Statically detecting buffer overflows in C/C++
نویسندگان
چکیده
منابع مشابه
Statically Detecting Likely Buffer Overflow Vulnerabilities
Buffer overflow attacks may be today’s single most important security threat. This paper presents a new approach to mitigating buffer overflow vulnerabilities by detecting likely vulnerabilities through an analysis of the program source code. Our approach exploits information provided in semantic comments and uses lightweight and efficient static analyses. This paper describes an implementation...
متن کاملEliminating Buffer Overflows
Buffer overflow attacks are among the oldest and most common attacks used to gain privileged access to a computer system. In fact, statistics from Carnegie Mellon’s Computer Emergency Response Team reveal that buffer overflow vulnerabilities accounted for about 50% of all reported vulnerabilities in 2000 [2]. It is surprising that after almost 20 years of buffer overflow exploits, they are stil...
متن کاملExploit Programming From Buffer Overflows to “ Weird
Hacker-driven exploitation research has developed into a discipline of its own, concerned with practical exploration of how unexpected computational properties arise in actual multi-layered, multi-component computing systems, and of what these systems could and could not compute as a result . The staple of this research is describing unexpected (and unexpectedly powerful) computational models i...
متن کاملOn the Evolution of Buffer Overflows
The vast majority of software vulnerabilities still originates from buffer overflows. Many different variations of buffer overflows evolved over time, rendering them an ubiquitous threat in every piece of code. In this paper, we present various facets of buffer overflows and pinpoint their practical relevance. Despite numerous protection mechanisms it remains difficult to protect against buffer...
متن کاملEstimating Buffer Overflows in Three Stages Using Cross-entropy
In this paper we propose a fast adaptive Importance Sampling method for the efficient simulation of buffer overffow probabilities in queueing networks. The method comprises three stages. First we estimate the minimum Cross-Entropy tilting parameter for a small buffer level; next, we use this as a starting value for the estimation of the optimal tilting parameter for the actual (large) buffer le...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Proceedings of the Institute for System Programming of the RAS
سال: 2016
ISSN: 2079-8156,2220-6426
DOI: 10.15514/ispras-2016-28(4)-9