Auditing Buffer Overflow Vulnerabilities Using Hybrid Static-Dynamic Analysis

Despite being studied for more than two decades buffer overflow vulnerabilities are still frequently reported in programs. In this paper, we propose a hybrid approach that combines static and dynamic program analysis to audit buffer overflows. Using simple rules, test data are generated to automatic...

Celý popis

Uloženo v:
Podrobná bibliografie
Vydáno v:Proceedings - International Computer Software & Applications Conference s. 394 - 399
Hlavní autoři: Padmanabhuni, Bindu Madhavi, Kuan Tan, Hee Beng
Médium: Konferenční příspěvek Journal Article
Jazyk:angličtina
Vydáno: IEEE 01.07.2014
Témata:
Accuracy
Applications programs
Arrays
auditing
Benchmark testing
buffer overflow
Buffer overflows
Computer information security
Computer programs
Conferences
Data mining
Dynamic tests
Dynamics
input validation
Input variables
Manuals
Predictive models
Software
static and dynamic analysis
static code attributes
Vulnerability
ISSN:0730-3157
On-line přístup:Získat plný text
Tagy: Přidat tag
Žádné tagy, Buďte první, kdo vytvoří štítek k tomuto záznamu!
Popis
Shrnutí:Despite being studied for more than two decades buffer overflow vulnerabilities are still frequently reported in programs. In this paper, we propose a hybrid approach that combines static and dynamic program analysis to audit buffer overflows. Using simple rules, test data are generated to automatically confirm some of the vulnerabilities through dynamic analysis and the remaining cases are predicted by mining static code attributes. Confirmed cases can be directly fixed without further verification whereas predicted cases need to be manually reviewed to confirm existence of vulnerabilities. Since our approach combines the strengths of static and dynamic analyses, it results in an overall accuracy improvement. In our evaluation of approach using the standard benchmark suite, our classifiers achieved a recall over 92% and precision greater than 81%. The dynamic analysis component confirmed 51% of known vulnerabilities along with reporting 2 new bugs, thereby reducing by half, otherwise needed manual auditing effort.
Bibliografie:ObjectType-Article-2
SourceType-Scholarly Journals-1
ObjectType-Conference-1
ObjectType-Feature-3
content type line 23
SourceType-Conference Papers & Proceedings-2
ISSN:0730-3157
DOI:10.1109/COMPSAC.2014.62