Stack traces reveal attack surfaces

C. Theisen; L. Williams    North Carolina State University, Raleigh, NC, United States

Abstract

Researchers at North Carolina State University and Microsoft Research have developed a technique called attack surface approximation. In this approach, the attack surface of a system is determined by looking at stack traces from crash dumps from the target system. The crash dump stack traces are parsed out into the individual code elements that are seen on each stack trace. Depending on the stack trace in question, these elements could be binaries, files, or functions. Any code element that is seen on at least one stack trace is considered to be on the attack surface of the system, as determined by this approach. ...

Get Perspectives on Data Science for Software Engineering now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.