Sciweavers

SRDS
2010
IEEE

A Study on Latent Vulnerabilities

13 years 10 months ago
A Study on Latent Vulnerabilities
Abstract-Software code reuse has long been touted as a reliable and efficient software development paradigm. Whilst this practice has numerous benefits, it is inherently susceptible to latent vulnerabilities. Source code which is re-used without being patched for various reasons may result in vulnerable binaries, despite the vulnerabilities being made publicly known. To aggravate matters, crackers have access to information on these vulnerabilities as well. Defenders need to ensure all loopholes are patched, while attackers need just one such loophole. In this work, we define latent vulnerabilities, and study the prevalence of the problem. This provides us the motivation, and an insight into the future work to be done in solving the problem. Our results show that unpatched source files which are more than one year old are commonly used in the latest operating systems. In fact, several of these files are more than ten years old. We explore the premises of using symbols in identifying bi...
Beng Heng Ng, Xin Hu, Atul Prakash
Added 15 Feb 2011
Updated 15 Feb 2011
Type Journal
Year 2010
Where SRDS
Authors Beng Heng Ng, Xin Hu, Atul Prakash
Comments (0)