Buffer Overflow Vulnerability Location in Binaries Based on Abnormal Execution
Buffer overflow is a very common and dangerous vulnerability. Now there are many methods and tools for this vulnerability, but it is difficult to locate it in binary code. Due to the lack of program semantics in binary programs, it is difficult to determine whether the memory access exceeds its boun...
Gespeichert in:
| Veröffentlicht in: | 2020 4th Annual International Conference on Data Science and Business Analytics (ICDSBA) S. 29 - 31 |
|---|---|
| Hauptverfasser: | , |
| Format: | Tagungsbericht |
| Sprache: | Englisch |
| Veröffentlicht: |
IEEE
01.09.2020
|
| Schlagworte: | |
| Online-Zugang: | Volltext |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| Abstract | Buffer overflow is a very common and dangerous vulnerability. Now there are many methods and tools for this vulnerability, but it is difficult to locate it in binary code. Due to the lack of program semantics in binary programs, it is difficult to determine whether the memory access exceeds its boundary, so we can restore its memory layout to locate the vulnerability. This paper proposes a method: for the same program, input a group of successful execution and abnormal execution data respectively, and then recover the memory of the two kinds of execution. If the memory of successful execution recovery is taken as the buffer boundary, it is easier to judge the buffer overflow in the abnormal execution. In this paper, 20 programs with buffer overflow vulnerability are tested. The experimental results show that the proposed method is more effective than some static program analysis tools in terms of time cost and vulnerability location accuracy. |
|---|---|
| AbstractList | Buffer overflow is a very common and dangerous vulnerability. Now there are many methods and tools for this vulnerability, but it is difficult to locate it in binary code. Due to the lack of program semantics in binary programs, it is difficult to determine whether the memory access exceeds its boundary, so we can restore its memory layout to locate the vulnerability. This paper proposes a method: for the same program, input a group of successful execution and abnormal execution data respectively, and then recover the memory of the two kinds of execution. If the memory of successful execution recovery is taken as the buffer boundary, it is easier to judge the buffer overflow in the abnormal execution. In this paper, 20 programs with buffer overflow vulnerability are tested. The experimental results show that the proposed method is more effective than some static program analysis tools in terms of time cost and vulnerability location accuracy. |
| Author | Guo, Xi Gao, Tian |
| Author_xml | – sequence: 1 givenname: Tian surname: Gao fullname: Gao, Tian organization: Huazhong Agricultural University,College of Informatics,Wuhan,China – sequence: 2 givenname: Xi surname: Guo fullname: Guo, Xi email: xguo@mail.hzau.edu.cn organization: Huazhong Agricultural University,College of Informatics,Wuhan,China |
| BookMark | eNotjF1LwzAYhSPohc79AkHyBzrz5qNNLts556C4Cz9uR9q8gUCXStqq-_d2KAfOgYfDc0MuYx-RkHtgKwBmHnbrx9eqVMA4W_FzMcZAXZClKTQUXIOGXObX5KWavMdE91-YfNd_04-pi5hsE7ownmjdt3YMfaQh0ipEmwIOtLIDOjrDsol9OtqObn6wnc6_W3LlbTfg8n8X5P1p87Z-zur9drcu6ywA6DFTwluOiMIxqaVEZ_Uc5nyhNBdN0ajGCcwlOLTMoPNctc54r_MGFLNGLMjdnzfMlsNnCkebTgejZC4MF7_59k3b |
| CODEN | IEEPAD |
| ContentType | Conference Proceeding |
| DBID | 6IE 6IL CBEJK RIE RIL |
| DOI | 10.1109/ICDSBA51020.2020.00015 |
| DatabaseName | IEEE Electronic Library (IEL) Conference Proceedings IEEE Xplore POP ALL IEEE Xplore All Conference Proceedings IEEE Electronic Library (IEL) IEEE Proceedings Order Plans (POP All) 1998-Present |
| DatabaseTitleList | |
| Database_xml | – sequence: 1 dbid: RIE name: IEEE Electronic Library (IEL) url: https://ieeexplore.ieee.org/ sourceTypes: Publisher |
| DeliveryMethod | fulltext_linktorsrc |
| EISBN | 9781728181646 172818164X |
| EndPage | 31 |
| ExternalDocumentID | 9546392 |
| Genre | orig-research |
| GrantInformation_xml | – fundername: Fundamental Research Funds for the Central Universities funderid: 10.13039/501100012226 |
| GroupedDBID | 6IE 6IL CBEJK RIE RIL |
| ID | FETCH-LOGICAL-i118t-53fa2eee3d04844eda8a8a0df75823b7b5bd3e641dea09edf25cd9ff86b150a93 |
| IEDL.DBID | RIE |
| IngestDate | Thu Jun 29 18:37:37 EDT 2023 |
| IsPeerReviewed | false |
| IsScholarly | false |
| Language | English |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-LOGICAL-i118t-53fa2eee3d04844eda8a8a0df75823b7b5bd3e641dea09edf25cd9ff86b150a93 |
| PageCount | 3 |
| ParticipantIDs | ieee_primary_9546392 |
| PublicationCentury | 2000 |
| PublicationDate | 2020-Sept. |
| PublicationDateYYYYMMDD | 2020-09-01 |
| PublicationDate_xml | – month: 09 year: 2020 text: 2020-Sept. |
| PublicationDecade | 2020 |
| PublicationTitle | 2020 4th Annual International Conference on Data Science and Business Analytics (ICDSBA) |
| PublicationTitleAbbrev | ICDSBA |
| PublicationYear | 2020 |
| Publisher | IEEE |
| Publisher_xml | – name: IEEE |
| Score | 1.7331718 |
| Snippet | Buffer overflow is a very common and dangerous vulnerability. Now there are many methods and tools for this vulnerability, but it is difficult to locate it in... |
| SourceID | ieee |
| SourceType | Publisher |
| StartPage | 29 |
| SubjectTerms | Abnormal Execution Binary codes Binary Program Buffer Overflow Buffer overflows Costs Data science Layout Memory Recovery Semantics |
| Title | Buffer Overflow Vulnerability Location in Binaries Based on Abnormal Execution |
| URI | https://ieeexplore.ieee.org/document/9546392 |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| link | http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwlV1LSwMxEA61ePCk0opvcvDo2jT7So7d2qJQasEHvZVkM4FC2ZW66-PfO8mW6sGL5BJySZhM5pX5Zgi5Qq0tYsUESj8LQRQLGWgb2UCEloeqb6RVHig8SadTMZ_LWYtcb7EwAOCTz-DGTf1fvinz2oXKetLVbpcocHfSNGmwWhvQb5_J3v3w9jEbII9xhn4fdylbzHW7_dU1xSuN8f7_tjsg3R_0HZ1t9cohaUHRIdOsdp1M6AOynl2VH_SlXrmC0T639YtOyib0RpcFzRzEFh1gmqGGMhQXB7pwpumKjj4h95zWJc_j0dPwLtj0QgiW6AJUQRxaxfGEocEnF0VglMDBjEV7n4c61bE2ISRR34BiEozlcY6EtiLRaPIpGR6RdlEWcEwoOi3KMg5apxAxYFoLk3CwkchznjJ1QjqOFovXptzFYkOG07-Xz8ieI3aTdnVO2tW6hguym79Xy7f1pb-jbxmBlnw |
| linkProvider | IEEE |
| linkToHtml | http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwlV1LTwIxEG4ImuhJDRjf9uDRldLtst0jixiI60oiGm6k3U4TErJrkPXx750uBD14Mb00vbSZTufV-WYIuUKtLQPFJEo_C54IZORpK6wnfct91TaRVRVQOAnTVE4m0ahGrjdYGACoks_gxk2rv3xTZKULlbUiV7s9QoG7FQjB2QqttYb9tlnUGvZun-Iuchln6Plxl7TFXL_bX31TKrVxt_e_DfdJ8wd_R0cbzXJAapA3SBqXrpcJfUTms_Pig76Uc1cyuspu_aJJsQq-0VlOYweyRReYxqijDMXFrs6dcTqn_U_IKl5rkue7_rg38NbdELwZOgFLL_Ct4nhC3-CjEwKMkjiYsWjxc1-HOtDGh45oG1AsAmN5kCGprexoNPpU5B-Sel7kcEQoui3KMg5ahyAYMK2l6XCwQmYZD5k6Jg1Hi-nrquDFdE2Gk7-XL8nOYPyQTJNhen9Kdh3hV0lYZ6S-XJRwTraz9-XsbXFR3dc3GsOZww |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=proceeding&rft.title=2020+4th+Annual+International+Conference+on+Data+Science+and+Business+Analytics+%28ICDSBA%29&rft.atitle=Buffer+Overflow+Vulnerability+Location+in+Binaries+Based+on+Abnormal+Execution&rft.au=Gao%2C+Tian&rft.au=Guo%2C+Xi&rft.date=2020-09-01&rft.pub=IEEE&rft.spage=29&rft.epage=31&rft_id=info:doi/10.1109%2FICDSBA51020.2020.00015&rft.externalDocID=9546392 |