Improving the Accuracy of Integer Signedness Error Detection Using Data Flow Analysis

نویسندگان

  • Hao Sun
  • Chao Su
  • Yue Wang
  • Qingkai Zeng
چکیده

Integer signedness error can be exploited by attackers to cause severe damages to computer systems. Despite of the significant advances in automating the detection of integer signedness errors, accurately differentiating exploitable and harmful signedness errors from unharmful ones still remains an open problem. In this paper, we present the design and implementation of SignFlow, an instrumentation-based integer signedness error detector to reduce the reports for unharmful signedness errors without sacrificing the completeness (i.e. no false negatives). SignFlow utilizes static data flow analysis to identify unharmful integer signedness conversions from the view of where the operands originate and whether the data after conversions can propagate to security-related operations, and then inserts security checks for the remaining conversions so as to accomplish runtime protection. We evaluated SignFlow on 7 real-world harmful integer signedness bugs, SPECint 2006 benchmarks together with 5 real-world applications. Experimental results show that SignFlow successfully detected all harmful integer signedness bugs and achieved a reduction of 41% in false positives over IntFlow, the state-of-the-art signedness error detector. Keywords—integer signedness error, data flow analysis, instrumentation, sanitization

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Signedness-Agnostic Program Analysis: Precise Integer Bounds for Low-Level Code

Many compilers target common back-ends, thereby avoiding the need to implement the same analyses for many different source languages. This has led to interest in static analysis of LLVM code. In LLVM (and similar languages) most signedness information associated with variables has been compiled away. Current analyses of LLVM code tend to assume that either all values are signed or all are unsig...

متن کامل

Catchconv: Symbolic execution and run-time type inference for integer conversion errors

We propose an approach that combines symbolic execution and run-time type inference from a sample program run to generate test cases, and we apply our approach to signed/unsigned conversion errors in programs. A signed/unsigned conversion error occurs when a program makes control flow decisions about a value based on treating it as a signed integer, but then later converts the value to an unsig...

متن کامل

Behavioral Analysis of Traffic Flow for an Effective Network Traffic Identification

Fast and accurate network traffic identification is becoming essential for network management, high quality of service control and early detection of network traffic abnormalities. Techniques based on statistical features of packet flows have recently become popular for network classification due to the limitations of traditional port and payload based methods. In this paper, we propose a metho...

متن کامل

مدل‌سازی منطقه‌ای و ارزیابی ضریب جریان در حوزه کرخه

Estimating the runoff coefficient that is influenced by morphometric, geologic and hydro climatologically factors are the most important issues in hydrology and information of its role in the planning and management of water resources is more important. In this research, twenty hydrometric stations with common period from 1974 to 1999were selected. Physiographic parameters of the catchments fro...

متن کامل

Determination of the Best Hierarchical Clustering Method for Regional Analysis of Base Flow Index in Kerman Province Catchments

The lack of complete coverage of hydrological data forces hydrologists to use the homogenization methods in regional analysis. In this research, in order to choose the best Hierarchical clustering method for regional analysis, base flow and related index were extracted from daily stream flow data using two parameter recursive digital filters in 43 hydrometric stations of the Kerman province. Ph...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:
  • International Journal of Software Engineering and Knowledge Engineering

دوره 25  شماره 

صفحات  -

تاریخ انتشار 2015