TY - GEN
T1 - CodeAuditor
T2 - International Conference on Management and Service Science, MASS 2009
AU - Lei, Wang
AU - Gui, Chen
AU - Jianan, Wang
AU - Pengchao, Zhao
AU - Qiang, Zhang
PY - 2009
Y1 - 2009
N2 - Open source applications have flourished over recent years. Meanwhile security vulnerabilities in such applications have grown. Since manual code auditing is error-prone, time-consuming and costly, automatic solutions have become necessary. In this paper we address program vulnerabilities by static code analysis. First, we use flow-insensitive and interprocedural constraint-based analysis to extract the vulnerability detection model from the source code. Second, we employ model checking to solve the model. In addition, we do alias analysis to improve the correctness and precision of the detection model. The presented concepts are targeted at the general class of buffer-related vulnerabilities and can be applied to the detection of vulnerability types such as buffer overflow, format string attack, and code injection. CodeAuditor, the prototype implementation of our methods, is targeted at detecting buffer overflow vulnerabilities in C source code. It can be regarded as a vulnerability framework in which a variety of analysis and model checking tools can be incorporated. With this tool, 18 previously unknown vulnerabilities in six open source applications were discovered and the observed false positive rate was at around 23%.
AB - Open source applications have flourished over recent years. Meanwhile security vulnerabilities in such applications have grown. Since manual code auditing is error-prone, time-consuming and costly, automatic solutions have become necessary. In this paper we address program vulnerabilities by static code analysis. First, we use flow-insensitive and interprocedural constraint-based analysis to extract the vulnerability detection model from the source code. Second, we employ model checking to solve the model. In addition, we do alias analysis to improve the correctness and precision of the detection model. The presented concepts are targeted at the general class of buffer-related vulnerabilities and can be applied to the detection of vulnerability types such as buffer overflow, format string attack, and code injection. CodeAuditor, the prototype implementation of our methods, is targeted at detecting buffer overflow vulnerabilities in C source code. It can be regarded as a vulnerability framework in which a variety of analysis and model checking tools can be incorporated. With this tool, 18 previously unknown vulnerabilities in six open source applications were discovered and the observed false positive rate was at around 23%.
UR - https://www.scopus.com/pages/publications/73849086575
U2 - 10.1109/ICMSS.2009.5304255
DO - 10.1109/ICMSS.2009.5304255
M3 - 会议稿件
AN - SCOPUS:73849086575
SN - 9781424446391
T3 - Proceedings - International Conference on Management and Service Science, MASS 2009
BT - Proceedings - International Conference on Management and Service Science, MASS 2009
Y2 - 20 September 2009 through 22 September 2009
ER -