Dailydave mailing list archives
bug classes discovery via inference & reasoning :
From: endrazine <endrazine () gmail com>
Date: Sat, 27 Jan 2007 13:51:26 +0100
Hi dear list, I curently have classes of so called "Web intelligence" (ie: web semantic & AI). I find the capabilities of inference of OWL amazing on complex systems, and was therefor wondering if anyone had ever attempted to describe a given architechture with ontologies in order to detect potential new classes of bugs. For instance, no model was (to my knowledge) able to detect overflows in statically allocated, initialised buffers (stack overflows) but telling OWL that putting more data than it can handle in a fix sized buffer is a bad thing isn't too difficult... Now, indeed, describing a whole actual application (modeling the actual stack and heap at least, for each "individual operation" - ie: asm instruction ), and then using the OWL engine is at least as bad as trying to examine each state of the application (ie: NP complete, not doable, etc). But what about determining new classes of bugs ? Independently modelizing a stack/heap and usual syscalls or even user defined functions on a given architecture seem quite doable to me... Google didn't help much in that matter... Just a few thoughts... Have a nice week end, Regards, endrazine- PS: If anyone made prior work on such things, feel free to contact me off list and leak me your rdfs rulez ;) _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- bug classes discovery via inference & reasoning : endrazine (Jan 27)
- <Possible follow-ups>
- Re: bug classes discovery via inference & reasoning : Steven M. Christey (Jan 31)