Finding Security Vulnerabilities Before Evil Doers Do
Abstract:
Most security attacks exploit instances of well-known classes of implementation flaws. Many of these flaws could be detected and eliminated before software is deployed. This paper describes open source tools that programmers can use to identify likely security vulnerabilities in programs before they are released. An analysis of any vulnerability database quickly reveals that most software vulnerabilities are not the result of clever attackers discovering new classes of software flaws. Instead, the vast preponderance of vulnerabilities stem from repeti-tive instances of well-known problems. An analysis of entries in the Common Vulnerabilities and Exposures database found that found that 29 % of reported vulnerabilities involved buffer overflows or string format flaws [EL02]. Wagner et. al., found that buffer overflow vulnerabilities account for approximately 50 % of CERT advisories [WFBA00]. Even conscientious programmers can overlook security issues, especially when
Citations
| 224 | A First Step towards Automated Detection of Buffer Overrun Vulnerabilities – Wagner, Foster, et al. - 2000 |
| 136 | Static detection of dynamic memory errors – Evans - 1996 |
| 106 | Statically detecting likely buffer overflow vulnerabilities – Larochelle, Evans - 2001 |
| 84 | Improving Security Using Extensible Lightweight Static Analysis – Evans, Larochelle - 2002 |
| 15 | Yang Meng Tan, “LCLint: a tool for using specifications to check code – Evans, Guttag, et al. - 1994 |
| 2 | Navjot Singh and Timothy Tsai. Transparent Run-Time Defense Against Stack-Smashing Attacks – Baratloo - 2000 |
