Estimating Buffer Overflows in Three Stages Using Cross-entropy
نویسندگان
چکیده
In this paper we propose a fast adaptive Importance Sampling method for the efficient simulation of buffer overffow probabilities in queueing networks. The method comprises three stages. First we estimate the minimum Cross-Entropy tilting parameter for a small buffer level; next, we use this as a starting value for the estimation of the optimal tilting parameter for the actual (large) buffer level; finally, the tilting parameter just found is used to estimate the overflow probability of interest. We recognize three distinct properties of the method which together explain why the method works well; we conjecture that they hold for quite general queueing networks. Numerical results support this conjecture and demonstrate the high efficiency of the proposed
منابع مشابه
A Fast Cross-Entropy Method for Estimating Buffer Overflows in Queueing Networks
I this paper, we propose a fast adaptive importance sampling method for the efficient simulation of buffer overflow probabilities in queueing networks. The method comprises three stages. First, we estimate the minimum cross-entropy tilting parameter for a small buffer level; next, we use this as a starting value for the estimation of the optimal tilting parameter for the actual (large) buffer l...
متن کاملTitle: Driving Home the Buffer Overflow Problem: A Training Module for Programmers and Managers
Repeatedly, news headlines read: "Buffer overflow in vendor’s product allows intruders to take over computer!” This widespread programming mistake is easy to make, exacerbated by the ubiquitous C language, and very simple to exploit. We describe a demonstration (a Java applet) appropriate for a traditional programming course to drive home key points: why buffer overflows occur, how overflows op...
متن کاملOn the Evolution of Buffer Overflows
The vast majority of software vulnerabilities still originates from buffer overflows. Many different variations of buffer overflows evolved over time, rendering them an ubiquitous threat in every piece of code. In this paper, we present various facets of buffer overflows and pinpoint their practical relevance. Despite numerous protection mechanisms it remains difficult to protect against buffer...
متن کاملTesting C Programs for Buffer Overflow Vulnerabilities
Security vulnerabilities often result from buffer overflows. A testing technique that instruments programs with code that keeps track of memory buffers, and checks arguments to functions to determine if they satisfy certain conditions, warns when a buffer overflow may occur. It does so when executed with ”normal” test data as opposed to test data designed to trigger buffer overflows. A tool usi...
متن کاملUsing Program Transformation to Secure C Programs Against Buffer Overflows
Buffer overflows are the most common source of security vulnerabilities in C programs. This class of vulnerability, which is found in both legacy and modern software, costs the software industry hundreds of millions of dollars per
متن کامل