The Community for Technology Leaders
Green Image
Issue No. 03 - May/June (2011 vol. 9)
ISSN: 1540-7993
pp: 74-77
Sean Heelan , Immunity Inc.
ABSTRACT
Systems proposed in academic research have so far failed to make a significant impact on real-world vulnerability detection. Most software bugs are still found by methods with little input from static-analysis and verification research. These research areas could have a significant impact on software security, but first we need a shift in research goals and approaches. We need systems that incorporate human code auditors' knowledge and abilities, and we need evaluation methods that actually test proposed systems' usability in real situations. Without changes, academic research will continue to be ignored by the security community, and opportunities to build better tools for finding bugs and understanding software will be missed.
INDEX TERMS
software security, symbolic execution, static analysis, software engineering, security, security and privacy
CITATION
Sean Heelan, "Vulnerability Detection Systems: Think Cyborg, Not Robot", IEEE Security & Privacy, vol. 9, no. , pp. 74-77, May/June 2011, doi:10.1109/MSP.2011.70
96 ms
(Ver )