• 中国精品科技期刊
  • CCF推荐A类中文期刊
  • 计算领域高质量科技期刊T1类
Advanced Search
Wang Lei, Chen Gui, and Jin Maozhong. Detection of Code Vulnerabilities via Constraint-Based Analysis and Model Checking[J]. Journal of Computer Research and Development, 2011, 48(9): 1659-1666.
Citation: Wang Lei, Chen Gui, and Jin Maozhong. Detection of Code Vulnerabilities via Constraint-Based Analysis and Model Checking[J]. Journal of Computer Research and Development, 2011, 48(9): 1659-1666.

Detection of Code Vulnerabilities via Constraint-Based Analysis and Model Checking

More Information
  • Published Date: September 14, 2011
  • Compared with traditional program analysis, model checking is preponderant in improving the precision of vulnerabilities detection. However, it is hard to directly apply model checking to detect buffer overflow, code injection and other security vulnerabilities. To address this problem, an approach that combines the constraint-based analysis and the model checking together to detect vulnerabilities automatically is proposed in this paper. At first we trace the information of the buffer-related variables in source code by the constraint-based analysis, and instrument the code with corresponding attribute transfer and constraint assertions of the buffers before the potential vulnerable points that are related to the buffers. And then the problem of detecting vulnerabilities is converted into the problem of verifying the reachability of these constraint assertions. Model checking is used to verify the reachability of the security vulnerabilities. In addition, we introduce program slicing to reduce the code size in order to reduce the state space of model checking. CodeAuditor is the prototype implementation of our methods. With this tool, 18 previously unknown vulnerabilities in six open source applications are discovered and the observed false positive rate is at around 23%. The result of minicom’s slicing shows that the performance of detection is improved.
  • Related Articles

    [1]Tan Tian, Ma Xiaoxing, Xu Chang, Ma Chunyan, Li Yue. Survey on Java Pointer Analysis[J]. Journal of Computer Research and Development, 2023, 60(2): 274-293. DOI: 10.7544/issn1000-1239.202220901
    [2]Wang Mingzhe, Jiang Yu, Sun Jiaguang. Static Instrumentation Techniques in Fuzzing Testing[J]. Journal of Computer Research and Development, 2023, 60(2): 262-273. DOI: 10.7544/issn1000-1239.202220883
    [3]Zhang Lei, Yang Zhemin, Li Mingqi, Yang Min. TipTracer: Detecting Android Application Vulnerabilities Based on the Compliance with Security Guidance[J]. Journal of Computer Research and Development, 2019, 56(11): 2315-2329. DOI: 10.7544/issn1000-1239.2019.20190348
    [4]Wang Lei, He Dongjie, Li Lian, Feng Xiaobing. Sparse Framework Based Static Taint Analysis Optimization[J]. Journal of Computer Research and Development, 2019, 56(3): 480-495. DOI: 10.7544/issn1000-1239.2019.20180071
    [5]Su Ning, Guo Junxia, Li Zheng, Zhao Ruilian. EFSM Amorphous Slicing Based Test Case Generation[J]. Journal of Computer Research and Development, 2017, 54(3): 669-680. DOI: 10.7544/issn1000-1239.2017.20151053
    [6]Ju Xiaolin, Jiang Shujuan, Chen Xiang, Zhang Yanmei, Shao Haoran. Factor Analysis of Influence for Fault Localization Framework Based on Slice Spectrum[J]. Journal of Computer Research and Development, 2014, 51(12): 2772-2787. DOI: 10.7544/issn1000-1239.2014.20131522
    [7]Wang Yawen, Yao Xinhong, Gong Yunzhan, Yang Zhaohong. A Method of Buffer Overflow Detection Based on Static Code Analysis[J]. Journal of Computer Research and Development, 2012, 49(4): 839-845.
    [8]Han Wei, He Yeping. Static Analysis of TOCTTOU Vulnerabilities in Unix-Style File System[J]. Journal of Computer Research and Development, 2011, 48(8): 1430-1437.
    [9]Ye Pengfei, Peng Xin, and Zhao Wenyun. Recovering the Use Case from Object-Oriented Programs by Static Analysis[J]. Journal of Computer Research and Development, 2010, 47(12).
    [10]Bian Xiaofeng, Zhou Xuehai. Study on Modeling MIPS Processors for Static WCET Analysis[J]. Journal of Computer Research and Development, 2006, 43(10): 1828-1834.

Catalog

    Article views (902) PDF downloads (682) Cited by()

    /

    DownLoad:  Full-Size Img  PowerPoint
    Return
    Return