Paper
26 September 2023 Constructing the dataset for valid-configuration-related vulnerability
Jinyan Ding, Haifang Zhou, Huiping Zhou, Jingying Zhang
Author Affiliations +
Proceedings Volume 12793, International Conference on Mechatronics and Intelligent Control (ICMIC 2023); 127930B (2023) https://doi.org/10.1117/12.3006400
Event: International Conference on Mechatronics and Intelligent Control (ICMIC2023), 2023, Wuhan, China
Abstract
As the scale and complexity of software continue to increase, software security vulnerabilities are also growing. Among these vulnerabilities, configuration vulnerabilities account for a considerable proportion. These configuration vulnerabilities can only be triggered under specific configuration environments, making them harder to debug. However, existing work on vulnerability mining or vulnerability reproduction has overlooked the influence of configuration environment factors. In this paper, we investigated configuration vulnerabilities in five mainstream software products. We collected a total of 200 configuration vulnerabilities in which the related configuration changes are valid, and analyzed these vulnerabilities to construct a valid-configuration vulnerability database.
(2023) Published by SPIE. Downloading of the abstract is permitted for personal use only.
Jinyan Ding, Haifang Zhou, Huiping Zhou, and Jingying Zhang "Constructing the dataset for valid-configuration-related vulnerability", Proc. SPIE 12793, International Conference on Mechatronics and Intelligent Control (ICMIC 2023), 127930B (26 September 2023); https://doi.org/10.1117/12.3006400
Advertisement
Advertisement
RIGHTS & PERMISSIONS
Get copyright permission  Get copyright permission on Copyright Marketplace
KEYWORDS
Tunable filters

Computer security

Databases

Data storage

Data analysis

Error analysis

Failure analysis

Back to Top