Springer, Heidelberg (2009)Ĭhen, P., Wang, Y., Xin, Z., Mao, B., Xie, L.: Brick: a binary tool for run-time detecting and locating integer-based vulnerability. 95–100, July 2013Ĭhen, P., Han, H., Wang, Y., Shen, X., Yin, X., Mao, B., Xie, L.: IntFinder: automatically detecting integer bugs in x86 binary program. In: 2013 IEEE 37th Annual Computer Software and Applications Conference Workshops (COMPSACW), pp. IEEE Computer Society, Washington, DC (2012)Ĭhen, D., Zhang, Y., Cheng, L., Deng, Y., Sun, X.: Heuristic path pruning algorithm based on error handling pattern recognition in detecting vulnerability. In: Proceedings of the 2012 IEEE Symposium on Security and Privacy, SP 2012, pp. USENIX Association, Berkeley (2008)Ĭha, S.K., Avgerinos, T., Rebert, A., Brumley, D.: Unleashing mayhem on binary code. In: Proceedings of the 8th USENIX Conference on Operating Systems Design and Implementation, OSDI 2008, pp. 35(5), 1–12 (2000)Ĭadar, C., Dunbar, D., Engler, D.: KLEE: unassisted and automatic generation of high-coverage tests for complex systems programs. Springer, Heidelberg (2008)īala, V., Duesterwald, E., Banerjia, S.: Dynamo: a transparent dynamic optimization system. KeywordsĪnand, S., Godefroid, P., Tillmann, N.: Demand-driven compositional symbolic execution. The experiments also demonstrate that the vulnerability ranking technique and other optimization techniques employed in INDIO can significantly reduce false positives with economic costs. We have applied INDIO to several real-world, large-size Windows binaries, and the experimental results confirmed the effectiveness of INDIO (all known and two previously unknown integer overflows vulnerabilities were detected). As a result, INDIO can detect integer overflow with low false positive and false negative rates. INDIO integrates the techniques of pattern-matching (for quick identification of potential vulnerabilities), vulnerability ranking (for economic elimination of false positives), and selective symbolic execution (for rigorous elimination of false positives). In this paper, we present a platform, called INDIO, for accurately detecting integer overflow vulnerabilities in Windows binaries. This limits the usability of these solutions in analyzing real-world applications, especially those in the format of binary executables. However, current solutions are less effective in detecting integer overflow vulnerabilities: they either produce unacceptably high false positive rates or cannot generate concrete inputs towards vulnerability exploration. Integer overflow presents a major source of security threats to information systems.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |