Predicting Integer Overflow through Static Integer Operation Attributes

被引：0

作者：

Meng Qingkun ^{[1
]}

Wen Shameng ^{[1
]}

Feng Chao ^{[1
]}

Tang Chaojing ^{[1
]}

机构：

[1] NUDT, Sch Elect Sci & Engn, Changsha, Hunan, Peoples R China

来源：

PROCEEDINGS OF 2016 5TH INTERNATIONAL CONFERENCE ON COMPUTER SCIENCE AND NETWORK TECHNOLOGY (ICCSNT) | 2016年

关键词：

component; machine learning; software security; integer overflow; software vulnerability;

D O I：

暂无

中图分类号：

TP301 [理论、方法];

学科分类号：

081202 ;

摘要：

Integer overflow vulnerability is very difficult to locate and patch. From experience speaking the more complicate the integer operation the more error-prone the program. So in this paper, we come up with a new method to leverage static integer operation attributes to predict integer overflows based on machine learning technique. The static integer operation attributes consist of sink, integer operation accumulation, sanitization and input attributes. Every function of the testing program will be converted to a 10-dimension vector which is fed to several machine learning algorithms to make prediction. Our experiment shows that the method gets a good performance.

引用

页码：177 / 181

页数：5

共 50 条

[21] New AspectJ Pointcuts for Integer Overflow and Underflow Detection
Alhadidi, D.
Debbabi, M.
Bhattacharya, P.
INFORMATION SECURITY JOURNAL, 2008, 17 (5-6): : 278 - 287
[22] Mutation-based Testing of Integer Overflow Vulnerabilities
Zeng, Fanping
Mao, Liangliang
Chen, Zhide
Cao, Qing
2009 5TH INTERNATIONAL CONFERENCE ON WIRELESS COMMUNICATIONS, NETWORKING AND MOBILE COMPUTING, VOLS 1-8, 2009, : 4416 - 4419
[23] Diagnosis and Emergency Patch Generation for Integer Overflow Exploits
Wang, Tielei
Song, Chengyu
Lee, Wenke
DETECTION OF INTRUSIONS AND MALWARE, AND VULNERABILITY ASSESSMENT, DIMVA 2014, 2014, 8550 : 255 - 275
[24] N bit result integer multiplier with overflow detector
Cha, YH
Cho, GY
Choi, HH
Song, HB
ELECTRONICS LETTERS, 2001, 37 (15) : 940 - 942
[25] Sound Input Filter Generation for Integer Overflow Errors
Long, Fan
Sidiroglou-Douskos, Stelios
Kim, Deokhwan
Rinard, Martin
ACM SIGPLAN NOTICES, 2014, 49 (01) : 439 - 452
[26] Integer Overflow Detection in Hardware Designs at the Specification Level
Bornebusch, Fritjof
Lueth, Christoph
Wille, Robert
Drechsler, Rolf
PROCEEDINGS OF THE 8TH INTERNATIONAL CONFERENCE ON MODEL-DRIVEN ENGINEERING AND SOFTWARE DEVELOPMENT (MODELSWARD), 2020, : 41 - 48
[27] Mutation Testing for Integer Overflow in Ethereum Smart Contracts
Jinlei Sun
Song Huang
Changyou Zheng
Tingyong Wang
Cheng Zong
Zhanwei Hui
Tsinghua Science and Technology, 2022, 27 (01) : 27 - 40
[28] Mutation Testing for Integer Overflow in Ethereum Smart Contracts
Sun, Jinlei
Huang, Song
Zheng, Changyou
Wang, Tingyong
Zong, Cheng
Hui, Zhanwei
TSINGHUA SCIENCE AND TECHNOLOGY, 2022, 27 (01) : 27 - 40
[29] Integer Overflow Vulnerabilities Detection in Software Binary Code
Demidov, Roman
Pechenkin, Alexander
Zegzhda, Peter
SIN'17: PROCEEDINGS OF THE 10TH INTERNATIONAL CONFERENCE ON SECURITY OF INFORMATION AND NETWORKS, 2017, : 101 - 106
[30] On the complexity of regular-grammars with integer attributes
Manna, M.
Scarcello, F.
Leone, N.
JOURNAL OF COMPUTER AND SYSTEM SCIENCES, 2011, 77 (02) : 393 - 421

← 1 2 3 4 5 →