Memory Corruption Vulnerabilities Detection for Android Binary Software

被引:0
|
作者
Zhang, Bin [1 ]
Wu, Bo [1 ]
Feng, Chao [1 ]
Tang, Chaojing [1 ]
机构
[1] Natl Univ Def Technol, Sch Elect Sci & Engn, Changsha, Hunan, Peoples R China
来源
2015 IEEE INTERNATIONAL CONFERENCE ON SIGNAL PROCESSING, COMMUNICATIONS AND COMPUTING (ICSPCC) | 2015年
关键词
Memory corruption vulnerability; Selective symbolic execution; Android binary software;
D O I
暂无
中图分类号
TM [电工技术]; TN [电子技术、通信技术];
学科分类号
0808 ; 0809 ;
摘要
The vulnerabilities exist in Android binary software bring critical threat to Mobile Internet security. In this paper, we put forward a novel method to detect memory corruption vulnerabilities for Android binary software which builds upon memory accession security rules and selective symbolic execution. We also implemented our prototype system and the evaluation results show that our method can detect the memory corruption vulnerabilities in Android binary software effectively and accurately.
引用
收藏
页码:16 / 20
页数:5
相关论文
共 50 条
  • [1] Integer Overflow Vulnerabilities Detection in Software Binary Code
    Demidov, Roman
    Pechenkin, Alexander
    Zegzhda, Peter
    SIN'17: PROCEEDINGS OF THE 10TH INTERNATIONAL CONFERENCE ON SECURITY OF INFORMATION AND NETWORKS, 2017, : 101 - 106
  • [2] Applications of Computational Intelligence for Static Software Checking Against Memory Corruption Vulnerabilities
    Alvares, Marcos
    Marwala, Tshilidzi
    de Lima Neto, Fernando Buarque
    2013 IEEE SYMPOSIUM ON COMPUTATIONAL INTELLIGENCE IN CYBER SECURITY (CICS), 2013, : 59 - 66
  • [3] Detecting Concurrency Memory Corruption Vulnerabilities
    Cai, Yan
    Zhu, Biyun
    Meng, Ruijie
    Yun, Hao
    He, Liang
    Su, Purui
    Liang, Bin
    ESEC/FSE'2019: PROCEEDINGS OF THE 2019 27TH ACM JOINT MEETING ON EUROPEAN SOFTWARE ENGINEERING CONFERENCE AND SYMPOSIUM ON THE FOUNDATIONS OF SOFTWARE ENGINEERING, 2019, : 706 - 717
  • [4] A Comprehensive Detection of Memory Corruption Vulnerabilities for C/C plus plus Programs
    Gao, Yuhan
    Chen, Liwei
    Shi, Gang
    Zhang, Fei
    2018 IEEE INT CONF ON PARALLEL & DISTRIBUTED PROCESSING WITH APPLICATIONS, UBIQUITOUS COMPUTING & COMMUNICATIONS, BIG DATA & CLOUD COMPUTING, SOCIAL COMPUTING & NETWORKING, SUSTAINABLE COMPUTING & COMMUNICATIONS, 2018, : 354 - 360
  • [5] Research on the Exploitability of Binary Software Vulnerabilities
    Tang, Xiang
    Zhou, Houlin
    Zhang, Man
    Zhang, Yuheng
    Wu, Guocheng
    Lu, Hui
    Yu, Xiang
    Tian, Zhihong
    2023 IEEE 12TH INTERNATIONAL CONFERENCE ON CLOUD NETWORKING, CLOUDNET, 2023, : 403 - 407
  • [6] Towards Automated Detection of Higher-Order Memory Corruption Vulnerabilities in Embedded Devices
    Yu, Lei
    Li, Linyu
    Wang, Haoyu
    Wang, Xiaoyu
    He, Houhua
    Gong, Xiaorui
    PROCEEDINGS OF THE 2021 DESIGN, AUTOMATION & TEST IN EUROPE CONFERENCE & EXHIBITION (DATE 2021), 2021, : 1707 - 1710
  • [7] Detecting Software Vulnerabilities in Android Using Static Analysis
    Dhaya, R.
    Poongodi, M.
    2014 INTERNATIONAL CONFERENCE ON ADVANCED COMMUNICATION CONTROL AND COMPUTING TECHNOLOGIES (ICACCCT), 2014, : 915 - 918
  • [8] MemSherlock: An Automated Debugger for Unknown Memory Corruption Vulnerabilities
    Sezer, Emre C.
    Ning, Peng
    Kil, Chongkyung
    Xu, Jun
    CCS'07: PROCEEDINGS OF THE 14TH ACM CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY, 2007, : 562 - +
  • [9] Research on Discovering Memory Corruption Vulnerabilities for Embedded CGIs
    Wang D.
    Zhang X.-S.
    Chen T.
    Dianzi Keji Daxue Xuebao/Journal of the University of Electronic Science and Technology of China, 2020, 49 (05): : 745 - 750
  • [10] Detection of SQLite Database Vulnerabilities in Android Apps
    Jain, Vineeta
    Gaur, M. S.
    Laxmi, Vijay
    Mosbah, Mohamed
    INFORMATION SYSTEMS SECURITY, 2016, 10063 : 521 - 531
12345