Combining Static and Dynamic Analysis for Vulnerability Detection

In this paper, we present a hybrid approach for buffer overflow detection in C code. The approach makes use of static and dynamic analysis of the application under investigation. The static part consists in calculating taint dependency sequences (TDS) between user controlled inputs and vulnerable statements. This process is akin to program slice of interest to calculate tainted data- and control-flow path which exhibits the dependence between tainted program inputs and vulnerable statements in the code. The dynamic part consists of executing the program along TDSs to trigger the vulnerability by generating suitable inputs. We use genetic algorithm to generate inputs. We propose a fitness function that approximates the program behavior (control flow) based on the frequencies of the statements along TDSs. This runtime aspect makes the approach faster and accurate. We provide experimental results on the Verisec benchmark to validate our approach.Comment: There are 15 pages with 1 figur

Data-Driven Application Maintenance: Views from the Trenches

In this paper we present our experience during design, development, and pilot deployments of a data-driven machine learning based application maintenance solution. We implemented a proof of concept to address a spectrum of interrelated problems encountered in application maintenance projects including duplicate incident ticket identification, assignee recommendation, theme mining, and mapping of incidents to business processes. In the context of IT services, these problems are frequently encountered, yet there is a gap in bringing automation and optimization. Despite long-standing research around mining and analysis of software repositories, such research outputs are not adopted well in practice due to the constraints these solutions impose on the users. We discuss need for designing pragmatic solutions with low barriers to adoption and addressing right level of complexity of problems with respect to underlying business constraints and nature of data.Comment: Earlier version of paper appearing in proceedings of the 4th International Workshop on Software Engineering Research and Industrial Practice (SER&IP), IEEE Press, pp. 48-54, 201

XSS Vulnerability Detection Using Model Inference Assisted Evolutionary Fuzzing

Workshop website: http://www.spacios.eu/sectest2012/International audienceWe present an approach to detect web injection vulnerabilities by generating test inputs using a combination of model inference and evolutionary fuzzing. Model inference is used to obtain a knowledge about the application behavior. Based on this understanding, inputs are generated using genetic algorithm (GA). GA uses the learned formal model to automatically generate inputs with better fitness values towards triggering an instance of the given vulnerability

Congenital absence of lunate and triquetrum with hypoplastic scaphoid – a case report and review of literature

The absence or hypoplasia of bones or deformities associated with various bones have been documented in the past by various authors. These absent or hypoplastic carpal bones have mostly been associated with various congenital syndromes and anomalies. Here, a case is reported with absent lunate and triquetrum with hypoplastic scaphoid bone without any congenital anomaly or syndrome

Studies on Liver Marker Enzymes (SGOT and SGPT) of Fish Heteropneustes Fossilis (Bloch.) After Famfos Intoxication

Pesticide pollution is on increase through its increasing application in almost every field either it is household or agriculture where it is used widely. These pesticides reach to aquatic life by means of runoff water and other ways. The residual impact is increasing in aquatic fauna. Fishes are the best indicator of aquatic pollution and also used for human consumption. The residual effect adversely affects the liver marker enzymes (in serum) of fishes which are measured and discussed in the present study to assess the extent of damage caused by non-target effect of famfos to Heteropneustes fossilis (Bloch.)

Studies on Liver Marker Enzymes (SGOT and SGPT) of fish Heteropneustes fossilis (Bloch.) after Famfos intoxication

Pesticide pollution is on increase through its increasing application in almost every field either it is household or agriculture where it is used widely. These pesticides reach to aquatic life by means of runoff water and other ways. The residual impact is increasing in aquatic fauna. Fishes are the best indicator of aquatic pollution and also used for human consumption. The residual effect adversely affects the liver marker enzymes (in serum) of fishes which are measured and discussed in the present study to assess the extent of damage caused by non-target effect of famfos to Heteropneustes fossilis (Bloch.)

Isolation and adaptation of bovine herpes virus Type 1 in embryonated chicken eggs and in Madin–Darby bovine kidney cell line

Aim: Objective of the present study was to isolate bovine herpes virus Type 1 (BHV-1) from semen of infected bull and to adapt it onto embryonated eggs and Madin–Darby bovine kidney (MDBK) cell line. Further, the virus was identified by agar gel immunodiffusion (AGID) test. Materials and Methods: Semen samples were collected from five BHV-1 positive bulls previously confirmed for the presence of antibodies against BHV-1 using avidin-biotin enzyme linked immunosorbent assay test. The virus from semen samples was adapted in chorioallantoic membrane (CAM) of 11-day-old embryonated chickens eggs and in MDBK cell line. The presence of BHV-1 in infected CAM and cell culture fluid was confirmed by AGID test. Results: Virus infected CAM showed edema, congestion and thickening at first passage level. Small foci ranged from 1 to 2 mm in diameter, scattered all over the membrane were observed at first passage. More severe changes were observed in CAM after serial passaging. The large pock lesions, round in shape with opaque raised edge and depressed gray central area of necrosis ranged from 3 to 5 mm in diameter were developed at fourth passage. Blind passages in MDBK cell culture were made. The MDBK cell line at second passage level showed characteristic cytopathic effect viz. rounding of cells with shrinkage, followed by aggregation or clumping of cells which progressed rapidly and appeared as “bunch of grapes” at 72 h post inoculation. Few cells become elongated when compared with uninfected controls. A homogenate of CAM with distinct pock lesions and infected cell culture fluid developed precipitation line within 48 h against specific anti-BHV-1 immune serum by AGID test. Conclusion: BHV-1 was easily adapted in CAM of chicken embryos and in MDBK cell line. Virus infected CAM and cell culture fluid showed precipitin band by AGID test

Cupid: Automatic Fuzzer Selection for Collaborative Fuzzing

Combining the strengths of individual fuzzing methods is an appealing idea to find software faults more efficiently, especially when the computing budget is limited. In prior work, EnFuzz introduced the idea of ensemble fuzzing and devised three heuristics to classify properties of fuzzers in terms of diversity. Based on these heuristics, the authors manually picked a combination of different fuzzers that collaborate. In this paper, we generalize this idea by collecting and applying empirical data from single, isolated fuzzer runs to automatically identify a set of fuzzers that complement each other when executed collaboratively. To this end, we present Cupid, a collaborative fuzzing framework allowing automated, data-driven selection of multiple complementary fuzzers for parallelized and distributed fuzzing. We evaluate the automatically selected target-independent combination of fuzzers by Cupid on Google's fuzzer-test-suite, a collection of real-world binaries, as well as on the synthetic Lava-M dataset. We find that Cupid outperforms two expert-guided, target-specific and hand-picked combinations on Google's fuzzer-test-suite in terms of branch coverage, and improves bug finding on Lava-M by 10%. Most importantly, we improve the latency for obtaining 95% and 99% of the coverage by 90% and 64%, respectively. Furthermore, Cupid reduces the amount of CPU hours needed to find a high-performing combination of fuzzers by multiple orders of magnitude compared to an exhaustive evaluation