Mutation-based Testing of Buffer Overflows, Sql Injections, and Format String Bugs
نویسنده
چکیده
...........................................................................................................................................ii Acknowledgements......................................................................................................................... iv Statement of Originality................................................................................................................... v Table of
منابع مشابه
A Unified Approach for Preventing Attacks Exploiting a Range of Software Vulnerabilities
Software implementation bugs are behind most security vulnerabilities reported today. Our analysis of CVE vulnerabilities in 2003 and 2004 indicate that 20% of them were classified as DOS attacks, 30% are due to design errors, and almost every thing else is due to implementation errors. Among implementation errors, 84% are due to generalized injection vulnerabilities that allow an attacker to m...
متن کاملTaint-Enhanced Policy Enforcement: A Practical Approach to Defeat a Range of Attacks
Policy-based confinement, employed in SELinux and specification-based intrusion detection systems, is a popular approach for defending against exploitation of vulnerabilities in benign software. To be effective, this approach requires the development of accurate application-specific security policies, which is a difficult task. Even if sufficient resources and expertise are expended for policy ...
متن کاملDowsing for Overflows: A Guided Fuzzer to Find Buffer Boundary Violations
Dowser is a ‘guided’ fuzzer that combines taint tracking, program analysis and symbolic execution to find buffer overflow and underflow vulnerabilities buried deep in a program’s logic. The key idea is that analysis of a program lets us pinpoint the right areas in the program code to probe and the appropriate inputs to do so. Intuitively, for typical buffer overflows, we need consider only the ...
متن کاملDeconstructing Hardware Architectures for Security
Researchers have recently proposed novel hardware architectures for enhancing system security. The proposed architectures address security threats such as buffer overflows, format string bugs, and information disclosure. The main advantage of hardware support is increased visibility into system state, low overheads for security checks, and, in some cases, compatibility with legacy binaries. Nev...
متن کاملFormatGuard: Automatic Protection From printf Format String Vulnerabilities
In June 2000, a major new class of vulnerabilities called “format bugs” was discovered when an vulnerability in WU-FTP appeared that acted almost like a buffer overflow, but wasn’t. Since then, dozens of format string vulnerabilities have appeared. This paper describes the format bug problem, and presents FormatGuard: our proposed solution. FormatGuard is a small patch to glibc that provides ge...
متن کامل