期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

一种需求驱动的缓冲区溢出检测算法 被引量:1

A Flow Sensitive Algorithm for Buffer Overrun Detection
在线阅读 下载PDF
导出
摘要 本文提出一种流敏感的静态检测算法。通过需求驱动的控制流分析和数据流分析,建立内存访问语句和函数调用语句发生溢出的线性约束,从而将缓冲区溢出的检测问题转换为线性约束求解问题。我们实现了该算法的原型,实验表明,该原型可以准确而高效地发现实际程序中的缓冲区溢出漏洞。 This paper proposes a flow-sensitive algorithm to detect buffer overruns statically. Using control flow and data flow analysis with demand-driven techniques, it builds the linear constraints of statements that access memory or call a function, and transforms the problem of buffer overrun detection into the problem of linear constraint resolution. Based on the algorithm, we implement a prototype. Experimental results show the prototype is accurate and efficient in identifying vulnerabilities.
作者 夏一民 曹宏嘉 罗军 张民选
机构地区 国防科技大学计算机学院
出处 《计算机工程与科学》 CSCD 2007年第1期86-87,100,共3页 Computer Engineering & Science
基金 国家863计划资助项目(2002AA1Z2101)
关键词 安全分析 缓冲区溢出 静态检测算法 需求驱动 流敏感 analysis for security buffer overrun static detection algorithm demand-driven flow-sensitive
分类号 TP309 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献7

  • 1Ruwase O,Lam M S.A Practical Dynamic Buffer Overrun Detector[A].Proc of the 11th Annual Network and Distributed System Security Symp[C].2004.
  • 2Ganapathy V,Jha S,Chandler D,et al.Buffer Overrun Detection Using Linear Programming and Static Analysis[A].ACM CCS'03[C].2003.
  • 3Livshits V B,Lam M S.Tracking Pointers with Path and Context Sensitivity for Bug Detection in C Programs[A].ESEC/FSE'03[C].2003.
  • 4Xie Yichen,Chou Andy,Engler D.ARCHER:Using Symbolic,Path-Sensitive Analysis to Detect Memory Access Errors[A].ESEC/FSE'03[C].2003.
  • 5Wagner D,Foster J,Brewer E,et al.A First Step Towards Automated Detection of Buffer Overrun Vulnerabilities[A].Symp on Network and Distributed Systems Security[C].2000.
  • 6Lattner C,Adve V.LLVM:A Compilation Framework for Lifelong Program Analysis & Transformation[A].2nd IEEE/ACM Int'l Symp on Code Generation and Optimization[C].2004.
  • 7Dor N,Rodeh M,Sagiv M.CSSV.:Towards a Realistic Tool for Statically Detecting All Buffer Overruns in C[A].ACM PLDI'03[C].2003.

同被引文献11

  • 1徐良华,陈左宁.缓冲区溢出脆弱性检测和预防技术综述[J].计算机科学,2006,33(6):143-147. 被引量:1
  • 2何乔,吴廖丹,张天刚.基于shellcode检测的缓冲区溢出攻击防御技术研究[J].计算机应用,2007,27(5):1044-1046. 被引量:7
  • 3徐启杰,薛质.缓冲区溢出攻击检测技术的分析和研究[J].计算机工程,2007,33(16):142-143. 被引量:8
  • 4B.Miller, L.Fredricksen and B.So. Empirical. study of the reliability of unix utilities Communications of the ACM, 1990.
  • 5Joso Duraes, Henrique Madeira. A methodology for the automated identification of Buffer Overflow Vulnerabilities in executable software without source code. Lecture Notes in Computer Science, 2005.
  • 6Viega J, Bloch J T, Kohno T, Mcgraw G . ITS4: A Static Vulnerability Scanner for C and C++Code. ACM Transactions on Information and System Security.2002, 5(2).
  • 7D. Wagner, J.S. Foster, E. A. Brewer, A. Aiken. A first step towards automated detection of buffer overrun vulnerabilities[C]. In Network and Distributed System Security Symposium, San Diego, 2000.
  • 8Xie Yichen, Chou Andy, Engler D. ABCHER: Using Symbolic Path-sensitive Analysis to Detect Memory Access Errors Software Engineering Notes, 2005, 28(5).
  • 9Condit J, et al. CCured in the Real World. Proceedings of the ACM SIGPLAN 2003 Conference on Programming Language Design and Implementation, San Diego, 2003.
  • 10赵奇永,郑燕飞,郑东.基于可执行代码的缓冲区溢出检测模型[J].计算机工程,2008,34(12):120-122. 被引量:4

引证文献1

二级引证文献2

计算机工程与科学
2007年 第1期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部