Get 2,000+ Certificates from Google, IBM & Yale — 40% Off

Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

LAVA - Large-Scale Automated Vulnerability Addition

IEEE via YouTube

Start learning Write review
Coursera Ad

Google AI Professional Certificate - Learn AI Skills That Get You Hired

Learn More → DataCamp Ad

Power BI Fundamentals - Create visualizations and dashboards from scratch

Learn More →

Overview

Google, IBM & Meta Certificates — All 10,000+ Courses at 40% Off
One annual plan covers every course and certificate on Coursera. 40% off for a limited time.
Get Full Access
Explore the innovative LAVA (Large-scale Automated Vulnerability Addition) technique for generating ground-truth vulnerability corpora in this IEEE Symposium on Security & Privacy conference talk. Delve into the challenges of automating vulnerability discovery and the importance of having reliable datasets for evaluating security tools. Learn how LAVA uses dynamic taint analysis to inject realistic bugs into program source code, accompanied by triggering inputs. Discover the application of LAVA to eight real-world programs, including bash and tshark, and examine the preliminary evaluation results of prominent fuzzing and symbolic execution-based bug finders. Gain insights into the potential of LAVA for creating on-demand vulnerability corpora, enabling rigorous tool evaluation and providing high-quality targets for security tool developers.

Syllabus

Intro
Vulnerability discovery
Vulnerability corpora
Sources
Concept
Panda
Liveness
Graphs
Architecture
Example
LavaMcorpora
Realism
Summary

Taught by

IEEE Symposium on Security and Privacy

Tags

Reviews

Start your review of LAVA - Large-Scale Automated Vulnerability Addition

Start learning

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.