| IEICE Technical Committee Submission System Conference Paper's Information |
Online Proceedings [Sign in] Tech. Rep. Archives |
| Go Top Page | Go Previous | [Japanese] / [English] |
| Paper Abstract and Keywords | ||
| Presentation | 2021-11-29 13:50 Automation of Security Vulnerability Analysis by Auto-generated DFD Shun Miyazaki, Junpei Kamimura (NEC)  ICSS2021-48 |
|
| Abstract | (in Japanese) | (See Japanese page) |
| (in English) | System vulnerabilities can be caused by bugs such as buffer overflow, misconfigurations such as improper permission control, or misdesign of a system. Bugs in source code can be found automatically by static analysis tools. However, it takes much time and human cost to find vulnerabilities caused by misconfiguration and misdesign because it requires analysis by experts with advanced security knowledge after understanding the details of a target system. In this paper, we propose the method to automatically perform the latter vulnerability analysis by generating a DFD (Data Flow Diagram) from the collected operation records of the system and then matching it with patterns generated from security knowledge such as known vulnerabilities. We implemented the platform named VISIBLE for this vulnerability analysis. The evaluation shows that VISIBLE can automatically find vulnerabilities such as misconfiguration and misdesign. | |
| Keyword | (in Japanese) | (See Japanese page) |
| (in English) | Vulnerability analysis / Data Flow Diagrams / Graph Pattern Matching / Security Automation / / / / | |
| Reference Info. | IEICE Tech. Rep., vol. 121, no. 275, ICSS2021-48, pp. 13-18, Nov. 2021. | |
| Paper # | ICSS2021-48 | |
| Date of Issue | 2021-11-22 (ICSS) | |
| ISSN | Online edition: ISSN 2432-6380 | |
| Copyright and reproduction |
All rights are reserved and no part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopy, recording, or any information storage and retrieval system, without permission in writing from the publisher. Notwithstanding, instructors are permitted to photocopy isolated articles for noncommercial classroom use without fee. (License No.: 10GA0019/12GB0052/13GB0056/17GB0034/18GB0034) | |
| Download PDF | ICSS2021-48 |
|
| Conference Information | |
| Committee | ICSS |
| Conference Date | 2021-11-29 - 2021-11-30 |
| Place (in Japanese) | (See Japanese page) |
| Place (in English) | KOCHIJYO HALL |
| Topics (in Japanese) | (See Japanese page) |
| Topics (in English) | Security, etc. |
| Paper Information | |
| Registration To | ICSS |
| Conference Code | 2021-11-ICSS |
| Language | Japanese |
| Title (in Japanese) | (See Japanese page) |
| Sub Title (in Japanese) | (See Japanese page) |
| Title (in English) | Automation of Security Vulnerability Analysis by Auto-generated DFD |
| Sub Title (in English) | |
| Keyword(1) | Vulnerability analysis |
| Keyword(2) | Data Flow Diagrams |
| Keyword(3) | Graph Pattern Matching |
| Keyword(4) | Security Automation |
| Keyword(5) | |
| Keyword(6) | |
| Keyword(7) | |
| Keyword(8) | |
| 1st Author's Name | Shun Miyazaki |
| 1st Author's Affiliation | NEC Corporation (NEC) |
| 2nd Author's Name | Junpei Kamimura |
| 2nd Author's Affiliation | NEC Corporation (NEC) |
| 3rd Author's Name | |
| 3rd Author's Affiliation | () |
| 4th Author's Name | |
| 4th Author's Affiliation | () |
| 5th Author's Name | |
| 5th Author's Affiliation | () |
| 6th Author's Name | |
| 6th Author's Affiliation | () |
| 7th Author's Name | |
| 7th Author's Affiliation | () |
| 8th Author's Name | |
| 8th Author's Affiliation | () |
| 9th Author's Name | |
| 9th Author's Affiliation | () |
| 10th Author's Name | |
| 10th Author's Affiliation | () |
| 11th Author's Name | |
| 11th Author's Affiliation | () |
| 12th Author's Name | |
| 12th Author's Affiliation | () |
| 13th Author's Name | |
| 13th Author's Affiliation | () |
| 14th Author's Name | |
| 14th Author's Affiliation | () |
| 15th Author's Name | |
| 15th Author's Affiliation | () |
| 16th Author's Name | |
| 16th Author's Affiliation | () |
| 17th Author's Name | |
| 17th Author's Affiliation | () |
| 18th Author's Name | |
| 18th Author's Affiliation | () |
| Speaker | Author-1 |
| Date Time | 2021-11-29 13:50:00 |
| Presentation Time | 25 minutes |
| Registration for | ICSS |
| Paper # | ICSS2021-48 |
| Volume (vol) | vol.121 |
| Number (no) | no.275 |
| Page | pp.13-18 |
| #Pages | 6 |
| Date of Issue | 2021-11-22 (ICSS) |
[Return to Top Page]