| Title |
Detecting applications vulnerabilities using remote procedure calls / |
| Authors |
Jokubauskas, Lukas ; Toldinas, Jevgenijus ; Lozinskis, Borisas |
| Full Text |
|
| Is Part of |
CEUR workshop proceedings: proceedings of the 27th international conference on information society and university studies (IVUS 2022), Kaunas, Lithuania, May 12, 2022 / edited by: T. Krilavičius, A. Lopata, I. Veitaitė, M. Woźniak, Ch. Napoli, D. Kalinauskaitė.. Aachen : CEUR-WS. 2022, vol. 3611, p. 58-65.. ISSN 1613-0073 |
| Keywords [eng] |
vulnerability detection ; dynamic analysis ; taint dataset ; RPC ; gRPC |
| Abstract [eng] |
Computer software often comprises multiple components, such as a fi:ontend application and a backend database, which need to exchange infmmation. Many modem desktop applications also follow the design of web software and have separate fi:ontend and backend processes. Interprocess communication mechanisms or third-paity frameworks provided by the operating system are used for communication between processes. Improperly implemented remote procedure calls can lead to code vulnerabilities that can be exploited for malicious purposes. In this paper, we present a novel method for detecting application vulnerabilities using the remote procedure call approach, namely Detecting Applications Vulnerabilities using Google Remote Procedure Call (DA VuGRPC) that aims to utilize statically created taint and its dynamic fuzzification during the execution of the application. |
| Published |
Aachen : CEUR-WS |
| Type |
Conference paper |
| Language |
English |
| Publication date |
2022 |
| CC license |
|
