cite

View full text Add to dashboard Cite

WordPress has long been the most popular content management system (CMS). This CMS powers millions and millions of websites. Although WordPress has had a particularly bad track record in terms of security, in recent years many of the well-known security risks have transmuted from the core WordPress to the numerous plugins and themes written for the CMS. Given this background, the paper analyzes known software vulnerabilities discovered from WordPress plugins. A demand-side viewpoint was used to motivate the analysis; the basic hypothesis is that plugins with large installation bases have been affected by multiple vulnerabilities. As the hypothesis also holds according to the empirical results, the paper contributes to the recent discussion about common security folklore. A few general insights are also provided about the relation between software vulnerabilities and software maintenance. CCS CONCEPTS• Security and privacy → Web application security;

show abstract

“…With the rapid development of information technology, software system and its vulnerabilities have become a widespread concern for developers [1][2][3][4]. Software vulnerabilities are defects in software's specific implementation or system security policy, which can enable attackers to access or damage the system without authorization.…”

Section: Introductionmentioning

confidence: 99%

Study on Software Vulnerability Characteristics and Its Identification Method

Luo

Wang

Huang

et al. 2020

Mathematical Problems in Engineering

View full text Add to dashboard Cite

A method for identifying software data flow vulnerabilities is proposed based on the dendritic cell algorithm and the improved convolutional neural network to effectively solve the transmission errors in software data flow. In this method, we first gave the software data flow propagation model and constructed the data propagation tree structure. Secondly, we analyzed the running characteristics of the software, took the interaction among indexes into account, and identified data flow vulnerabilities using the dendritic cell algorithm and the improved convolutional neural network. Finally, we conducted an in-depth study on the performance of this method and other algorithms through mathematical simulation. The results show that this method has better advantages in detection time, storage cost, and software code size.

show abstract

A case study on software vulnerability coordination

Cited by 13 publications

References 94 publications

Empirical Notes on the Interaction Between Continuous Kernel Fuzzing and Development

Empirical Notes on the Interaction Between Continuous Kernel Fuzzing and Development

A Demand-Side Viewpoint to Software Vulnerabilities in WordPress Plugins

Study on Software Vulnerability Characteristics and Its Identification Method

Contact Info

Product

Resources

About