![](/images/graphics-bg.png)
A Pattern-Based Software Testing Framework for Exploitability Evaluation of Metadata Corruption Vulnerabilities
المؤلفون المشاركون
Jiang, Zhiyuan
Deng, Fenglei
Wang, Jian
Su, Yunfei
Feng, Chao
Zhang, Bin
المصدر
العدد
المجلد 2020، العدد 2020 (31 ديسمبر/كانون الأول 2020)، ص ص. 1-21، 21ص.
الناشر
Hindawi Publishing Corporation
تاريخ النشر
2020-09-27
دولة النشر
مصر
عدد الصفحات
21
التخصصات الرئيسية
الملخص EN
In recent years, increased attention is being given to software quality assurance and protection.
With considerable verification and protection schemes proposed and deployed, today’s software unfortunately still fails to be protected from cyberattacks, especially in the presence of insecure organization of heap metadata.
In this paper, we aim to explore whether heap metadata could be corrupted and exploited by cyberattackers, in an attempt to assess the exploitability of vulnerabilities and ensure software quality.
To this end, we propose RELAY, a software testing framework to simulate human exploitation behavior for metadata corruption at the machine level.
RELAY employs the heap layout serialization method to construct exploit patterns from human expertise and decomposes complex exploit-solving problems into a series of intermediate state-solving subproblems.
With the heap layout procedural method, RELAY makes use of the fewer resources consumed to solve a layout problem according to the exploit pattern, activates the intermediate state, and generates the final exploit.
Additionally, RELAY can be easily extended and can continuously assimilate human knowledge to enhance its ability for exploitability evaluation.
Using 20 CTF&RHG programs, we then demonstrate that RELAY has the ability to evaluate the exploitability of metadata corruption vulnerabilities and works more efficiently compared with other state-of-the-art automated tools.
نمط استشهاد جمعية علماء النفس الأمريكية (APA)
Deng, Fenglei& Wang, Jian& Zhang, Bin& Feng, Chao& Jiang, Zhiyuan& Su, Yunfei. 2020. A Pattern-Based Software Testing Framework for Exploitability Evaluation of Metadata Corruption Vulnerabilities. Scientific Programming،Vol. 2020, no. 2020, pp.1-21.
https://search.emarefa.net/detail/BIM-1209298
نمط استشهاد الجمعية الأمريكية للغات الحديثة (MLA)
Deng, Fenglei…[et al.]. A Pattern-Based Software Testing Framework for Exploitability Evaluation of Metadata Corruption Vulnerabilities. Scientific Programming No. 2020 (2020), pp.1-21.
https://search.emarefa.net/detail/BIM-1209298
نمط استشهاد الجمعية الطبية الأمريكية (AMA)
Deng, Fenglei& Wang, Jian& Zhang, Bin& Feng, Chao& Jiang, Zhiyuan& Su, Yunfei. A Pattern-Based Software Testing Framework for Exploitability Evaluation of Metadata Corruption Vulnerabilities. Scientific Programming. 2020. Vol. 2020, no. 2020, pp.1-21.
https://search.emarefa.net/detail/BIM-1209298
نوع البيانات
مقالات
لغة النص
الإنجليزية
الملاحظات
Includes bibliographical references
رقم السجل
BIM-1209298
قاعدة معامل التأثير والاستشهادات المرجعية العربي "ارسيف Arcif"
أضخم قاعدة بيانات عربية للاستشهادات المرجعية للمجلات العلمية المحكمة الصادرة في العالم العربي
![](/images/ebook-kashef.png)
تقوم هذه الخدمة بالتحقق من التشابه أو الانتحال في الأبحاث والمقالات العلمية والأطروحات الجامعية والكتب والأبحاث باللغة العربية، وتحديد درجة التشابه أو أصالة الأعمال البحثية وحماية ملكيتها الفكرية. تعرف اكثر
![](/images/kashef-image.png)