Buffer Access Monitoring for Enhanced Buffer Overflow Detection in Fuzzing

Buffer overflows remain one of the most critical and widespread vulnerabilities in software systems. Traditional fuzzing techniques often lack the precision required to reliably detect buffer overflows. This paper presents BufferMonitor, a novel approach to enhancing buffer overflow detection by int...

Full description

Saved in:
Bibliographic Details
Published in:Proceedings - International Symposium on Modeling, Analysis, and Simulation of Computer and Telecommunication Systems pp. 1 - 6
Main Authors: Barakat, Ramon, Josten, Silvan, Schneider, Martin A.
Format: Conference Proceeding
Language:English
Published: IEEE 21.10.2024
Subjects:
buffer access monitoring
Buffer overflows
Computer security
Fuzzing
Instruments
memory access information
Monitoring
Research and development
Safety
security testing
Software reliability
Software systems
Telecommunications
ISSN:2375-0227
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Buffer overflows remain one of the most critical and widespread vulnerabilities in software systems. Traditional fuzzing techniques often lack the precision required to reliably detect buffer overflows. This paper presents BufferMonitor, a novel approach to enhancing buffer overflow detection by integrating a comprehensive buffer monitoring system into fuzzing frameworks. Using the LLVM compiler framework, we instrument the system under test to collect detailed memory access information, including the distance of each access from buffer boundaries. By prioritizing inputs that generate minimal distances to these boundaries, our method significantly improves the likelihood of detecting potential overflows. This approach not only increases the possibility of identifying buffer overflows but can also identify them with greater accuracy than AddressSanitizer. This provides a robust solution for enhancing software security.
ISSN:2375-0227
DOI:10.1109/MASCOTS64422.2024.10786534