Journal of Engineering and Applied Sciences

A Hybrid Vulnerability Analysis Tool Using a Risk Evaluation Technique
Jong-Chul Park, Sang-Ann Nam, Jae-Pyo Park and Yeun-Soo Choo

Abstract: Recent there have been many efforts to detect and analyze vulnerabilities using diverse analysis tools, removing them at the development stage. However, vulnerability analysis tools are prone to missed detections incorrect detections and over detection which reduces the accuracy of detection. In this study, a vulnerability detection technique is proposed that develops and manages safe applications and can resolve and analyze these problems. Risks due to vulnerabilities are computed and an intelligent vulnerability detection technique is used to improve accuracy and evaluate risks of the final version of the application. This helps the development and execution of safe applications.Through incorporation of tools that use both static and dynamic analysis techniques our proposed technique overcomes weak points at each stage and improves the accuracy of vulnerability detection. Existing vulnerability risk evaluation system only evaluate self-risks while our proposed vulnerability risk evaluation system reflects vulnerability self-risk and detection accuracy in a complex fashion to evaluate relative. Our proposed technique compares and analyzes existing analysis tools such as lists for detections and detection accuracy based on the top 10 items of SANS at CWE. Quantitative evaluation systems for existing vulnerability risks and proposed application vulnerability risks are compared and analyzed. Through, incorporation of tools that use both static analysis and dynamic analysis techniques. We developed prototype analysis tool using our technique to test the application’s vulnerability-detection ability and show our proposed technique is superior to existing ones.

How to cite this article
Jong-Chul Park, Sang-Ann Nam, Jae-Pyo Park and Yeun-Soo Choo, 2018. A Hybrid Vulnerability Analysis Tool Using a Risk Evaluation Technique. Journal of Engineering and Applied Sciences, 13: 5276-5285.

© Medwell Journals. All Rights Reserved