AUTOMATIC BUFFER OVERFLOW DETECTION BASED ON OPERATION SEMANTIC
Buffer overflow is the most dangerous attack method that can be exploited. According to the statistics of CERT (Computer Emergency Readiness Team), buffer overflow accounts for 50% of the current software vulnerabilities, and this ratio is going up. Considering a subset of C language and Mini C, this paper presents an abstract machine model that can realize buffer overflow detection, which is based on operation semantic. Thus, the research on buffer overflow detection can be built on strict descriptions of operation semantic. Not only the correctness can be assured, but also the system can be realized and extended easily.
KeywordsAbstract Machine Buffer Overflow Semantic Point Variable Declaration Source Code Level
Unable to display preview. Download preview PDF.
- 1.C. Cowan, C. Pu, D. Maier, H. Hintony, J. Walpole, P. Bakke, S. Beattie, A. Grier, P. Wagle and Q. Zhang, StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks. Department of Computer Science and Engineering, Oregon Graduate Institute of Science &Technology.Google Scholar
- 2.StackShield technical info file v0.7 Vendicator (January 2001), Available online at http://www.angelfire.com/sk/stackshield.Google Scholar
- 3.J. Viega, J.T. Bloch, T. Kohno and G. McGraw (2000), ITS-4: A Static Vulnerability Scanner for C and C++ Code.Reliable Software Technologies.Google Scholar
- 4.Secure Software Soliutions (September 2001), Rough Auditing Tool for Security, RATS 1.3. Available online at http://www.securesw.com/rats.Google Scholar
- 5.J. Wilander and M. Kamkar (2003), A Comparison of Publicly Available Tools for Dynamic Buffer Overflow Prevention. Department of Computer and Information Science, Linköpings universitet.Google Scholar
- 6.J. Wilander and M. Kamkar (2003), A Comparison of Publicly Available Tools for Static Intrusion Prevention. Department of Computer and Information Science, Linköpings universitet.Google Scholar
- 7.D. Wagner, J.S. Foster, E.A. Brewer and A. Aiken (2000), A First Step Towards Automated Detection of Buffer Overrun Vulnerabilities. University of California, Berkeley.Google Scholar