Efficient Dynamic Tracking Technique for Detecting Integer-Overflow-to-Buffer-Overflow Vulnerability

Sun, Hongxiang; Zhang, Xiangyu; Su, Chao; Zeng, Qingkai

doi:10.1145/2714576.2714605

Cited by 17 publications

(3 citation statements)

References 14 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…IntPatch [44] and IntTracker [38] insert overflow checks only at operations that they can statically determine (via type or static analysis) may flow to memory allocations. They argue that such operations do not have benign overflows.…”

Section: Related Workmentioning

confidence: 99%

Comprehensive Java Metadata Tracking for Attack Detection and Repair

Perkins¹,

Eikenberry²,

Coglio

et al. 2020

2020 50th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)

View full text Add to dashboard Cite

We present ClearTrack, a system that tracks 32 bits of metadata for each primitive value in Java programs to detect and nullify a range of vulnerabilities such as integer overflow and underflow vulnerabilities, SQL injection vulnerabilities, and command injection vulnerabilities. Contributions include new techniques for eliminating false positives associated with benign integer overflows and underflows, new metadataaware techniques for detecting and nullifying SQL and command injection attacks, and results from an evaluation of ClearTrack performed by a Test and Evaluation team hired by the sponsor of this research (an anonymous agency of the United States government). These results show that 1) ClearTrack operates successfully on Java programs comprising hundreds of thousands of lines of code (including instrumented jar files and Java system libraries, the majority of the applications comprise over 3 million lines of code), 2) because of computations such as cryptography and hash table calculations, these applications perform millions of benign integer overflows and underflows, and 3) ClearTrack successfully detects and nullifies all tested integer overflow and underflow, SQL injection, and command injection vulnerabilities in the benchmark applications.

show abstract

Section: Related Workmentioning

confidence: 99%

Comprehensive Java Metadata Tracking for Attack Detection and Repair

Perkins¹,

Eikenberry²,

Coglio

et al. 2020

2020 50th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)

View full text Add to dashboard Cite

show abstract

“…Their method is based on differential privacy. Sanchez et al [17] focused on improving sanitization of textual documents. Their approach automatically finds sensitive terms in text documents and sanitizes them.…”

Section: Related Workmentioning

confidence: 99%

Misusability Measure Based Sanitization of Big Data for Privacy Preserving MapReduce Programming

Radhika

Kumari

2018

IJECE

View full text Add to dashboard Cite

Leakage and misuse of sensitive data is a challenging problem to enterprises. It has become more serious problem with the advent of cloud and big data. The rationale behind this is the increase in outsourcing of data to public cloud and publishing data for wider visibility. Therefore Privacy Preserving Data Publishing (PPDP), Privacy Preserving Data Mining (PPDM) and Privacy Preserving Distributed Data Mining (PPDM) are crucial in the contemporary era. PPDP and PPDM can protect privacy at data and process levels respectively. Therefore, with big data privacy to data became indispensable due to the fact that data is stored and processed in semi-trusted environment. In this paper we proposed a comprehensive methodology for effective sanitization of data based on misusability measure for preserving privacy to get rid of data leakage and misuse. We followed a hybrid approach that caters to the needs of privacy preserving MapReduce programming. We proposed an algorithm known as Misusability Measure-Based Privacy serving Algorithm (MMPP) which considers level of misusability prior to choosing and application of appropriate sanitization on big data. Our empirical study with Amazon EC2 and EMR revealed that the proposed methodology is useful in realizing privacy preserving Map Reduce programming.

show abstract

“…Previous security research around traditional desktop software mainly focuses on the triggering and identification of memory corruption bugs. Buffer overflow, integer overflow, and double fetch 2‐9 are the typical representatives of this class of bugs. They primarily stem from the out‐of‐bounds use of variables in computer memory.…”

Section: Introductionmentioning

confidence: 99%

Static Detection of File Access Control Vulnerabilities on Windows System

Lü

Wang

et al. 2020

Concurrency and Computation

View full text Add to dashboard Cite

Summary Traditional applications have been developed for decades. Most of the security research around them have focused on the detection of memory corruption vulnerabilities, such as buffer overflow, double fetch, and integer overflow. On the contrary, logic bugs, a kind of flaws caused by unreasonable application logic, attract much less attention. Files are the most common media for programs to persist their data in the system. As the file owners, programs are responsible for protecting their files from malicious users' tampering by leveraging access control mechanisms. However, if a program configures their access control mechanisms in wrong ways and causes evil users to bypass security checks to access files, there exists a file access control vulnerability. As a branch of logic flaws, file access control vulnerabilities are less popular with researchers. Thus, to mitigate the harm of the file access control vulnerabilities on Windows system, our team conducted first‐step research on them. We first classified file access control bugs into two types and codified some bug patterns. Then we formalized file access control vulnerabilities to propose a scalable detection method and implemented a lightweight analysis system StaticFAC. After evaluating StaticFAC in real‐world Windows software, we discovered 15 0‐day bugs.

show abstract

Efficient Dynamic Tracking Technique for Detecting Integer-Overflow-to-Buffer-Overflow Vulnerability

Cited by 17 publications

References 14 publications

Comprehensive Java Metadata Tracking for Attack Detection and Repair

Comprehensive Java Metadata Tracking for Attack Detection and Repair

Misusability Measure Based Sanitization of Big Data for Privacy Preserving MapReduce Programming

Static Detection of File Access Control Vulnerabilities on Windows System

Contact Info

Product

Resources

About