Various methods have been suggested for detecting injection vulnerabilities in web-based applications by now. However, some injection vulnerabilities are not only web-based but also occur in stand-alone applications, ...
Various methods have been suggested for detecting injection vulnerabilities in web-based applications by now. However, some injection vulnerabilities are not only web-based but also occur in stand-alone applications, i. e., SQL injection and OS command injection. Detecting the injection vulnerabilities in these applications is a challenge when their source code is not *** this paper, we present a smart fuzzing method for detecting SQL injection and OS command injection vulnerabilities in the executable codes of stand-alone applications. Our fuzzer employs the concolic(concrete + symbolic) execution method to calculate symbolic path constraints for each executed path in the executable code of the target program. Also, it calculates vulnerability constraints for each executed path to determine what input data makes the intended vulnerabilities active in that path. The calculated constraints are used to generate new test data that traverse as many execution paths as possible and detect the vulnerabilities in each executed path. We have implemented the proposed smart fuzzer as a plug-in for Valgrind *** implemented fuzzer is tested on different groups of test programs. The experiments demonstrate that our fuzzer detects the vulnerabilities in these programs accurately.
Non-invasive ultrasound imaging of carotid plaques can provide information on the characteristics of the arterial wall including the size, morphology and texture of the atherosclerotic plaques. Several studies were ca...
详细信息
Non-invasive ultrasound imaging of carotid plaques can provide information on the characteristics of the arterial wall including the size, morphology and texture of the atherosclerotic plaques. Several studies were carried out that demonstrated the usefulness of these feature sets for differentiating between asymptomatic and symptomatic plaques and their corresponding cerebrovascular risk stratification. The aim of this study was to develop predictive modelling for estimating the time period of a stroke event by determining the risk for short term (less or equal to three years) or long term (more than three years) events. Data from 108 patients that had a stroke event have been used. The information collected included clinical and ultrasound imaging data. The prediction was performed at base line where patients were still asymptomatic. Several image texture analysis and clinical features were used in order to create a classification model. The different features were statistically analyzed and we conclude that image texture analysis features extracted using Spatial Gray Level dependencies method had the best statistical significance. Several predictive models were derived based on Binary Logistic Regression (BLR) and Support Vector Machines (SVM) modelling. The best results were obtained with the SVM modelling models with an average correct classifications score of 77±7% for differentiating between stroke event occurrences within 3 years versus more than 3 years. Further work is needed in investigating additional multiscale texture analysis features as well as more modelling techniques on more subjects.
暂无评论