par Ouamar, Rachid
Promoteur Absil, Romain
Publication Non publié, 2024-06-18
Mémoire
Résumé : Detecting vulnerabilities has always been a major concern in IT security. This task is complex and requires analysis as well as a deep knowledge of the domain. In this work, we will focus more specifically on buffer overflows by exploring an approach based on unsupervised techniques.We first extract abstract syntax trees (ASTs) from C/C++ source code, which is intrinsically more prone to vulnerability. These ASTs are thentransformed into sequences so that they can be represented in the form of tokens. To interpret these sequences, we use word embedding, which maps each word to a vector representation. Finally, we use unsupervised techniques to visualise the data and detect patterns or anomalies.With this new approach, potential vulnerabilities can be detected without the need for labelled data, leading to new perspectives in the field of cyber security. This research aims to make a significant contribution to understanding buffer overflows and to strengthening the security of software applications.