David Wagner, Jeffrey S. Foster, Eric A. Brewer, Alexander Aiken  Home/Search
Context Related
| isoc.org/ndss2000/proceedings...039.pdf Cached: PS.gz PS PDF This document uses CoBlitz to cache paper downloads. If your firewall is blocking outgoing connections to port 3125, you can use these links to download local copies.
Image Update HelpPS.gz PS PDF From: isoc.org/ndss2000/proceedings/ (more) (Enter author homepages) |
Rate this article:      (best)Comment on this article |
Abstract: We describe a new technique for finding potential buffer overrun vulnerabilities in security-critical C code. The key to success is to use static analysis: we formulate detection of buffer overruns as an integer range analysis problem. One major advantage of static analysis is that security bugs can be eliminated before code is deployed. We have implemented our design and used our prototype to find new remotely-exploitable vulnerabilities in a large, widely deployed software package. An earlier ... (Update)
Cited by: More
A Next-Generation Platform for Analyzing Executables - Reps Balakrishnan Lim (Correct)
Intermediate-Representation Recovery from Low-Level Code - Thomas Reps Gogul (Correct)
WYSINWYX: What You See Is Not What You eXecute - Balakrishnan Reps Melski (Correct)
Similar documents (at the sentence level):
31.0%: Static Analysis and Computer Security: . . . - Wagner (2000) (Correct)
Active bibliography (related documents): More All
5.3: A First Step Towards Automated Detection of Buffer.. - Wagner, Foster.. (2000) (Correct)
0.3: A Framework To Analyse Synchronous Data-Flow Specifications - Nebut, al. (2001) (Correct)
0.3: Formal Language, Grammar and Set-Constraint-Based Program.. - Cousot, Cousot (1995) (Correct)
Similar documents based on text: More All
0.5: Improving Security Using Extensible Lightweight Static Analysis - Evans, Larochelle (2002) (Correct)
0.4: Analyzing Programs for Vulnerability to Buffer Overrun Attacks - Ghosh, O'Connor (1998) (Correct)
0.4: Analyzing String Buffers in C - Simon, King (2002) (Correct)
Related documents from co-citation: More All
26: Stackguard: Automatic adaptive detection and prevention of buffer-overflow attac.. - Cowan, Pu et al. - 1998
18: Statically Detecting Likely Buffer Overflow Vulnerabilities - Larochelle, Evans - 2001
17: CCured: Type-safe retrofitting of legacy code - Necula, McPeak et al. - 2002
BibTeX entry: (Update)
D. Wagner, J. Foster, E. Brewer, and A. Aiken. A first step towards automated detection of buffer overrun vulnerabilities. In Network and Distributed System Security Symposium, San Diego, CA, February 2000. http://citeseer.ist.psu.edu/wagner00first.html More
@@inproceedings{ wagnerfirst,
author = "David Wagner and Jeffrey S. {Foster} and Eric A. Brewer and Alexander Aiken",
title = "A First Step towards Automated Detection of Buffer Overrun Vulnerabilities",
booktitle ="Network and Distributed System Security Symposium",
address = "San Diego, CA",
pages = "3--17",
month ="February",
year="2000",
url = "citeseer.ist.psu.edu/wagner00first.html",
url = "citeseer.nj.nec.com/wagner00first.html" }
Citations (may not include all citations):299 Dependence analysis for supercomputing (context) - Banerjee - 1988
250 Automatic Discovery of Linear Restraints among Variables of .. - Cousot, Halbwachs - 1978
197 Dependent Types in Practical Programming - Xi, Pfenning
152 An Efficient Method of Computing Static Single Assignment Fo.. (context) - Cytron, Ferrante et al.
142 Constraint propagation with interval labels (context) - Davis - 1987
141 StackGuard: Automatic Adaptive Detection and Prevention of B.. - Cowan, Pu et al. - 1998
137 The Design and Implementation of a Certifying Compiler - Necula, Lee
110 Eliminating array bound checking through dependent types - Xi, Pfenning
97 Consistency techniques for numeric CSPs (context) - Lhomme - 1993
88 Static detection of dynamic memory errors - Evans
84 Efficient and Exact Data Dependence Analysis (context) - Maydan, Hennessy et al.
75 Verification of linear hybrid systems by means of convex app.. - Halbwachs, Proy et al. - 1994
72 Putting pointer analysis to work - Ghiya, Hendren
66 Eliminating false data dependences using the Omega test (context) - Pugh, Wonnacott
63 LCLint: a tool for using specifications to check code - Evans, Guttag et al. - 1994
59 Compiler analysis of the value ranges for variables (context) - Harrison - 1977
55 Abstract debugging of higher-order imperative languages (context) - Bourdoncle
54 Static determination of dynamic properties of programs (context) - Cousot, Cousot - 1976
53 Constraint reasoning based on interval arithmetic: the toler.. (context) - Hyvonen - 1992
53 Deciding linear inequalities by computing loop residues (context) - Shostak - 1981
51 Extended Static Checking - Detlefs, Leino et al. - 1998
49 An empirical study of the reliability of Unix utilities - Miller, Fredricksen et al. - 1990
49 Type-Based Alias Analysis - Diwan, McKinley et al.
45 Efficient Detection of All Pointer and Array Access Errors - Austin, Breach et al.
43 the SUP-INF method for proving Presburger formulas (context) - Shostak - 1977
43 Fuzz revisited: a re-examination of the reliability of Unix .. - Miller, Koski et al. - 1995
42 Verification of real-time systems using linear relation anal.. - Halbwachs, Proy et al. - 1997
41 Implementation of array bound checker (context) - Sosuki, Ishihata
40 Optimizing array bound checks using flow analysis - Gupta - 1993
40 A portable machine-independent global optimizer---Design and.. (context) - Chow - 1983
39 Accurate Static Branch Prediction by Value Range Propagation - Patterson
39 The effects of precision of pointer analysis - Shapiro, Horwitz
32 A toolkit for constructing type- and constraint-based progra.. - Aiken, Fahndrich et al. - 1998
32 Optimization of range checking (context) - Markstein, Cocke et al. - 1982
32 Simple and fast algorithms for linear and integer programs w.. (context) - Hochbaum, Naor - 1994
26 Two easy theories whose combination is hard - Pratt - 1977
22 Constraint satisfaction using constraint logic programming - Van Hentenryck, Simonis et al. - 1992
19 Series in Discrete Mathematics (context) - Schrijver, linear et al. - 1986
18 Improved algorithms for linear inequalities with two variabl.. (context) - Cohen, Megiddo - 1994
17 An automated approach for identifying potential vulnerabilit.. - Ghosh, O'Connor et al. - 1998
16 Generalized constant propagation: A study in C - Verbrugge, Co et al. - 1996
13 Lint, a C program checker - Johnson - 1978
13 The SUP-INF method in Presburger arithmetic (context) - Bledsoe - 1974
12 Linear programming with two variables per inequality in poly.. - Lueker, Megiddo et al. - 1990
9 Automatic testing of reactive systems - Raymond, Nicollin et al. - 1998
5 Bounds Checking for C (context) - Jones, Kelly
4 Abstract interpretation of constraint logic programs using c.. (context) - Handjieva - 1996
3 Set constraints: results, applications, and future direction.. - Aiken
3 Set based analysis and arithmetic (context) - Heintze
2 Incomplete list of Unix vulnerabilities (context) - Helmer
2 The Frame Pointer Overwrite (context) - Magazine - 1999
2 strlcpy and strlcat---Consistent, Safe, String Copy and Conc.. (context) - Miller, de Raadt
2 STAN: A static analyzer for CLP(R) based on abstract interpr.. - Handjieva
2 The poisoned NUL byte (context) - Kirch - 1998
The graph only includes citing articles where the year of publication is known.
Documents on the same site (http://www.isoc.org/ndss2000/proceedings/): More
User-Level Infrastructure for System Call Interposition: A.. - Jain, Sekar (2000) (Correct)
Accountability and Control of Process Creation in.. - Humphrey, Knabe.. (2000) (Correct)
An IPSec-based Host Architecture for Secure Internet.. - Canetti, Cheng.. (2000) (Correct)
Online articles have much greater impact More about CiteSeer.IST Add search form to your site Submit documents Feedback
CiteSeer.IST - Copyright Penn State and NEC