D. Wagner, J. Foster, E. Brewer, and A. Aiken. A First Step Towards Automated Detection of Bu#er Overrun Vulnerabilities. In Proceedings of the Network and Distributed Systems Security Symposium, Feb. 2000.  Home/Search   Document Not in Database   Summary   Related Articles   Check

....According to the results of our experiments, the process cleaning can be implemented with acceptable performance overheads. 1 Introduction Internet servers, such as web servers and mail servers, are always in danger of attacks by crackers. Their typical attack is the bu#er overflow attack [19], which injects malicious code into a server and obtains full control of the server, that is, hijacks it. Another attack is to abuse a server plug in or a Common Gateway Interface (CGI) program, which can maliciously hijack a server [2] Once a server is hijacked, the cracker can use the server ....

D. Wagner, J. Foster, E. Brewer, and A. Aiken. A First Step Towards Automated Detection of Bu#er Overrun Vulnerabilities. In Proceedings of the Network and Distributed Systems Security Symposium, Feb. 2000.

....for a number of bugs like invalid indices in array accesses and memory leaks. This allows it to detect error when it happens at run time. However, it is the programmer s responsibility to run the executable with di#erent inputs so as to exercise every possible program path. A di#erent approach [30] to find a more limited class of bugs (bu#er overruns) is to formulate the bu#er overrun problem as a integer constraints problem and statically check for constraint satisfaction. A limitation of this approach is that it can flag false positives as well as false negatives. 5. OUR APPROACH ....

D. Wagner, J. S. Foster, E. A. Brewer, and A. Aiken. A First Step Towards Automated Detection of Bu#er Overrun Vulnerabilities . In Network and Distributed System Security Symposium, 2000.

....skew was especially true for the errors found by the Param checker that mostly resided in the System 4 compatibility layer, which sees limited use. The checkers found significantly fewer errors in the rest of the kernel. 8 Related Work Numerous projects have used static analysis to find errors [1, 4, 11, 25]. While these indirectly contrast di#erent code bases, they primarily focus on the machinery and methods used to find the errors. In contrast, we assume some way of automatically getting errors and concentrate on the errors themselves. System reliability studies have focused on: 1) in ....

D. Wagner, J. Foster, E. Brewer, and A. Aiken. A First Step Towards Automated Detection of Bu#er Overrun Vulnerabilities. In The 2000 Network and Distributed Systems Security Conference. San Diego, CA, February 2000.

....There have also been a number of e#orts to address the problem of identifying errors in C programs due to out of bounds array indexes and misuses of type casts based on the use of static analysis. Work on static analysis that can be applied to checking for out of bounds array accesses includes [12 16]. Algorithms for points to analysis that distinguish among fields of structures [17, 18] and for so called physical type checking [19] can also be used to perform static safety checks. However, most of the work based on static analysis cited above has used flow insensitive techniques, which is ....

D. Wagner, J.S. Foster, E.A. Brewer, and A. Aiken. A first step towards automated detection of bu#er overrun vulnerabilities. In Symposium on Network and Distributed Systems Security (NDSS '00), pages 3--17, San Diego, CA, February 2000.

....There have also been a number of e#orts to address the problem of identifying errors in C programs due to out of bounds array indexes and misuses of type casts based on the use of static analysis. Work on static analysis that can be applied to checking for out of bounds array accesses includes [7, 22, 15, 3, 23]. The idea of applying alternative type systems to C has been investigated by a number of groups, including [8, 18, 13, 17] most of this work has discussed how to apply parametric polymorphism to C. Algorithms for points to analysis that distinguish among fields of structures [21, 25] and for ....

D. Wagner, J.S. Foster, E.A. Brewer, and A. Aiken. A first step towards automated detection of bu#er overrun vulnerabilities. In Symposium on Network and Distributed Systems Security (NDSS '00), pages 3--17, San Diego, CA, February 2000.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC