Abstract
Verifying string manipulating programs is a crucial problem in computer security. String operations are used extensively within web applications to manipulate user input, and their erroneous use is the most common cause of security vulnerabilities in web applications. Unfortunately, verifying string manipulating programs is an undecidable problem in general and any approximate string analysis technique has an inherent tension between efficiency and precision. In this Chapter we present a set of sound abstractions for strings and string operations that allow for both efficient and precise verification of string manipulating programs. Particularly, we are able to verify properties that involve implicit relations among string variables. We first describe an abstraction called regular abstraction which enables us to perform string analysis using multi-track automata as a symbolic representation. We then introduce two other abstractions—alphabet abstraction and relation abstraction—that can be used in combination to tune the analysis precision and efficiency. We show that the relation and alphabet abstractions can be composed with the regular abstraction (and with each other) to obtain a family of abstractions. In fact, these abstractions form an abstraction lattice that generalizes the string analysis techniques studied previously in isolation, such as size analysis or non-relational string analysis.
References
Davide Balzarotti, Marco Cova, Vika Felmetsger, Nenad Jovanovic, Engin Kirda, Christopher Kruegel, and Giovanni Vigna. Saner: Composing static and dynamic analysis to validate sanitization in web applications. In Proceedings of the 2008 IEEE Symposium on Security and Privacy, SP ’08, pages 387–401, Washington, DC, USA, 2008. IEEE Computer Society.
Constantinos Bartzis and Tevfik Bultan. Widening arithmetic automata. In R. Alur and D. Peled, editors, Proceedings of the 16th International Conference on Computer Aided Verification (CAV 2004), volume 3114 of Lecture Notes in Computer Science, pages 321–333. Springer-Verlag, July 2004.
Nurit Dor, Michael Rodeh, and Mooly Sagiv. Cssv: towards a realistic tool for statically detecting all buffer overflows in c. SIGPLAN Not., 38(5):155–167, 2003.
David Wagner, Jeffrey S. Foster, Eric A. Brewer, and Alexander Aiken. A first step towards automated detection of buffer overrun vulnerabilities. In Proc. of the Network and Distributed System Security Symposium, pages 3–17, 2000.
Fang Yu, Muath Alkhalaf, and Tevfik Bultan. Generating vulnerability signatures for string manipulating programs using automata-based forward and backward symbolic analyses. In ASE, 2009.
Fang Yu, Tevfik Bultan, Marco Cova, and Oscar H. Ibarra. Symbolic string verification: An automata-based approach. In 15th International SPIN Workshop on Model Checking Software (SPIN), pages 306–324, 2008.
Fang Yu, Tevfik Bultan, and Oscar H. Ibarra. Relational string verification using multi-track automata. In CIAA, pages 290–299, 2010.
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this chapter
Cite this chapter
Bultan, T., Yu, F., Alkhalaf, M., Aydin, A. (2017). Abstraction and Approximation. In: String Analysis for Software Verification and Security. Springer, Cham. https://doi.org/10.1007/978-3-319-68670-7_6
Download citation
DOI: https://doi.org/10.1007/978-3-319-68670-7_6
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-68668-4
Online ISBN: 978-3-319-68670-7
eBook Packages: Computer ScienceComputer Science (R0)