Sciweavers

Share
COMPSAC
2008
IEEE

Mutation-Based Testing of Buffer Overflow Vulnerabilities

8 years 10 months ago
Mutation-Based Testing of Buffer Overflow Vulnerabilities
Buffer overflow (BOF) is one of the major vulnerabilities that leads to non-secure software. Testing an implementation for BOF vulnerabilities is challenging as the underlying reasons of buffer overflow vary widely. Moreover, the existing vulnerability testing approaches do not address the issue of generating adequate test data sets for testing BOF vulnerabilities. In this work, we apply the idea of mutation-based testing technique to generate adequate test data set for BOF vulnerabilities. Our work addresses those BOF vulnerabilities, which are related to an implementation language and its associated libraries. We apply the concept for ANSI C language and its associated libraries. We propose 12 mutation operators to force the generation of adequate test data set for BOF vulnerabilities. The proposed operators are validated by using four open source programs. The results indicate that the proposed operators are effective for testing BOF vulnerabilities.
Hossain Shahriar, Mohammad Zulkernine
Added 29 May 2010
Updated 29 May 2010
Type Conference
Year 2008
Where COMPSAC
Authors Hossain Shahriar, Mohammad Zulkernine
Comments (0)
books