Paper Info
Title
Vulcloud: Scalable and Hybrid Vulnerability Detection in Cloud Computing
Abstract
Vulnerability exploits will result in security breaches or violations of the system's security policy causing information leakage or economic losses. Although many detection methods such as static analysis, dynamic analysis and fuzz testing have been presented, the vulnerabilities are still difficult to detect. In this paper, we propose a new detection cloud service Vulcloud, which is scalable and hybrid combining the static, dynamic and fuzzing into cloud computing. Vulcloud first statically analyzes the objects and reports the potential vulnerable items. And then, the fuzzing cases for the items are semi-automated created, and tested under the dynamic monitoring. Finally, the source code of the results are statically analyzed again to determine whether they are vulnerabilities or not. The prototype of Vulcloud is implemented, and the performance is evaluated by Mplayer source code. The experiment results show that Vulcloud can detect vulnerabilities in software, and the challenges of storage and processing capabilities are resolved by cloud computing.
Year
DOI
Venue
2013
10.1109/SERE-C.2013.17
SERE (Companion)
Keywords
Field
DocType
security breach,detection method,dynamic analysis,dynamic monitoring,source code,new detection cloud service,cloud computing,security policy,mplayer source code,hybrid vulnerability detection,fuzzing case,static analysis,security,fuzz testing,testing,system monitoring,source coding
Fuzz testing,Source code,Computer science,Static analysis,Exploit,Vulnerability management,Cloud testing,Scalability,Distributed computing,Cloud computing
Conference
Citations 
PageRank 
References 
0
0.34
3
Authors
5
Name
Order
Citations
PageRank
JingZheng Wu110813.36
Yanjun Wu27323.02
Zhifei Wu321.43
Mutian Yang494.25
Yongji Wang560675.34