Date Added: Jan 2011
Improving software assurance is of paramount importance given the impact of software on the lives. Static and dynamic approaches have been proposed over the years to detect security vulnerabilities. These approaches assume that the signature of a defect, for instance the use of a vulnerable library function, is known apriori. A greater challenge is detecting defects with signatures that are not known apriori - unknown software defects. In this paper, the authors propose a general approach for detection of unknown defects. Software defects are discovered by applying data-mining techniques to pinpoint deviations from common program behavior in the source code and using statistical techniques to assign significance to each such deviation.