4 research outputs found
The use of machine learning with signal- and NLP processing of source code to fingerprint, detect, and classify vulnerabilities and weaknesses with MARFCAT
We present a machine learning approach to static code analysis and
fingerprinting for weaknesses related to security, software engineering, and
others using the open-source MARF framework and the MARFCAT application based
on it for the NIST's SATE2010 static analysis tool exposition workshop found at
http://samate.nist.gov/SATE2010Workshop.htmlComment: 33 pages, 11 tables; some results presented at SATE2010; NIST,
October 2011; shorter version of v5 appears in the NIST technical report at
http://samate.nist.gov/docs/NIST_Special_Publication_500-283.pdf#page=49
where its presentation is found at
http://samate.nist.gov/docs/SATE2010/SATE10_13_Marfcat_Mokhov.pdf and the
MARFCAT OSS release at
http://sourceforge.net/projects/marf/files/Applications/MARFCAT
Intensional Cyberforensics
This work focuses on the application of intensional logic to cyberforensic
analysis and its benefits and difficulties are compared with the
finite-state-automata approach. This work extends the use of the intensional
programming paradigm to the modeling and implementation of a cyberforensics
investigation process with backtracing of event reconstruction, in which
evidence is modeled by multidimensional hierarchical contexts, and proofs or
disproofs of claims are undertaken in an eductive manner of evaluation. This
approach is a practical, context-aware improvement over the finite state
automata (FSA) approach we have seen in previous work. As a base implementation
language model, we use in this approach a new dialect of the Lucid programming
language, called Forensic Lucid, and we focus on defining hierarchical contexts
based on intensional logic for the distributed evaluation of cyberforensic
expressions. We also augment the work with credibility factors surrounding
digital evidence and witness accounts, which have not been previously modeled.
The Forensic Lucid programming language, used for this intensional
cyberforensic analysis, formally presented through its syntax and operational
semantics. In large part, the language is based on its predecessor and
codecessor Lucid dialects, such as GIPL, Indexical Lucid, Lucx, Objective
Lucid, and JOOIP bound by the underlying intensional programming paradigm.Comment: 412 pages, 94 figures, 18 tables, 19 algorithms and listings; PhD
thesis; v2 corrects some typos and refs; also available on Spectrum at
http://spectrum.library.concordia.ca/977460