Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
WCRE
2005
IEEE
2005
IEEE
Enhancing Security Using Legality Assertions
Buffer overflows have been the most common form of security vulnerability in the past decade. A number of techniques have been proposed to address such attacks. Some are limited to protecting the return address on the stack; others are more general, but have undesirable properties such as large overhead and false warnings. The approach described in this paper uses legality assertions, source code assertions inserted before each subscript and pointer dereference that explicitly check that the referencing expression actually specifies a location within the array or object pointed at run time. A transformation system is developed to analyze a program and annotate it with appropriate assertions automatically. This approach detects buffer vulnerabilities in both stack and heap memory as well as potential buffer overflows in library functions. Runtime checking through using automatically inferred assertions considerably enhances the accuracy and efficiency of buffer overflow detection. A nu...
Real-time TrafficApproach Detects Buffer | Buffer Overflow | Potential Buffer Overflows | Reverse Engineering | WCRE 2005 |
Related Content
| Added | 25 Jun 2010 |
| Updated | 25 Jun 2010 |
| Type | Conference |
| Year | 2005 |
| Where | WCRE |
| Authors | Lei Wang, James R. Cordy, Thomas R. Dean |
Comments (0)
Researcher Info
|
