Detection of Security Vulnerabilities Induced by Integer Errors
PROCEEDINGS OF THE 16TH INTERNATIONAL CONFERENCE ON SOFTWARE TECHNOLOGIES (ICSOFT)(2021)
摘要
Sometimes computing platforms, e.g. storage device, compilers, operating systems used to execute software programs make them misbehave, this type of issues could be exploited by attackers to access sensitive data and compromise the system. This paper presents an automatable approach for detecting such security vulnerabilities due to improper execution environment. Specifically, the advocated approach targets the detection of security vulnerabilities in the software caused by memory overflows such as integer overflow. Based on analysis of the source code and by using a knowledge base gathering common execution platform issues and known restrictions, the paper proposes a framework able to infer the required assertions, without manual code annotations and rewriting, for generating logical formulas that can be used to reveal potential code weaknesses.
更多查看译文
关键词
Security Vulnerability,Memory Errors,Software Analysis,Satisfiability Analysis,Integer Overflow
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络
Chat Paper
正在生成论文摘要