Assisting in Auditing of Buffer Overflow Vulnerabilities via Machine Learning

Buffer overflow vulnerability is a kind of consequence in which programmers’ intentions are not implemented correctly. In this paper, a static analysis method based on machine learning is proposed to assist in auditing buffer overflow vulnerabilities. First, an extended code property graph is constr...

Celý popis

Uloženo v:
Podrobná bibliografie
Vydáno v:Mathematical problems in engineering Ročník 2017; číslo 2017; s. 1 - 13
Hlavní autoři: Tang, Chaojing, Zhang, Bin, Feng, Chao, Meng, Qingkun
Médium: Journal Article
Jazyk:angličtina
Vydáno: Cairo, Egypt Hindawi Publishing Corporation 01.01.2017
Hindawi
John Wiley & Sons, Inc
Témata:
Algorithms
Artificial intelligence
Automation
Buffers
Classifiers
Engineering
International conferences
Machine learning
Overflow
Programming languages
Recall
Servers
Software engineering
Source code
ISSN:1024-123X, 1563-5147
On-line přístup:Získat plný text
Tagy: Přidat tag
Žádné tagy, Buďte první, kdo vytvoří štítek k tomuto záznamu!
Popis
Shrnutí:Buffer overflow vulnerability is a kind of consequence in which programmers’ intentions are not implemented correctly. In this paper, a static analysis method based on machine learning is proposed to assist in auditing buffer overflow vulnerabilities. First, an extended code property graph is constructed from the source code to extract seven kinds of static attributes, which are used to describe buffer properties. After embedding these attributes into a vector space, five frequently used machine learning algorithms are employed to classify the functions into suspicious vulnerable functions and secure ones. The five classifiers reached an average recall of 83.5%, average true negative rate of 85.9%, a best recall of 96.6%, and a best true negative rate of 91.4%. Due to the imbalance of the training samples, the average precision of the classifiers is 68.9% and the average F1 score is 75.2%. When the classifiers were applied to a new program, our method could reduce the false positive to 1/12 compared to Flawfinder.
Bibliografie:ObjectType-Article-1
SourceType-Scholarly Journals-1
ObjectType-Feature-2
content type line 14
ISSN:1024-123X
1563-5147
DOI:10.1155/2017/5452396