Enforcing Stack-Based Information Leaks

被引:0
|
作者
Georgescu, Adele [1 ]
机构
[1] Univ Bucharest, Dept Comp Sci, Bucharest, Romania
来源
INNOVATION VISION 2020: FROM REGIONAL DEVELOPMENT SUSTAINABILITY TO GLOBAL ECONOMIC GROWTH, VOL I-VI | 2015年
关键词
uninitialized data; static analysis; stack; information leaks;
D O I
暂无
中图分类号
F [经济];
学科分类号
02 ;
摘要
Uninitialized data returned to the user represent a source of software vulnerabilities which might lead to information disclosure under certain conditions. In this work, we aim at detection and exploiting uninitialized variables in a given software. We perform static analysis of source code, transform it into a graph that offers full description of the application, look for uninitialized data and classify it. Next we try to retrieve the content of these data and show a way to enforce-the application to modify it as we desire.
引用
收藏
页码:2807 / 2817
页数:11
相关论文
共 50 条
  • [1] Stack-based access control and secure information flow
    Banerjee, A
    Naumann, DA
    [J]. JOURNAL OF FUNCTIONAL PROGRAMMING, 2005, 15 : 131 - 177
  • [2] Detecting Stack Based Kernel Information Leaks
    Peiro, S.
    Munoz, M.
    Masmano, M.
    Crespo, A.
    [J]. INTERNATIONAL JOINT CONFERENCE SOCO'14-CISIS'14-ICEUTE'14, 2014, 299 : 321 - 331
  • [3] Stack-based Music Recommendation
    Zhao, Yong-hua
    [J]. INTERNATIONAL CONFERENCE ON ADVANCED COMPUTER SCIENCE AND ENGINEERING (ACSE 2014), 2014, : 290 - 294
  • [4] STACK-BASED SORTING ALGORITHMS
    AMMAR, RA
    [J]. JOURNAL OF SYSTEMS AND SOFTWARE, 1989, 9 (03) : 225 - 239
  • [5] STACK-BASED SCHEDULING OF REALTIME PROCESSES
    BAKER, TP
    [J]. REAL-TIME SYSTEMS, 1991, 3 (01) : 67 - 99
  • [6] Stack-based typed assembly language
    Morrisett, G
    Crary, K
    Glew, N
    Walker, D
    [J]. JOURNAL OF FUNCTIONAL PROGRAMMING, 2002, 12 : 43 - 88
  • [7] Stack-based typed assembly language
    Morrisett, Greg
    Crary, Karl
    Glew, Neal
    Walker, David
    [J]. Journal of Functional Programming, 2002, 12 (01) : 43 - 88
  • [8] A STACK-BASED APPROACH FOR SHADING OF REGIONS
    LIN, F
    PAN, YH
    [J]. COMPUTERS & GRAPHICS, 1992, 16 (01) : 79 - 84
  • [9] XCS with stack-based genetic programming
    Lanzi, PL
    [J]. CEC: 2003 CONGRESS ON EVOLUTIONARY COMPUTATION, VOLS 1-4, PROCEEDINGS, 2003, : 1186 - 1191
  • [10] An abstract semantics tool for secure information flow of stack-based assembly programs
    Bernardeschi, C
    De Francesco, N
    Lettieri, G
    [J]. MICROPROCESSORS AND MICROSYSTEMS, 2002, 26 (08) : 391 - 398
12345