Rui Ma,Yiming Yan,Long Wang,Changzhen Hu,Jingfeng Xue

2016-01-01

Abstract:Buffer overflow vulnerability is currently one of the most serious software security vulnerabilities. Taking effective methods to detect buffer overflow vulnerabilities is of great significance to improve the robustness and security of software. After analyzing the principle of buffer overflow and various buffer overflow vulnerabilities, as well as comparing static with dynamic detection techniques, this paper presents a static detection method for buffer overflow based on abstract syntax tree, especially for vulnerabilities caused by string accessing of C source code. The proposed method first generates an abstract syntax tree for the source code by using the GCC compiler, and collects the characteristics of vulnerability by analyzing AST nodes. For the nodes associated with the buffer overflow, the method further gives a formal description of that characteristic so as to generate security attributed and constraint rules. By traversing the abstract syntax tree, the proposed method finally determines whether buffer overflow vulnerability exists in the source code. Experiments with 12 C programs were carried out on the Windows platform, and each program has been discovered at least one typical buffer overflow vulnerability. The experimental results highlight the feasibility and effectiveness of the proposed method, especially in the detecting out of range for a pointer, an array, and a structure object, as well as the buffer overflow vulnerability caused by some C library function calls.

xiaoyu wang,qiaoyan wen,zhao zhang

DOI: https://doi.org/10.2991/lemcs-14.2014.70

2014-01-01

Abstract:Buffer overflow has become the most common software vulnerability, which seriously restricts the development of the software industry. It's very essential t o find out an effective method to detect this kind of software bugs accurately. In this paper, we design an improved buffer overflow detection system. At first, our system preprocesses the source code to add some auxiliary detection symbols. Then, it scans the source code by a static detector, which uses the identifier for auxiliary detection and combines with a dynamic detection method to improve the recognition accuracy and detection capability. Finally, we make a comparison between our system and the original detection system. To assess the usefulness of this approach, several experiments are performed on a simulation system, and we can draw a conclusion that our system performs better than other detection software. The method proposed in this paper is of the important application value and can improve detection accuracy.

CHEN Shikun,LI Zhoujun,HUANG Yonggang,XING Jianying

DOI: https://doi.org/10.3321/j.issn:1000-0054.2009.z2.016

2009-01-01

Abstract:Buffer overflows are the main source of security issues in C programs.This paper presents a SAT-based technique to identify buffer overflows in C source codes using a source-to-source transformation which adds some statements into the source code to model the buffer properties, with some asserts to describe the buffer overflows.Then, the asserts are checked by SAT tools.This technique was used to automatically identify buffer overflows in source codes in 1 164 code fragments from a publicly available benchmark.Tests show that the system accurately located buffer overflow vulnerabilities in these programs with zero false alarms and an omission rate of only 2.08%.

Huan Ying,Yanmiao Zhang,Lifang Han,Yushi Cheng,Jiyuan Li,Xiaoyu Ji,Wenyuan Xu

DOI: https://doi.org/10.1109/ITNEC.2019.8729362

2019-01-01

Abstract:As a modern power transmission network, smart grid connects plenty of terminal devices. However, along with the growth of devices are the security threats. Different from the previous separated environment, an adversary nowadays can destroy the power system by attacking these devices. Therefore, it’s critical to ensure the security and safety of terminal devices. To achieve this goal, detecting the pre-existing vulnerabilities of the device program and enhance the terminal security, are of great importance and necessity. In this paper, we propose a novel approach that detects existing buffer-overflow vulnerabilities of terminal devices via automatic static analysis (ASA). We utilize the static analysis to extract the device program information and build corresponding program models. By further matching the generated program model with pre-defined vulnerability patterns, we achieve vulnerability detection and error reporting. The evaluation results demonstrate that our method can effectively detect buffer-overflow vulnerabilities of smart terminals with a high accuracy and a low false positive rate.

Liao Guangdeng,Liu Fang,Rao Ruonan

DOI: https://doi.org/10.3969/j.issn.1000-386X.2007.08.001

2007-01-01

Abstract:Buffer overflow detection technology is an important branch of the information security researches.An approach based on syntax node analysis to detect buffer overflow automatically is presented,and one prototype is implemented.This approach has the lower false alarms and the better performance compared with the existing approaches.

XU Chao,HE Yan-xiang,HU Ming-hao,WU Wei,CHEN Yong,LIU Jian-bo

DOI: https://doi.org/10.3969/j.issn.1001-3695.2012.02.057

2012-01-01

Abstract:To enhance the buffer overflow detection for programs,this paper put forward a testing method based the analysis for C programs using CCured and BLAST.Firstly,the method used CCured to insert runtime detections into C program,and then described the constraints of the detections with the customized security-attribute language provided by BLAST.At last,according to the descriptions,BLAST could do model checking on the programs to find out the potential buffer overflow vulnerabilities in the programs as far as possible.

JiaYu Li,Ye Yao,Yian Zhu,Mutitaba,Yongkai Zhang,Hang Li

DOI: https://doi.org/10.1109/icnisc60562.2023.00011

2023-01-01

Abstract:The paper presented and implemented a C-Scanner source code vulnerability detection tool, which can solve the buffer overflow problem. The main idea was to rewrite the source code of a C or C++, so that the resulting code contained the safe version of the old vulnerable functions, which may contain a buffer overflow security problem. If rewriting was not possible, due to some reasons, a warning was issued along with a hint to solve the problem if it was possible. C-Scanner in this paper took the C or C++ source code as input, and then it did a parsing process. Every time it encountered a vulnerable function call, it classified this function call. If this function call was belonging to a category of its interest, then it would rewrite this vulnerable function by a safe version, which prevented the buffer overflow vulnerability.

Hui HUANG,Yuliang LU,Lintao LIU,Jun ZHAO

DOI: https://doi.org/10.3969/j.issn.0253-2778.2015.07.006

2015-01-01

Journal of University of Science and Technology of China

Abstract:Limited by incomplete call graph analysis and path feasibility analysis ,current static integer overflow defect detection methods generally return results with high false positives . To reduce this inefficiency ,aiming at automatic exploration of the external input triggering integer overflow defects ,a new source code oriented detection method was proposed combining call graph analysis , static taint analysis and static symbolic execution ,in which a field‐sensitive and flow‐sensitive pointer analysis method was proposed for constructing an over‐approximation of the target program’s real call graph ,with a static taint‐sink propagation analysis carried out for calculating the potential external input reachable integer overflow defects , on which flow‐sensitive static symbolic execution is conducted to reduce the false positives introduced by the detection system through justifying the satisfiability of the corresponding defect constraint . Experiments prove the effectiveness of the methodin real‐world integer overflow defect detection and false alarm reduction .

Jingbo Yuan,Shunli Ding

DOI: https://doi.org/10.1109/iccsn.2011.6013572

2011-01-01

Abstract:Buffer overflow vulnerabilities are currently the most prevalent security vulnerability. The paper presents a method that combines static analysis with dynamic test to deal with the problem on buffer overflow vulnerabilities detecting. By using the method we can identify potential weakness locations. A buffer overflow vulnerabilities testing system was developed. The experiment results tested and verified that the new methodology is feasibility and availability.

Minglei SHANG,Hao HUANG

DOI: https://doi.org/10.3969/j.issn.1000-3428.2005.12.014

2005-01-01

Abstract:The principle of buffer overflow and overflow string are analyzed.Then several typical real-time buffer overflow attacks detectionmethods are analyzed.At last, a real-time buffer overflow attack detection approach based on system calls is presented.This approach adds mandatoryaccess control to original system call function by the means of hijacking system calls.In the way of monitoring illegal system calls,it can detect andprevent various buffer overflow attacks of improving priviledge.

Sun Ding,Hee Beng Kuan Tan,Kaiping Liu,Mahinthan Chandramohan,Hongyu Zhang

DOI: https://doi.org/10.1109/COMPSACW.2012.103

2012-01-01

Abstract:Buffer overflow vulnerability is one of the major security threats for applications written in C/C++. Among the existing approaches for detecting buffer overflow vulnerability, though flow sensitive based approaches offer higher precision but they are limited by heavy overhead and the fact that many constraints are unsolvable. We propose a novel method to efficiently detect vulnerable buffer overflows in any given control flow graph through recognizing two patterns. The proposed approach first uses syntax analysis to filter away those branches that cannot possibly comply with any of the two patterns before applying a limited symbolic evaluation for a precise matching against the patterns. The proposed approach only needs to evaluate a limited set of selected branch predicates according to the patterns and avoids the need to deal with a large number of general branch predicates. This significantly improves the scalability while not sacrificing the detection precision. Our experiments demonstrate the scalability and efficiency of the proposed method, which demonstrates its applicability.

Liu Jie,He Da,Rao Zhihong

DOI: https://doi.org/10.1145/3318236.3318261

2019-01-01

Abstract:Buffer overflow vulnerabilities have been the most common form of software vulnerabilities. It is very difficult and time consuming to detect possible types of vulnerabilities from a program. This paper proposes an analysis model of buffer overflow vulnerability based on finite state machine (FSM). The model conducts static analysis on source code. And then it analyzes the formation of buffer overflow vulnerabilities and process of data overflow. For the two types of buffer overflow vulnerabilities caused by function call errors and loop copy errors, the corresponding vulnerability analysis model is designed. The vulnerability analysis model proposed in this paper is verified by two scenarios. The experimental results show that the model can detect buffer overflow vulnerability automatically and effectively.

Shunli Ding,Jingbo Yuan

DOI: https://doi.org/10.1109/csae.2011.5952950

2011-01-01

Abstract:Buffer overflow attack is the most common and arguably the most dangerous attack method. The buffer overflow detecting will play a significant role in network security filed. Various solutions have been developed to address the buffer overflow vulnerability problem. The paper presents a method that combines static analysis with dynamic test. By using the method we can identify a lot of potential weakness locations. A buffer overflow vulnerabilities testing system was developed. Using the system some PE-format files and dynamic link library files are detected respectively. The experiment results show that the method is feasibility and availability.

Tao Ye,Lingming Zhang,Linzhang Wang,Xuandong Li

DOI: https://doi.org/10.1109/ICST.2016.21

2016-01-01

Abstract:Buffer overflow is one of the most common types of software security vulnerabilities. Although researchers have proposed various static and dynamic techniques for buffer overflow detection, buffer overflow attacks against both legacy and newly-deployed software systems are still quite prevalent. Compared with dynamic detection techniques, static techniques are more systematic and scalable. However, there are few studies on the effectiveness of state-of-the-art static buffer overflow detection techniques. In this paper, we perform an in-depth quantitative and qualitative study on static buffer overflow detection. More specifically, we obtain both the buggy and fixed versions of 100 buffer overflow bugs from 63 real-world projects totalling 28 MLoC (Millions of Lines of Code) based on the reports in Common Vulnerabilities and Exposures (CVE). Then, quantitatively, we apply Fortify, Checkmarx, and Splint to all the buggy versions to investigate their false negatives, and also apply them to all the fixed versions to investigate their false positives. We also qualitatively investigate the causes for the false-negatives and false-positives of studied techniques to guide the design and implementation of more advanced buffer overflow detection techniques. Finally, we also categorized the patterns of manual buffer overflow repair actions to guide automated repair techniques for buffer overflow. The experiment data is available at http://bo-study.github.io/Buffer-Overflow-Cases/.

SHI Sheng-li,REN Ping-an

DOI: https://doi.org/10.3969/j.issn.1000-3428.2011.10.037

2011-01-01

Abstract:According to the features that the attacker usual depends on modifying function return address or function entry address to change the program execution sequence and the structural characteristics of ELF file,while calling function and returning after function calling,certain specific information is dealed with in order to detect attack action.This paper presents a new approach of detecting buffer overflow attacks at runtime depending on the pin that is a tool for the dynamic program monitoring and provides numbers of API functions to design a tool which executives runtime program.Case analysis shows that the method does not need alter the software and hardware system.

XU Guo-ai,ZHANG Miao,TAN Guo-lu,YANG Yi-xian

DOI: https://doi.org/10.3969/j.issn.0258-0934.2007.06.027

2007-01-01

Abstract:A new buffer overflow detection model based on Inequalities Solution was designed,which is based on analyzing disadvantage of the old buffer overflow detection technique and successfully converting buffer overflow detection to Inequalities Solution.The new model can conquer the disadvantage of the old technique and improve efficiency of buffer overflow detection.

Wenbing XIE,Xiaodong MA,Zhongsheng LI,Xiamu NIU

DOI: https://doi.org/10.3778/j.issn.1002-8331.1407-0160

2016-01-01

Abstract:Due to the lack of boundary checking mechanism, buffer overflow is one of the most serious attacks against C/C++programs. This paper presents a runtime countermeasure for buffer overflow attack. Through duplicating the control flow information with array which declared in the dynamic link libraries, including the return address and the frame pointer of each function, illegal overwriting can be detected dynamically. This method can both detect direct and indirect attack in the buffer overflow attack. Experiments based on the RIPE testbed and two practical tests as well as theoretical analysis show the effectiveness of this method.

ZHANG Jun-xian,LI Zhou-jun

DOI: https://doi.org/10.13190/j.jbupt.2016.s.012

2016-01-01

Abstract:Buffer overflow is a source of many security problems in C programs. A new tool named Path-Checker to detect buffer overflows in C codes using dynamic symbolic execution method is proposed. PathChecker uses quantifier-free predicate formulas to describe the safety properties of buffer access oper-ations and check these properties using a SMT solver. Experimental results show the effectiveness of this tool which is very easy to extend to check other safety properties.

张实睿,许蕾,徐宝文

DOI: https://doi.org/10.3969/j.issn.1003-7985.2009.02.016

2009-01-01

Abstract:A simplified integer overflow detection method based on path relaxation is described for avoiding buffer overflow triggered by integer overflow. When the integer overflow refers to the size of the buffer allocated dynamically, this kind of integer overflow is most likely to trigger buffer overflow. Based on this discovery, through lightly static program analysis, the solution traces the key variables referring to the size of a buffer allocated dynamically and it maintains the upper bound and lower bound of these variables. After the constraint information of these traced variables is inserted into the original program, this method tests the program with test cases through path relaxation, which means that it not only reports the errors revealed by the current runtime value of traced variables contained in the test case, but it also examines the errors possibly occurring under the same execution path with all the possible values of the traced variables. The effectiveness of this method is demonstrated in a case study. Compared with the traditional buffer overflow detection methods, this method reduces the burden of detection and improves efficiency.

Tianjie Cao

2009-01-01

Abstract:Buffer overflow attack is often used by hackers,the attacker can get the highest authority of the computer though it ,so it poses a great threat on computer security. This paper analyses the most commonly used methods on buffer overflow defense and presents a new detecting method of buffer overflow attacks based on address confirmation ,starting by analyzing the principle of buffer overflow attacks.