DOI: 10.14569/IJACSA.2023.01406136

Software Vulnerabilities’ Detection by Analysing Application Execution Traces

Author 1: Gouayon Koala
Author 2: Didier Bassol´e
Author 3: Telesphore Tiendrebeogo
Author 4: Oumarou Si´e

International Journal of Advanced Computer Science and Applications(IJACSA), Volume 14 Issue 6, 2023.

Abstract: Over the years, digital traces have proven to be significant for analyzing IT systems, including applications. With the persistent threats arising from the widespread proliferation of malware and the evasive techniques employed by cybercriminals, researchers and application vendors alike are concerned about finding effective solutions. In this article, we assess a hybrid approach to detecting software vulnerabilities based on analyzing traces of application execution. To accomplish this, we initially extract permissions and features from manifest files. Subsequently, we employ a tracer to extract events from each running application, utilizing a set of elements that indicate the behavior of the application. These events are then recorded in a trace. We convert these traces into features that can be utilized by machine learning algorithms. Finally, to identify vulnerable applications, we train these features using six machine learning algorithms (KNN, Random Forest, SVM, Naive Bayes, Decision Tree-CART, and MLP). The selection of these algorithms is based on the outcomes of several preliminary experiments. Our results indicate that the SVM algorithm produces the best performance, followed by Random Forest, achieving an accuracy of 98%for malware detection and 96% for benign applications. These findings demonstrate the relevance and utility of analyzing real application behavior through event analysis.

Keywords: Execution traces; events; vulnerability detection; malware; applications

Gouayon Koala, Didier Bassol´e, Telesphore Tiendrebeogo and Oumarou Si´e, “Software Vulnerabilities’ Detection by Analysing Application Execution Traces” International Journal of Advanced Computer Science and Applications(IJACSA), 14(6), 2023. http://dx.doi.org/10.14569/IJACSA.2023.01406136

@article{Koala2023,
title = {Software Vulnerabilities’ Detection by Analysing Application Execution Traces},
journal = {International Journal of Advanced Computer Science and Applications},
doi = {10.14569/IJACSA.2023.01406136},
url = {http://dx.doi.org/10.14569/IJACSA.2023.01406136},
year = {2023},
publisher = {The Science and Information Organization},
volume = {14},
number = {6},
author = {Gouayon Koala and Didier Bassol´e and Telesphore Tiendrebeogo and Oumarou Si´e}
}


Copyright Statement: This is an open access article licensed under a Creative Commons Attribution 4.0 International License, which permits unrestricted use, distribution, and reproduction in any medium, even commercially as long as the original work is properly cited.

IJACSA

Upcoming Conferences

IntelliSys 2025

28-29 August 2025

Future Technologies Conference 2025

6-7 November 2025

Healthcare Conference 2026

21-22 May 2026

Computing Conference 2026

9-10 July 2026

IntelliSys 2026

3-4 September 2026

Computer Vision Conference 2026

15-16 October 2026