Buffer Access Monitoring for Enhanced Buffer Overflow Detection in Fuzzing

Buffer overflows remain one of the most critical and widespread vulnerabilities in software systems. Traditional fuzzing techniques often lack the precision required to reliably detect buffer overflows. This paper presents BufferMonitor, a novel approach to enhancing buffer overflow detection by int...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Proceedings - International Symposium on Modeling, Analysis, and Simulation of Computer and Telecommunication Systems S. 1 - 6
Hauptverfasser: Barakat, Ramon, Josten, Silvan, Schneider, Martin A.
Format: Tagungsbericht
Sprache:Englisch
Veröffentlicht: IEEE 21.10.2024
Schlagworte:
buffer access monitoring
Buffer overflows
Computer security
Fuzzing
Instruments
memory access information
Monitoring
Research and development
Safety
security testing
Software reliability
Software systems
Telecommunications
ISSN:2375-0227
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Buffer overflows remain one of the most critical and widespread vulnerabilities in software systems. Traditional fuzzing techniques often lack the precision required to reliably detect buffer overflows. This paper presents BufferMonitor, a novel approach to enhancing buffer overflow detection by integrating a comprehensive buffer monitoring system into fuzzing frameworks. Using the LLVM compiler framework, we instrument the system under test to collect detailed memory access information, including the distance of each access from buffer boundaries. By prioritizing inputs that generate minimal distances to these boundaries, our method significantly improves the likelihood of detecting potential overflows. This approach not only increases the possibility of identifying buffer overflows but can also identify them with greater accuracy than AddressSanitizer. This provides a robust solution for enhancing software security.
ISSN:2375-0227
DOI:10.1109/MASCOTS64422.2024.10786534