Convicting exploitable software vulnerabilities: An efficient input provenance based approach

Proceedings of the International Conference on Dependable Systems and Networks

Volumn , Issue , 2008, Pages 247-256

  Lin, Zhiqiang ^a   Zhang, Xiangyu ^a   Xu, Dongyan ^a  

^a PURDUE UNIVERSITY   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

BINARY DECISION; DATA LINEAGE TRACING; DEPENDABLE SYSTEMS; DYNAMIC APPROACH; FALSE POSITIVE RATE; FALSE POSITIVES; INPUT VALUES; INTERNATIONAL CONFERENCES; OFF-LINE ANALYSIS; ROOT CAUSES; SECURITY VULNERABILITIES; SOFTWARE VULNERABILITIES; SOURCE CODING; SYSTEM ADMINISTRATORS;

DATA STRUCTURES; FILE ORGANIZATION; LAW ENFORCEMENT; NETWORK PROTOCOLS; SENSOR NETWORKS;

BINARY DECISION DIAGRAMS;

EID: 53349100043     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/DSN.2008.4630093     Document Type: Conference Paper

References (24)

1. http://www.dwheeler.com/flawfinder/
2. http://www.fortifysoftware.com/security-resources/rats.jsp
3. http://diablo.elis.ugent.be
4. Buddy, a binary decision diagram package. Department of Information Technology, Technical Univ. of Denmark.
5. C. Meinel and T. Theobald. Algorithms and data structures in vlsi design, 1998. Springer.
6. Valgrind: A Framework for Heavyweight Dynamic Binary Instrumentation. N. Nethercote and J. Seward. In Proc. of ACMPLDI, June 2007.
7. B.P. Miller, L. Fredriksen, and B. So. An Empirical Study of the Reliability of UNIX Utilities. Communications of the ACM 33, 12, Dec. 1990.
8. J. E. Forrester and B. P. Miller. An Empirical Study of the Robustness of Windows NT Applications Using Random Testing. In Proc. of the 4th USENIX Windows System Symposium, 2000.
9. C. Cadar, V. Ganesh, P. Pawlowski, D. Dill, and D. Engler. Exe: automatically generating inputs of death. In Proc. of ACM CCS, Nov. 2006.
10. K. Sen, D. Marinov, and G. Agha. Cute: A concolic unit testing engine for c. In Proc. of ACM ESEC/FSE-13, 2005.
11. P. Godefroid, N. Klarlund, and K. Sen. Dart: Directed automated random testing. In Proc. of ACM PLDI, 2005.
12. A. Moser, C. Kruegel, and E. Kirda. Exploring multiple execution paths for malware analysis. In Proc. of 2007 IEEE Symposium on Security and Privacy, May 2007.
13. P. Godefroid, M. Levin, and D. Moinar. Automated whitebox fuzz testing. In Proc. of NDSS, San Deigo, CA, Feb. 2008.
14. M. Egele, C. Kruegel, E. Kirda, H. Yin, and D. Song. Dynamic Spyware Analysis. In Proc. of the 2007 USENIX Annual Technical Conference, Santa Clara, CA, June 2007.
15. J. Newsome and D. Song. Dynamic taint analysis for automatic detection, analysis, and signature generation of exploits on commodity software.. In Proc. of NDSS, Feb. 2005.
16. M. Abadi, M. Budiu, U. Erlingsson, and J. Ligatti. Control-Flow Integrity: Principles, Implementations, and Applications. In Proc of ACM CCS, Nov. 2005.
17. M. Castro, M. Costa, and T. Harris. Securing Software by Enforcing Data-flow Integrity. In Proc. of OSDI, Nov. 2006.
18. D. Wagner, J. S. Foster, E. A. Brewer, and A. Aiken. A first step towards automated detection of buffer overrun vulnerabilities. In Proc. of NDSS, Feb. 2000.
19. D. Larochelle and D. Evans. Statically Detecting Likely Buffer Overflow Vulnerabilities. In Proc. of USENIX Security, 2001.
20. M. Zitser, D. Shaw, T. Leek and R. Lippman. Testing Static Analysis Tools Using Exploitable Buffer Overflows From Open Source Code. In Proc. of ACM ESEC/FSE-11, 2004.
21. Y. Xie, A. Chou, and D. Engler. Archer: using symbolic, path-sensitive analysis to detect memory access errors. In Proc. of ACM ESEC/FSE-10, 2003.
22. J. Ferrante, K. Ottenstein, J. Warren. The program dependence graph and its use in optimization. ACM Trans. on Programming Languages and Systems, 9(3),1987.
23. M. Weiser. Program slicing. In Proc. of ICSE, 1981.
24. X. Zhang, R. Gupta, and Y. Zhang. Efficient forward computation of dynamic slices using reduced ordered binary decision diagrams. In Proc. of ICSE, 2004.