Detecting buffer overflow via automatic test input data generation

Computers and Operations Research

Volumn 35, Issue 10, 2008, Pages 3125-3143

  Del Grosso, C ^a   Antoniol, G ^b   Merlo, E ^b   Galinier, P ^b  

^a UNIVERSITY OF SANNIO   (Italy)

^b ÉCOLE POLYTECHNIQUE DE MONTRÉAL   (Canada)

Author keywords

Buffer overflow detection; Evolutionary testing; Test data generation

Indexed keywords

AUTOMATION; DATA ACQUISITION; ECONOMIC ANALYSIS; GENETIC ALGORITHMS; HEALTH CARE; LINEAR PROGRAMMING;

BUFFER OVERFLOW DETECTION; EVOLUTIONARY TESTING; FITNESS FUNCTIONS; TEST DATA GENERATION;

COMPUTER SOFTWARE;

EID: 40449126880     PISSN: 03050548     EISSN: None     Source Type: Journal    
DOI: 10.1016/j.cor.2007.01.013     Document Type: Article

References (35)

1. Del Grosso C., Antoniol G., and Di Penta M. An evolutionary testing approach to detect buffer overflow. Student paper proceedings of the international symposium of software reliability engineering (ISSRE). St Malo, Bretagne, France (2004) 77-78
2. Del Grosso C., Di Penta M., Antoniol G., Merlo E., and Galinier P. Improving network applications security. a new heuristic to generate stress testing data. Proceedings of the genetic and evolutionary computation conference. Washington, DC, USA (2005) 1037-1043
3. Coello C. A short tutorial on evolutionary multiobjective optimization. In: Zitzler E, Deb K, Thiele L, Coello CAC, Corne D, editors. First international conference on evolutionary multi-criterion optimization. Lecture notes in computer science, vol. 1993. Berlin: Springer; 2001. p. 21-40. URL: 〈citeseer.ist.psu.edu/coellocoello01short.html〉.
4. Viega J, Bloch J, Kohno T, McGraw G. ITS4: a static vulnerability scanner for c and c++ code. In: Proceedings of the 16th annual computer security applications conference; 2000. p. 3-17.
5. Secure software solutions, rats, the rough auditing tool for security, 〈http://www.securesw.com/rats/〉. URL: 〈http://www.securesw.com/rats/〉.
6. Larochelle D., and Evans D. Statically detecting likely buffer overflow vulnerabilities. Proceedings of the 10th USENIX security symposium. Washington, DC (2001) 177-190
7. Evans D, Larochelle D. Improving security using extensible lightweight static analysis. IEEE Software 2002; 42-50.
8. DaCosta D., Dahn C., Mancoridis S., and Prevelakis V. Characterizing the 'security vulnerability likelihood' of software functions. Proceedings of IEEE international conference on software maintenance. Amsterdam, The Netherlands (2003) 266-276
9. Haugh E, Bishop M. Testing c programs for buffer overflow vulnerabilities. In: Proceedings of the 10th network and distributed system security symposium. Internet Society, San Diego, CA, USA; 2003. URL: 〈http://www.isoc.org/isoc/conferences/ndss/03/proceedings/index.htm 〉.
10. Ruwase O, Lam M. A practical dynamic buffer overflow detector. In: Proceedings of the network and distributed system security (NDSS) symposium; 2004. p. 159-69. URL: 〈citeseer.ist.psu.edu/ruwase04practical.html〉.
11. Wagner D., Foster J., Brewer E., and Aiken A. A first step towards automated detection of buffer overrun vulnerabilities. Proceedings of the symposium on network and distributed systems security (NDSS '00). San Diego, CA, USA (2000) 3-17
12. Miller B., Fredricksen L., and So B. Empirical study of the reliability of unix utilities. Communications of the Association for Computing Machinery 33 12 (1990) 32-44
13. Korel B., and Al-Yami A. Assertion-oriented automated test data generation. Proceedings of the international conference on software engineering. Berlin, Germany (1996) 71-80
14. Tracey N. A search-based automated test-data generation framework for safety critical software. PhD thesis, University of York, 2000.
15. Tracey N., Clark J., Mander K., and McDermid J. Automated test data generation for exception conditions. Software-Practice and Experience 30 1 (2000) 61-79
16. McMinn P. Search-based software test data generation: a survey. Software Testing, Verification and Reliability 14 (2004) 105-156
17. Binkley D., and Harman M. Analysis and visualization of predicate dependence on formal parameters and global variables. IEEE Transactions on Software Engineering 30 11 (2004) 715-735
18. Berndt D., Fisher J., Johnson L., Pinglikar J., and Watkins A. Breeding software test cases with genetic algorithms. Proceedings of the Hawai international conference on system sciences (2003) 338-348
19. Briand L., Labiche Y., and Shousha M. Stress testing real-time systems with genetic algorithms. GECCO '05: proceedings of the 2005 conference on genetic and evolutionary computation (2005), ACM Press, New York, NY, USA 1021-1028
20. Ostrand T.J., and Balcer M.J. The category-partition method for specifying and generating functional tests. Communications of the ACM 31 6 (1988) 676-686
21. Chen T., Bai A., Hajjar A., von Mayrhauseran A., and Anderson C. Fast antirandom (far) test generation to improve the quality of behavioral model verification. Journal of Electronic Testing: Theory and Applications (JETTA) 6 (2002) 583-594
22. Cowan C., Pu C., Maier D., Walpole J., Bakke P., Beattie S., et al. StackGuard. automatic adaptive detection and prevention of buffer-overflow attacks. Proceedings of the seventh USENIX security conference. San Antonio, TX (1998) 63-78. http://www.citeseer.nj.nec.com/cowan98stackguard.html URL: 〈citeseer.nj.nec.com/cowan98stackguard.html〉
23. Goldberg D. Genetic algorithms in search, optimization and machine learning (1989), Addison-Wesley Publishing Company, Reading, MA
24. Garey M., and Johnson D. Computers and intractability: a guide to the theory of NP-completeness (1979), W.H. Freeman, New York
25. Falkenauer E. Genetic algorithms and grouping problems (1998), Wiley-Inter Science, Wiley, NY
26. Weiser M. Program slicing. IEEE Transactions on Software Engineering 10 4 (1984) 352-357
27. Horwitz S, Reps T, Binkley D. Interprocedural slicing using dependence graphs. In Proceedings of the ACM SIGPLAN'88 conference on programming language design and implementation; 1988. p. 35-46.
28. Gallagher K., and Lyle J. Using program slicing in software maintenance. IEEE Transactions on Software Engineering 17 8 (1991) 751-761
29. Horwitz S., Reps T., and Binkley D. Interprocedural slicing using dependence graphs. ACM Transactions on Programming Languages and Systems 12 1 (1990) 26-61
30. Choi J., and Ferrante J. Static slicing in the presence of goto statements. ACM Transaction on Programming Languages and Systems 16 4 (1994) 1097-1113
31. Tip F. A survey of program slicing techniques. Journal of Programming Languages 3 3 (1995) 121-189
32. Larsen L, Harrold M. Slicing object-oriented software. In: Proceedings of the international conference on software engineering; 1996. p. 495-505.
33. Merlo E, Antoniol G. A static measure of a subset of intra-procedural data flow testing coverage based on node coverage. In: Proceedings of CASCON-99-sponsored by IBM Canada and the National Research Council of Canada, Mississauga, Ont.; 1999. p. 173-86.
34. Wall M. GAlib-a C++ library of genetic algorithm components. 〈http://lancet.mit.edu/ga/〉.
35. Zitser M., Lippmann R., and Leek T. Testing static analysis tools using exploitable buffer overflows from open source code. SIGSOFT '04/FSE-12: proceedings of the 12th ACM SIGSOFT 12th international symposium on foundations of software engineering (2004), ACM Press, New York, NY, USA 97-106