Eric Haugh, Matt Bishop  Home/Search
Context
Related
| ucdavis.edu/papers...hBishopNDSS2003.ps Cached: PS.gz PS PDF This document uses CoBlitz to cache paper downloads. If your firewall is blocking outgoing connections to port 3125, you can use these links to download local copies.
Image Update HelpPS.gz PS PDF From: ucdavis.edu/papers2 (more) (Enter author homepages) |
Rate this article:      (best)Comment on this article |
Abstract: Security vulnerabilities often result from buffer overflows. A testing technique that instruments programs with code that keeps track of memory buffers, and checks arguments to functions to determine if they satisfy certain conditions, warns when a buffer overflow may occur. It does so when executed with "normal" test data as opposed to test data designed to trigger buffer overflows. A tool using this method was developed and evaluated by testing three widely used, open source software... (Update)
Similar documents (at the sentence level):
14.4%: Testing C Programs for Buffer Overflow Vulnerabilities - Haugh (2002) (Correct)
Active bibliography (related documents): More All
0.5: Property-Based Testing - Finklang (1997) (Correct)
0.5: Appendix A TASPEC Grammar - The Grammar Is (Correct)
0.4: A Practical Dynamic Buffer Overflow Detector - Olatunji Ruwase Transmeta (2004) (Correct)
Similar documents based on text: More All
0.9: Statically Detecting Likely Buffer Overflow Vulnerabilities - Larochelle, Evans (2001) (Correct)
0.8: Libsafe: Protecting Critical Elements of Stacks - Tsai, Singh (2001) (Correct)
0.7: StackGuard: Automatic Adaptive Detection and Prevention of.. - Cowan (1998) (Correct)
BibTeX entry: (Update)
@misc{ haugh-testing,
author = "Eric Haugh and Matt Bishop",
title = "Testing C Programs for Buffer Overflow Vulnerabilities",
url = "citeseer.ist.psu.edu/573796.html" }
Citations (may not include all citations):98 Purify: Fast detection of memory leaks and access errors (context) - Hastings, Joyce - 1992
72 A first step towards automated detection of buffer overrun v.. - Wagner, Foster et al. - 2000
49 Empirical study of the reliability of unix utilities - Miller, Fredricksen et al. - 1990
35 Statically detecting likely buffer overflow vulnerabilities - Larochelle, Evans - 2001
29 Buffer overflows: Attacks and defenses for the vulnerability.. (context) - Cowan, Wagle et al. - 1999
27 Cleanness checking of string manipulations in c programs via.. - Dor, Rodeh et al. - 2001
26 Using aspectc to improve the modularity of path-specific cus.. - Coady, Kiczales et al. - 2001
22 With microscope and tweezers: An analysis of the internet vi.. - Eichin, Rochlis - 1988
22 Building Secure Software (context) - Viega, McGraw - 2002
20 Its4: A static vulnerability scanner for c and c++ code (context) - Viega, Bloch et al. - 2000
17 An automated approach for identifying potential vulnerabilit.. - Ghosh, O'Connor et al. - 1998
12 Personal communication (context) - Wagner - 2002
11 Property based testing: A new approach to testing for assura.. - Fink, Bishop - 1997
6 string copy and concatenation (context) - Miller, de Raadt et al. - 1999
5 advisory ca (context) - center
5 advisory ca (context) - center
5 Toward a property-based testing environment with application.. - Fink, Ko et al. - 1994
4 programs for buffer overflow vulnerabilities (context) - Haugh - 2002
3 An interface language between specifications and testing - Fink, Helmke et al. - 1995
2 post to the bugtraq mailing list (context) - Kirch, nul - 1998
1 single-byte buffer overflow vulnerability in ftpd (context) - developers - 2000
http://www.kb.cert.org/vuls/id/363715
http://www.securesw.com/rats/
http://online.securityfocus.com/archive/1/265370
Documents on the same site (http://seclab.cs.ucdavis.edu/papers2.html): More
Encryption-Scheme Security in the Presence of.. - Black, Rogaway, Shrimpton (2002) (Correct)
A Requires/Provides Model for Computer Attacks - Templeton, Levitt (2000) (Correct)
A Software-Optimized Encryption Algorithm - Rogaway, Coppersmith (1997) (Correct)
Online articles have much greater impact More about CiteSeer.IST Add search form to your site Submit documents Feedback
CiteSeer.IST - Copyright Penn State and NEC