Abstract
Traditional static analysis methods for binary software vulnerability detection are used only to make use of a single aspect of the target software, so it is difficult to obtain the hidden global properties and relationships which leads to low detection accuracy and high rate of false positives. To improve the effectiveness of the binary software static vulnerability detection, this paper proposes a fusion method for binary software vulnerability detection which first represents the binary software as a single property graph and then the vulnerability is modeled and detected based on this property graph. Because property graph includes integrated information such as the relations between function calls, control flow, data flow relationship and so on, researchers can model vulnerability more easily and accurately. It can detect unknown vulnerabilities accurately and effi-ciently. The experiments of prototype system show that this method can effectively detect Return-Value-Unchecked Vulnerability in binary software.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Delaitre, A., Stivalet, B., Fong, E., et al.: Evaluating bug finders–test and measurement of static code analyzers. In: ACM 1st International Workshop on Complex Faults and Failures in Large Software Systems, pp. 14–20. IEEE (2015)
Song, D., Brumley, D., Yin, H., Caballero, J., Jager, I., Kang, M.G., Liang, Z., Newsome, J., Poosankam, P., Saxena, P.: BitBlaze: A new approach to computer security via binary analysis. In: Sekar, R., Pujari, Arun, K. (eds.) ICISS 2008. LNCS, vol. 5352, pp. 1–25. Springer, Heidelberg (2008). doi:10.1007/978-3-540-89862-7_1
Brumley, D., Jager, I., Avgerinos, T., Schwartz, Edward, J.: BAP: A binary analysis platform. In: Gopalakrishnan, G., Qadeer, S. (eds.) CAV 2011. LNCS, vol. 6806, pp. 463–469. Springer, Heidelberg (2011). doi:10.1007/978-3-642-22110-1_37
Nethercote, N., Seward, J.: Valgrind: a framework for heavyweight dynamic binary instrumentation. ACM SIGPLAN Not. 42(6), 89–100 (2007)
Dullien, T., Porst, S.: REIL: A platform-independent intermediate representation of disassembled code for static code analysis. In: Proceeding of CanSecWest (2009)
Rice, H.G.: Classes of recursively enumerable sets and their decision problems. Trans. Am. Math. Soc. 74(2), 358–366 (1953)
NVD. http://nvd.nist.gov/
Zhang, B., Wu, B., Feng, C., et al.: Statically detect invalid pointer dereference vulnerabilities in binary software. In: 2015 IEEE International Conference on Progress in Informatics and Computing (PIC), pp. 390–394. IEEE (2015)
IDA pro. https://www.hex-rays.com
Quynh, N.A.: Capstone: Next-gen disassembly framework. Black Hat USA (2014)
Tesoriero, C.: Getting Started with OrientDB. Packt Publishing Ltd., Birmingham (2013)
Yamaguchi, F.: Pattern-Based Vulnerability Discovery. Ph.D. thesis, Georg-August-University Göttingen (2015)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Kun, H., Bo, W., Dan, X. (2017). A Return-Value-Unchecked Vulnerability Detection Method Based on Property Graph. In: Xhafa, F., Patnaik, S., Yu, Z. (eds) Recent Developments in Intelligent Systems and Interactive Applications. IISA 2016. Advances in Intelligent Systems and Computing, vol 541. Springer, Cham. https://doi.org/10.1007/978-3-319-49568-2_17
Download citation
DOI: https://doi.org/10.1007/978-3-319-49568-2_17
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-49567-5
Online ISBN: 978-3-319-49568-2
eBook Packages: EngineeringEngineering (R0)