Memory leak is a common software vulnerability that can decrease the reliability of an application and,in severe cases,even cause program crashes.If there are intentionally triggerable memory leak vulnerabilities in a...Memory leak is a common software vulnerability that can decrease the reliability of an application and,in severe cases,even cause program crashes.If there are intentionally triggerable memory leak vulnerabilities in a program,attackers can exploit these bugs to launch denial-of-service attacks or induce the program to exhibit unexpected behaviors due to low memory conditions.Existing fuzzing techniques primarily focus on improving code coverage,and specialized fuzzing techniques for individual memory-related defects like uncontrolled memory allocation do not address memory leak vulnerabilities.MemLock is the first fuzzing technique to address memory consumption vulnerabilities including memory leakage.However,the coverage-centric guidance mechanism of MemLock introduces a degree of aimlessness in the testing process,that results in low seed quality and slow bug exposure speed.To address this issue,we propose a risk areas guidance-based fuzzing technique called RBZZER.First,RBZZER retains MemLock’s memory consumption-guided mechanism and introduces a novel distance-guided approach to expedite the arrival of fuzzing at the potential memory areas.Second,we introduce a new seed scheduling strategy called risk areas-based seed scheduling,which classifies seeds based on potential memory leak areas in the program and further schedules them,thereby effectively improving the efficiency of discovering memory leak vulnerabilities.Experiments demonstrate that RBZZER outperforms the state-of-the-art fuzzing techniques by finding 52%more program unique crashes than the second-best counterpart.In particular,RBZZER can discover the amount of memory leakage at least 112%more than the other baseline fuzzers.Besides,RBZZER detects memory leaks at an average speed that is 9.10x faster than MemLock.展开更多
Memory leaks are a common type of defect that is hard to detect manually. Existing memory leak detection tools suffer from lack of precise interprocedural analysis and path-sensitivity. To address this problem, we pre...Memory leaks are a common type of defect that is hard to detect manually. Existing memory leak detection tools suffer from lack of precise interprocedural analysis and path-sensitivity. To address this problem, we present a static interprocedural analysis algorithm, that performs fully pathsensitive analysis and captures precise function behaviors, to detect memory leak in C programs. The proposed algorithm uses path-sensitive symbolic execution to track memory actions in different program paths guarded by path conditions. A novel analysis model called memory state transition graph (MSTG) is proposed to describe the tracking process and its results. In order to do interprocedural analysis, the proposed algorithm generates a summary for each procedure from MSTG and applies the summary at the procedure's call sites. A prototype tool called Melton is implemented for this procedure. Melton was applied to five open source C programs and 41 leaks were found. More than 90% of these leaks were subsequently confirmed and fixed by their maintainers. For comparison with other tools, Melton was also applied to some programs in standard performance evaluation corporation (SPEC) CPU 2000 benchmark suite and detected more leaks than the state of the art approaches.展开更多
We present a demand-driven approach to memory leak detection algorithm based on flow- and context-sensitive pointer analysis. The detection algorithm firstly assumes the presence of a memory leak at some program point...We present a demand-driven approach to memory leak detection algorithm based on flow- and context-sensitive pointer analysis. The detection algorithm firstly assumes the presence of a memory leak at some program point and then runs a backward analysis to see if this assumption can be disproved. Our algorithm computes the memory abstraction of programs based on points-to graph resulting from flow- and context-sensitive pointer analysis. We have implemented the algorithm in the SUIF2 compiler infrastructure and used the implementation to analyze a set of C benchmark programs. The experimental results show that the approach has better precision with satisfied scalability as expected.展开更多
Mobile applications usually can only access limited amount of memory. Improper use of the memory can cause memory leaks, which may lead to performance slowdowns or even cause applications to be unexpectedly killed. Al...Mobile applications usually can only access limited amount of memory. Improper use of the memory can cause memory leaks, which may lead to performance slowdowns or even cause applications to be unexpectedly killed. Although a large body of research has been devoted into the memory leak diagnosing techniques after leaks have been discovered, it is still challenging to find out the memory leak phenomena at first. Testing is the most widely used technique for failure discovery. However, traditional testing techniques are not directed for the discovery of memory leaks. They may spend lots of time on testing unlikely leaking executions and therefore can be inefficient. To address the problem, we propose a novel approach to prioritize test cases according to their likelihood to cause memory leaks in a given test suite. It firstly builds a prediction model to determine whether each test can potentially lead to memory leaks based on machine learning on selected code features. Then, for each input test case, we partly run it to get its code features and predict its likelihood to cause leaks. The most suspicious test cases will be suggested to run at first in order to reveal memory leak faults as soon as possible. Experimental evaluation on several Android applications shows that our approach is effective.展开更多
Heap memory anomalies,such as Use-After-Free(UAF),Double-Free,andMemory Leaks,pose critical security threats including system crashes,data leakage,and remote exploits.Existing methods often fail to handle multiple ano...Heap memory anomalies,such as Use-After-Free(UAF),Double-Free,andMemory Leaks,pose critical security threats including system crashes,data leakage,and remote exploits.Existing methods often fail to handle multiple anomaly types and meet real-time detection demands.To address these challenges,this paper proposes MemHookNet,a real-time multi-class heap anomaly detection framework that combines log hooking with deep learning.Without modifying source code,MemHookNet non-intrusively captures memory operation logs at runtime and transforms them into structured sequences encoding operation types,pointer identifiers,thread context,memory sizes,and temporal intervals.A sliding-window Long Short-Term Memory(LSTM)module efficiently filters out suspicious segments,which are then transformed into pointer access graphs for classification using a GATv2-based model.Experimental results demonstrate that MemHookNet achieves 82.2% accuracy and 81.5% recall with an average inference time of 15 ms,outperforming DeepLog and GLAD-PAW by 11.7% in accuracy and reducing latency by over 80%.展开更多
Developing secure software systems is a major challenge in the software industry due to errors or weaknesses that bring vulnerabilities to the software system.To address this challenge,researchers often use the source...Developing secure software systems is a major challenge in the software industry due to errors or weaknesses that bring vulnerabilities to the software system.To address this challenge,researchers often use the source code features of vulnerabilities to improve vulnerability detection.Notwithstanding the success achieved by these techniques,the existing studies mainly focus on the conceptual description without an accurate definition of vulnerability features.In this study,we introduce a novel and efficient Memory-Related Vulnerability Detection Approach using Vulnerability Features (MRVDAVF).Our framework uses three distinct strategies to improve vulnerability detection.In the first stage,we introduce an improved Control Flow Graph (CFG) and Pointer-related Control Flow Graph (PCFG) to describe the features of some common vulnerabilities,including memory leak,doublefree,and use-after-free.Afterward,two algorithms,namely Vulnerability Judging algorithm based on Vulnerability Feature (VJVF) and Feature Judging (FJ) algorithm,are employed to detect memory-related vulnerabilities.Finally,the proposed model is validated using three test cases obtained from Juliet Test Suite.The experimental results show that the proposed approach is feasible and effective.展开更多
基金supported by the National Key R&D Program of China(No.2021YFB3101803).
文摘Memory leak is a common software vulnerability that can decrease the reliability of an application and,in severe cases,even cause program crashes.If there are intentionally triggerable memory leak vulnerabilities in a program,attackers can exploit these bugs to launch denial-of-service attacks or induce the program to exhibit unexpected behaviors due to low memory conditions.Existing fuzzing techniques primarily focus on improving code coverage,and specialized fuzzing techniques for individual memory-related defects like uncontrolled memory allocation do not address memory leak vulnerabilities.MemLock is the first fuzzing technique to address memory consumption vulnerabilities including memory leakage.However,the coverage-centric guidance mechanism of MemLock introduces a degree of aimlessness in the testing process,that results in low seed quality and slow bug exposure speed.To address this issue,we propose a risk areas guidance-based fuzzing technique called RBZZER.First,RBZZER retains MemLock’s memory consumption-guided mechanism and introduces a novel distance-guided approach to expedite the arrival of fuzzing at the potential memory areas.Second,we introduce a new seed scheduling strategy called risk areas-based seed scheduling,which classifies seeds based on potential memory leak areas in the program and further schedules them,thereby effectively improving the efficiency of discovering memory leak vulnerabilities.Experiments demonstrate that RBZZER outperforms the state-of-the-art fuzzing techniques by finding 52%more program unique crashes than the second-best counterpart.In particular,RBZZER can discover the amount of memory leakage at least 112%more than the other baseline fuzzers.Besides,RBZZER detects memory leaks at an average speed that is 9.10x faster than MemLock.
基金This work was partially supported by the 973 Program of China (2014CB340701) and the National Natural Science Foundation of China (Grant No. 61003026).
文摘Memory leaks are a common type of defect that is hard to detect manually. Existing memory leak detection tools suffer from lack of precise interprocedural analysis and path-sensitivity. To address this problem, we present a static interprocedural analysis algorithm, that performs fully pathsensitive analysis and captures precise function behaviors, to detect memory leak in C programs. The proposed algorithm uses path-sensitive symbolic execution to track memory actions in different program paths guarded by path conditions. A novel analysis model called memory state transition graph (MSTG) is proposed to describe the tracking process and its results. In order to do interprocedural analysis, the proposed algorithm generates a summary for each procedure from MSTG and applies the summary at the procedure's call sites. A prototype tool called Melton is implemented for this procedure. Melton was applied to five open source C programs and 41 leaks were found. More than 90% of these leaks were subsequently confirmed and fixed by their maintainers. For comparison with other tools, Melton was also applied to some programs in standard performance evaluation corporation (SPEC) CPU 2000 benchmark suite and detected more leaks than the state of the art approaches.
基金supported by the National Natural Science Foundation of China under Grant Nos. 60725206, 60673118, and 90612009the National High-Tech Research and Development 863 Program of China under Grant No. 2006AA01Z429+2 种基金the National Basic Research 973 Program of China under Grant No. 2005CB321802the Program for New Century Excellent Talents in University under Grant No.NCET-04-0996the Hunan Natural Science Foundation under Grant No. 07JJ1011
文摘We present a demand-driven approach to memory leak detection algorithm based on flow- and context-sensitive pointer analysis. The detection algorithm firstly assumes the presence of a memory leak at some program point and then runs a backward analysis to see if this assumption can be disproved. Our algorithm computes the memory abstraction of programs based on points-to graph resulting from flow- and context-sensitive pointer analysis. We have implemented the algorithm in the SUIF2 compiler infrastructure and used the implementation to analyze a set of C benchmark programs. The experimental results show that the approach has better precision with satisfied scalability as expected.
文摘Mobile applications usually can only access limited amount of memory. Improper use of the memory can cause memory leaks, which may lead to performance slowdowns or even cause applications to be unexpectedly killed. Although a large body of research has been devoted into the memory leak diagnosing techniques after leaks have been discovered, it is still challenging to find out the memory leak phenomena at first. Testing is the most widely used technique for failure discovery. However, traditional testing techniques are not directed for the discovery of memory leaks. They may spend lots of time on testing unlikely leaking executions and therefore can be inefficient. To address the problem, we propose a novel approach to prioritize test cases according to their likelihood to cause memory leaks in a given test suite. It firstly builds a prediction model to determine whether each test can potentially lead to memory leaks based on machine learning on selected code features. Then, for each input test case, we partly run it to get its code features and predict its likelihood to cause leaks. The most suspicious test cases will be suggested to run at first in order to reveal memory leak faults as soon as possible. Experimental evaluation on several Android applications shows that our approach is effective.
基金upported by Open Foundation of Key Laboratory of Cyberspace Security,Ministry of Education of China(No.KLCS20240211).
文摘Heap memory anomalies,such as Use-After-Free(UAF),Double-Free,andMemory Leaks,pose critical security threats including system crashes,data leakage,and remote exploits.Existing methods often fail to handle multiple anomaly types and meet real-time detection demands.To address these challenges,this paper proposes MemHookNet,a real-time multi-class heap anomaly detection framework that combines log hooking with deep learning.Without modifying source code,MemHookNet non-intrusively captures memory operation logs at runtime and transforms them into structured sequences encoding operation types,pointer identifiers,thread context,memory sizes,and temporal intervals.A sliding-window Long Short-Term Memory(LSTM)module efficiently filters out suspicious segments,which are then transformed into pointer access graphs for classification using a GATv2-based model.Experimental results demonstrate that MemHookNet achieves 82.2% accuracy and 81.5% recall with an average inference time of 15 ms,outperforming DeepLog and GLAD-PAW by 11.7% in accuracy and reducing latency by over 80%.
基金funded by the National Natural Science Foundation of China(Nos.U1836116 and 61872167)the Project of Jiangsu Provincial Six Talent Peaks(No.XYDXXJS-016)the Graduate Research Innovation Project of Jiangsu Province(No.KYCX171807)。
文摘Developing secure software systems is a major challenge in the software industry due to errors or weaknesses that bring vulnerabilities to the software system.To address this challenge,researchers often use the source code features of vulnerabilities to improve vulnerability detection.Notwithstanding the success achieved by these techniques,the existing studies mainly focus on the conceptual description without an accurate definition of vulnerability features.In this study,we introduce a novel and efficient Memory-Related Vulnerability Detection Approach using Vulnerability Features (MRVDAVF).Our framework uses three distinct strategies to improve vulnerability detection.In the first stage,we introduce an improved Control Flow Graph (CFG) and Pointer-related Control Flow Graph (PCFG) to describe the features of some common vulnerabilities,including memory leak,doublefree,and use-after-free.Afterward,two algorithms,namely Vulnerability Judging algorithm based on Vulnerability Feature (VJVF) and Feature Judging (FJ) algorithm,are employed to detect memory-related vulnerabilities.Finally,the proposed model is validated using three test cases obtained from Juliet Test Suite.The experimental results show that the proposed approach is feasible and effective.
