Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
SIGSOFT
2008
ACM
2008
ACM
Marple: a demand-driven path-sensitive buffer overflow detector
Despite increasing efforts in detecting and managing software security vulnerabilities, the number of security attacks is still rising every year. As software becomes more complex, security vulnerabilities are more easily introduced into a system and more difficult to eliminate. Even though buffer overflow detection has been studied for more than 20 years, it is still the most commonly exploited vulnerability. In this paper, we develop a static analyzer for detecting and helping diagnose buffer overflows with the key idea of categorizing program paths as they relate to vulnerability. We combine path-sensitivity with a demand-driven analysis for precision and scalability. We first develop a vulnerability model for buffer overflow and then use the model in the development of the demand-driven path-sensitive analyzer. We detect and identify categories of paths including infeasible, safe, vulnerable, overflow-input-independent and don't-know. The categorization enables priorities to ...
Real-time TrafficBuffer Overflow Detection | Buffer Overflows | Marple Scales | SIGSOFT 2008 | Software Engineering |
| Added | 20 Nov 2009 |
| Updated | 20 Nov 2009 |
| Type | Conference |
| Year | 2008 |
| Where | SIGSOFT |
| Authors | Wei Le, Mary Lou Soffa |
Comments (0)
Researcher Info
|
