Survey of Vulnerability Benchmark Construction Technique
The development of technology for software vulnerability analysis has led to the widespread use of various techniques and tools for discovering vulnerabilities.Nevertheless,assessing the capability boundary of these techniques,methods,and tools remains a fundamental problem in this field.A vulnerability benchmark for capability assessment plays a pivotal role in solving this problem.The purpose of this paper is to review representative results related to the construction of benchmark test sets over the past 20 years.Firstly,it explains the developmental history of vulnerability benchmark from an automation perspective.Then,it classifies the techniques for constructing vulnerability benchmark and provide a general process model,explaining the ideas and processes of different construction methods and their limitations.Lastly,the limitations of current research are summarized and the future research is prospected.
NETL
NSTL
万方数据
