首页> 美国政府科技报告 >Buffer Overrun Detection Using Linear Programming and Static Analysis

【24h】

Buffer Overrun Detection Using Linear Programming and Static Analysis

机译：使用线性编程和静态分析进行缓冲区溢出检测

获取原文

页面导航

摘要
著录项
引文网络
相似文献
相关主题

摘要

This paper addresses the issue of identifying buffer overrun vulnerabilities by statically analyzing C source code. We demonstrate a light- weight analysis based on modeling C string manipulations as a linear program. We also present fast, scalable solvers based on linear programming, and demonstrate techniques to make the program analysis context sensitive. Based on these techniques, we built a prototype and used it to identify several vulnerabilities in popular security critical applications.

著录项

作者
Ganapathy, V. ; Jha, S. ; Chandler, D. ; Melski, D. ; Vitek, D.;
展开▼
作者单位

展开▼
年度 2003
页码 1-11
总页数 11
原文格式 PDF
正文语种 eng
中图分类工业技术;
关键词
Linear programming; Vulnerability; C programming language; Algorithms; Reliability; Debugging(Computers); Security; Software engineering;

机译：线性编程;漏洞; C编程语言;算法;可靠性;调试（计算机）;安全性;软件工程;

相似文献

外文文献
中文文献
专利

1. About buffer-overflow detection by static analysis of C program [J] . Goichi Nakamura, Ichiro Murase 電子情報通信学会技術研究報告. 情報セキュリティ. Information Security . 2002,第211期

机译：关于通过C程序的静态分析进行缓冲区溢出检测
2. About buffer-overflow detection by static analysis of C program [J] . Goichi Nakamura, Ichiro Murase 電子情報通信学会技術研究報告. 情報セキュリティ. Information Security . 2002,第211期

机译：关于C程序静态分析的缓冲溢出检测
3. Buffer-Overflow Detection in C Program by Static Detection [J] . NAKAMURA Goichi, MAKINO Kyoko, MURASE Ichiro Journal of the National Institute of Information and Communications Technology . 2005,第1a2期

机译：通过静态检测在C程序中进行缓冲区溢出检测
4. Buffer overrun detection using linear programming and static analysis [C] . Vinod Ganapathy, Somesh Jha, David Chandler, ACM conference on Computer and communications security . 2003

机译：使用线性编程和静态分析的缓冲区溢出检测
5. Static Analysis of Javascript Programs for Bug Detection [D] . Younang, Astrid. 2017

机译：用于漏洞检测的Javascript程序的静态分析
6. Visual Detection Under Uncertainty Operates Via an Early Static Not Late Dynamic Non-Linearity [O] . Peter Neri 2010

机译：不确定性下的视觉检测通过早期的静态而非后期的动态非线性实现
7. Buffer Overrun Detection Using Linear Programming and Static Analysis [O] . Ganapathy, Vinod, Jha, Somesh, Chandler, David, 2003

机译：使用线性编程和静态分析进行缓冲区溢出检测

Buffer Overrun Detection Using Linear Programming and Static Analysis

摘要

著录项

引文网络

相似文献

相关主题

期刊订阅