Detecting Integer Overflow Vulnerabilities in Binary Executables Based on Target Filtering and Dynamic Taint Tracing

The number of identified integer overflow vulnerabilities has been increasing rapidly in recent years. In this paper, a smart software vulnerability detection technology is presented, which is used for the identifica- tion of integer overflow vulnerabilities in binary executa- bles. The proposed alg...

Full description

Saved in:
Bibliographic Details
Published in:电子学报:英文版 2014-04, Vol.23 (2), p.348-352
Main Author: CUI Baojiang LIANG Xiaobing ZHAO Bing ZHAI Feng WANG Jianxin
Format: Article
Language:English
Subjects:
二进制
可执行文件
整数
污点
测试用例生成
溢出漏洞
滤波
跟踪检测
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:The number of identified integer overflow vulnerabilities has been increasing rapidly in recent years. In this paper, a smart software vulnerability detection technology is presented, which is used for the identifica- tion of integer overflow vulnerabilities in binary executa- bles. The proposed algorithm is combined with Target fil- tering and dynamic taint tracing (TFDTT). Dynamic taint tracing is used to reduce the mutation space and target fil- tering function is used to filter test cases during the process of test case generation. Theory analysis indicates that the efficiency of TFDTT is higher than NonTF-DTT and ran- dom Fuzzing technology. And the experiment results in- dicate that the detection technology based upon TFDTT can identify the possible integer vulnerabilities in binary program, meanwhile, it is more efficiency than other two technologies.
ISSN:1022-4653