Software Epistemology

Abstract

The effort developed a comprehensive approach for determining software epistemology which significantly advances the state of the art in automated vulnerability discovery. The approach applies an analytic sieve concept and a novel hashing scheme to a large corpus of open-source software to mine information that indicates the presence of pre- and post-fix conditions in program control flow, fully exploiting the hierarchy of abstraction and richness of data produced by the artifact extraction process, while taking advantage of the scalable computation capabilities present in TitanDB. The developed prototype software system is able to quickly analyze and compare software packages, demonstrating an ability to identify individual software components in a software system and track common vulnerabilities in software packages across large code corpora.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Mar 01, 2016
Accession Number
AD1005645

Entities

People

  • Jeffrey M. Opper

Organizations

  • Charles Stark Draper Laboratory

Tags

Communities of Interest

  • Cyber
  • Energy and Power Technologies
  • Materials and Manufacturing Processes

DTIC Thesaurus Topics

  • Air Force
  • Air Force Research Laboratories
  • Artifacts
  • Compilers
  • Computations
  • Computer Program Documentation
  • Computer Programs
  • Databases
  • Department Of Defense
  • Hierarchies
  • Internet Of Things
  • Machine Learning
  • Neural Networks
  • Object Code
  • Open Source Software
  • Prototypes
  • Vulnerability

Fields of Study

  • Computer science
  • Engineering

Readers

  • Computational Linguistics
  • Distributed Systems and Data Platform Development
  • Team-Based Human-Centered Cognitive Task Decision Making and Information Performance.