A methodology for the automated identification of buffer overflow vulnerabilities in executable software without source-code

Authors:
João Durães;Henrique Madeira
Affiliations:
ISEC/CISUC, Polytechnic Institute of Coimbra, Coimbra, Portugal;DEI/CISUC, University of Coimbra, Coimbra, Portugal
Venue:
LADC'05 Proceedings of the Second Latin-American conference on Dependable Computing
Year:
2005

Citing 11
Cited 0

The Cathedral and the Bazaar

The Cathedral and the Bazaar
Building dependable COTS microkernel-based systems using MAFALDA

PRDC '00 Proceedings of the 2000 Pacific Rim International Symposium on Dependable Computing
Comparing Operating Systems Using Robustness Benchmarks

SRDS '97 Proceedings of the 16th Symposium on Reliable Distributed Systems
Emulation of Software Faults by Educated Mutations at Machine-Code Level

ISSRE '02 Proceedings of the 13th International Symposium on Software Reliability Engineering
RAD: A Compile-Time Solution to Buffer Overflow Attacks

ICDCS '01 Proceedings of the The 21st International Conference on Distributed Computing Systems
Statically detecting likely buffer overflow vulnerabilities

SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Static analysis of executables to detect malicious patterns

SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
StackGuard: automatic adaptive detection and prevention of buffer-overflow attacks

SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
Transparent run-time defense against stack smashing attacks

ATEC '00 Proceedings of the annual conference on USENIX Annual Technical Conference
Towards availability benchmarks: a case study of software raid systems

ATEC '00 Proceedings of the annual conference on USENIX Annual Technical Conference
A dependability benchmark for OLTP application environments

VLDB '03 Proceedings of the 29th international conference on Very large data bases - Volume 29

Quantified Score

Hi-index	0.00

Visualization

Abstract

This paper presents a methodology for the automated detection of buffer overflow vulnerabilities in executable software. Buffer overflow exploitation has been used by hackers to breach security or simply to crash computer systems. The mere presence inside the software code of a vulnerability that allows for buffer overflow exploitations presents a serious risk. So far, all methodologies devised to mitigate this problem assume source code availability or prior knowledge on vulnerable functions. Our methodology removes this dependency and allows the analysis of executable code without any knowledge about its internal structure. This independence is fundamental for relevant scenarios such as COTS selection during system integration (for which source code is usually not available), and the definition of attackloads for dependability benchmarking.