A Method for Computer Software Security Detection

Yong Cheng; Ling Yang; Wen Jia Jin; Wen Zhong Yang; Wei Wang; Feng Wang; Yong Zhou

doi:10.4028/www.scientific.net/AMR.403-408.2981

Paper Titles

A Flexible Facial Feature Replacement System
p.2958

Research on Rotary and Tilting Table Five-Axis Milling Post-Processing Software Star-Fpost
p.2962

The Study on Environment Simulation System of Lunar Rover Experiment
p.2967

Energy Operator Demodulation Method and Its Application in Gears Fault Diagnosis
p.2972

A Method for Computer Software Security Detection
p.2981

Research on Biological Performance of Partially Oxidized Calcium Alginate Gel
p.2985

The Plagiarism Detection for Scientific Paper in Word 2007
p.2989

The Quasi One-Time Pad Encryption Communication Based on Quantum Key Distribution
p.2993

The Design of Information Platform Structure Used in Expressway Management Based on SOA Frame
p.2997

HomeAdvanced Materials ResearchAdvanced Materials Research Vols. 403-408A Method for Computer Software Security Detection

A Method for Computer Software Security Detection

Abstract:

This paper proposed a method and a prototype using static analysis to detect security of computer software. There are many buffer overflow vulnerabilities in released software. It uses the static object code analysis technology to detect buffer overflow, and analysis some unsafe function to determine whether the software has some default. It compares the different results of the proposed tool and traditional buffer overflow detecting tools, the false alarm rate is less than others, false negative rate is same as others.

You might also be interested in these eBooks

View Preview

Info:

Periodical:

Advanced Materials Research (Volumes 403-408)

Pages:

2981-2984

DOI:

https://doi.org/10.4028/www.scientific.net/AMR.403-408.2981

Citation:

Cite this paper

Online since:

November 2011

Authors:

Yong Cheng, Ling Yang, Wen Jia Jin, Wen Zhong Yang, Wei Wang, Feng Wang, Yong Zhou

Keywords:

Buffer Overflow Detection, Object Code, Static Analysis, Unsafe Function

Export:

RIS, BibTeX

Price:

Permissions CCC:

Request Permissions

Permissions PLS:

Request Permissions

Сopyright:

Citation:

References

[1] Aishwarya Iyer, Lorie M. Liebrock. Vulnerability Scanning for Buffer Overflow, Proceedings of the International Conference on Information Technology: Coding and Computing (ITCC'04), Las Vegas, Nevada, USA. p.116~117. (2004).

DOI: 10.1109/itcc.2004.1286600

Google Scholar

[2] Ying-Dar Lin, Fan-Cheng Wu, Tze-Yau Huang, et al. Embedded TaintTracker: Lightweight Tracking of Taint Data against Buffer Overflow Attacks, 2010 IEEE International Conference on Communications (ICC), Cape Town, South Africa, p.1~5. (2010).

DOI: 10.1109/icc.2010.5501974

Google Scholar

[3] Eric Haugh, Matt Bishop. Testing C Programs for Buffer Overflow Vulnerabilities. in: M. Tripunitara ed. Proceedings of the 10th Network and Distributed System Security Symposium. San Diego, California, USA. p.361~368. ( 2003).

Google Scholar

[4] C. Cowan, P. Wagle, C. Pu et al. Buffer overflow: Attacks and defenses for the vulnerability of the decade. DARPA Information Survivability. 16(7). p.119~129. (2000).

DOI: 10.1109/discex.2000.821514

Google Scholar