期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于动静态程序分析的整形漏洞检测工具 被引量:7

Detecting Integer Bugs Based on Static and Dynamic Program Analysis
下载PDF
导出
摘要 近几年,针对整形漏洞的攻击数目急剧上升.整形漏洞由于隐蔽性高,成为危害巨大的软件漏洞之一.本文提出了一种自动检测整形漏洞的防御工具,它结合了静态和动态程序分析技术.在静态分析阶段,该工具反编译二进制程序,并创建可疑的指令集.在动态分析阶段,该工具动态地扫描可疑集中的指令,结合可触发漏洞的输入,判断指令是否是整形漏洞.我们的工具有两个优点:首先,它提供了精确并且充足的类型信息.其次,通过基于反编译器的静态分析,工具减少了动态运行时需要检测的指令数目.实验结果表明,我们的工具可以有效地检测到实际程序中的整形漏洞,并且在我们检测的软件中,没有发现漏报,误报率也很低. In recent years,Integer bugs have been rising sharply and become a potential threat as it is often hidden behind other bugs.In this paper,we propose a tool which can automatically detect Integer bugs.We implement the tool based on static and dynamic program analysis.In the static phase,the tool decompiles a binary and creates the suspect instruction set.In the dynamic phase,it monitors the instructions in the suspect set and generates the test cases to further detect which instructions are real Integer bugs.Our tool has two advantages.First,it provides more accurate and sufficient type information.Second,static analysis reduces the instructions which are monitored at runtime.Experimental results shows that our tool can efficiently detect the Integer bugs in several real-world programs.In addition,our tool has no false negatives and low false positives.
作者 陈平 韩浩 沈晓斌 殷新春 茅兵 谢立
机构地区 南京大学软件新技术国家重点实验室 扬州大学信息工程学院
出处 《电子学报》 EI CAS CSCD 北大核心 2010年第8期1741-1747,共7页 Acta Electronica Sinica
基金 国家自然科学基金(No.60773171,No.90818022) 国家863高技术研究发展计划(No.2007AA01Z488) 国家973重点基础研究计划(No.2009CB32075) 江苏省自然科学基金(No.BK2007176)
关键词 计算机安全 软件安全 软件漏洞 整形漏洞 computer security software security software vulnerability integer bugs
分类号 TP309 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献29

  • 1David Brumley,et al.RICH:Automatically protecting against integer-based vulnerabilities .In Proceedings of the 14th Annual Network and Distributed System Security Symposium(NDSS’07) .Reston,VA:Internet Society,2007.351-363.
  • 2Vulnerability Type Distributions in CEV .http://cve.mitre.org/docs/vuln-trends/vuln-trends.pdf,May,2007.
  • 3林志强,王逸,茅兵,谢立.SafeBird:一种动态和透明的运行时缓冲区溢出防御工具集[J].电子学报,2007,35(5):882-889. 被引量:6
  • 4Rafal Wojtczuk.UQBTng:a tool capable of automatically finding integer overflows in Win32 binaries .22nd Chaos Communication Congress .Bielefeld:Verlag Art d'Ameublement,2005.16-21.
  • 5T Wang,T Wei,Z Lin, W Zou.IntScope:automatically detecting integer overflow vulnerability in x86 binary using symbolic execution .Proceedings of the 16th Annual Network and Distributed System Security Symposium(NDSS’09) .San Diego,CA:Internet Society,2009.208-221.
  • 6David Molnar,Xue Cong Li,David Wagner.Dynamic test generation to find integer bugs in x86 binary linux programs .Proceedings of the USENIX’09 Annual Technical Conference .San Jose,CA,USA:USENIX Association,2009.67-82.
  • 7C.-K.Luk,et al.Pin:building customized program analysis tools with dynamic instrumentation .In PLDI’05 .Chicago,IL,USA:ACM,2005.190-200.
  • 8Michael James Van Emmerik.Static single assignment for decompilation .Master Thesis of The University of Queensland,2007.
  • 9Integer overflow in parse decode path() of slocate .http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0326,2003.
  • 10Integer overflow in zgv-5.8. .http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1095,2004.

二级参考文献33

  • 1Aleph One. Smashing the stack for fun and profit[J]. Phrack, 1996,7(49) : 14 - 15.
  • 2David Wagner,Jeffrey S.Foster, et al.A first step towards automated detection of buffer overrun vulnerabilities [ A ]. In Pro-ceedings of Network and Distributed System Security Sympo-sium[ C]. San Diego: Intemet Society Press, 2000.
  • 3Olatunji Ruwase, Monica S I.am. A practical dynamic buffer overflow detectorl AI .In Proceedings of the llth An-nual Network and Distributed System Security Symposium [ C ]. SanDiego: Intemet Society Press,2004. 159 - 169.
  • 4"Solar Designer". Non-Executable User Stack [ DB/OL ].http://www, false, com/secufity/linux-stack/, 2006-05-11/2006-05-11.
  • 5C Cowan,C Pu, D Maier, J Walpole,et al. Stack-guard: automatic adaptive detection and prevention of buffer-overflow attacks[A] .In Proceedings of the 7th USENIX Security Conference[ C]. San Antonio: USENIX Press, 1998.63 - 78.
  • 6Stephanie Forrest, Steven A. Hofmeyr, et al. A Sense of Self for Unix Processes[ A] .In proceedings of the IEEE Sympo-sium on Research in Security and Privacy [ C ]. Los Alamitos: IEEE Computer Society Press, 1996.120- 128.
  • 7Hofmeyr SA, Forrest S,et al. A. Intrusion detection using sequences of system calls [ J ]. Journal of Computer Security,1998,6(3) : 151 - 180.
  • 8D Wagner,D Dean. Intntsion detection via static analysis[ A].In IEEE Symposium on Security and Privacy[C]. Oakland:IEEE. Computer Society Press,2001. 156 - 169.
  • 9H H Feng, Jonathon T Giffin, et al. Formalizing sensitivity in static analysis for intrusion detection[A]. In IEEE Sym-posium on Security and Privacy[C]. Oakland: IEEE Computer Society Press, 2004. 194-208.
  • 10D Wagner, Paolo Soto. Mimicry attacks on host-based intrusion detection systems [ A ].Conference on Computer and Communications Security [ C ]. New York, NY: ACM Press,2002. 255 - 264.

共引文献7

同被引文献66

引证文献7

二级引证文献7

电子学报
2010年 第8期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部