This paper presents an approach for identification of vulnerable IoT applications. The approach focuses on a category of vulnerabilities that leads to sensitive information leakage which can be identified by using taint flow analysis. Tainted flows vulnerability is very much impacted by the structure of the program and the order of the statements in the code, designing an approach to detect such vulnerability needs to take into consideration such information in order to provide precise results. In this paper, we propose and develop an approach, FlowsMiner, that mines features from the code related to program structure such as control statements and methods, in addition to program's statement order. FlowsMiner, generates features in the form of tainted flows. We developed, Flows2Vec, a tool that transform the features recovered by FlowsMiner into vectors, which are then used to aid the process of machine learning by providing a flow's aware model building process. The resulting model is capable of accurately classify applications as vulnerable if the vulnerability is exhibited by changes in the order of statements in source code. When compared to a base Bag of Words (BoW) approach, the experiments show that the proposed approach has improved the AUC of the prediction models for all algorithms and the best case for Corpus1 dataset is improved from 0.91 to 0.94 and for Corpus2 from 0.56 to 0.96
翻译:本文介绍了一种识别脆弱IoT应用的方法。该方法侧重于导致敏感信息渗漏的脆弱程度类别,这种渗漏可以通过污秽流分析加以确定。受污染流量的脆弱性受到程序结构和代码中声明顺序的极大影响,设计一种检测这种脆弱性的方法需要考虑到这类信息,以便提供准确的结果。在本文件中,我们建议并开发一种方法,即FlowsMiner,该方法将控制声明和方法等与方案结构有关的代码中的地雷特征与控制声明和方法相关联。FlowsMiner,以污秽流的形式生成特征。我们开发了Flooks2Vec,该工具将Flooksminer所恢复的特征转化为代码中的矢量,然后用于协助机器学习过程,提供流中了解的模型建设过程。因此,如果源代码中声明顺序的变化显示脆弱性,则能够将应用精确地归类为脆弱程度。如果与基本词库(BoW)方法相比,则生成了污秽流的特征。我们开发了Flts2Vec,这是一种工具,将Flows2V2Vec,该工具将Flows missma 恢复后的特征转化为0.91 和0.9AS1 和0.9的模型改进了所有0.916 和0.91 CForus 和0.9的SALsas salas salsas salsas sals sals sals salgas salgalgalgals salgalgalgalgalgalgalgalgalgalgalgalgalgalgalgalgals和0.1,则改进了所有0.1 和0.16 和0.16 和0.1 和0.1 和0.1 Csals salsalsalsalsalsalsalsals salsalsqsqs salsqsals sals sals salsals salsalsalsalsalsals sals salsals sals sals salsalsalsalsalsalsqsalsalsalsalsalsalsals salsalsalsalsalsalsalsals