Buffer Access Monitoring for Enhanced Buffer Overflow Detection in Fuzzing

Buffer overflows remain one of the most critical and widespread vulnerabilities in software systems. Traditional fuzzing techniques often lack the precision required to reliably detect buffer overflows. This paper presents BufferMonitor, a novel approach to enhancing buffer overflow detection by int...

Celý popis

Uloženo v:
Podrobná bibliografie
Vydáno v:Proceedings - International Symposium on Modeling, Analysis, and Simulation of Computer and Telecommunication Systems s. 1 - 6
Hlavní autoři: Barakat, Ramon, Josten, Silvan, Schneider, Martin A.
Médium: Konferenční příspěvek
Jazyk:angličtina
Vydáno: IEEE 21.10.2024
Témata:
buffer access monitoring
Buffer overflows
Computer security
Fuzzing
Instruments
memory access information
Monitoring
Research and development
Safety
security testing
Software reliability
Software systems
Telecommunications
ISSN:2375-0227
On-line přístup:Získat plný text
Tagy: Přidat tag
Žádné tagy, Buďte první, kdo vytvoří štítek k tomuto záznamu!
Popis
Shrnutí:Buffer overflows remain one of the most critical and widespread vulnerabilities in software systems. Traditional fuzzing techniques often lack the precision required to reliably detect buffer overflows. This paper presents BufferMonitor, a novel approach to enhancing buffer overflow detection by integrating a comprehensive buffer monitoring system into fuzzing frameworks. Using the LLVM compiler framework, we instrument the system under test to collect detailed memory access information, including the distance of each access from buffer boundaries. By prioritizing inputs that generate minimal distances to these boundaries, our method significantly improves the likelihood of detecting potential overflows. This approach not only increases the possibility of identifying buffer overflows but can also identify them with greater accuracy than AddressSanitizer. This provides a robust solution for enhancing software security.
ISSN:2375-0227
DOI:10.1109/MASCOTS64422.2024.10786534