Beagle: Tracking system failures for reproducing security faults

Chang Hsien Tsai, Shih Hung Liu, Shuen Wen Huang, Shih Kun Huang, Deron Liang

Research output: Chapter in Book/Report/Conference proceedingChapterpeer-review

Abstract

Software vulnerabilities can be attributed to inherent bugs in the system. Several types of bugs introduce faults for not conforming to system specifications and failures, including crash, hang, and panic. In our work, we exploit security faults due to crash-type failures. It is difficult to reconstruct system failures after a program has crashed. Much research work has been focused on detecting program errors and identifying their root causes either by static analysis or observing their running behavior through dynamic program instrument. Our goal is to design a tool that helps isolate bugs. This tool is called BEAGLE (Bug-tracking by Execution Auditing from Generated Logs and Errors). BEAGLE periodically makes stack checkpoints of program in execution. If the software crashes, we can approximate to the latest checkpoint and infer the precise corrupt site. After identifying the site of control state corruption, tainted input analysis will determine system exploitability if untouched passed through the corrupt site. Several case studies of corrupt site detections and tainted input analysis prove the applicability of our tool.

Original languageEnglish
Title of host publicationComputer Security in the 21st Century
PublisherSpringer US
Pages169-180
Number of pages12
ISBN (Print)9780387240053
DOIs
StatePublished - 2005

Keywords

  • Control State Corruption
  • COTS Vulnerability Testing
  • Dynamic Analysis
  • Software Wrapper

Fingerprint

Dive into the research topics of 'Beagle: Tracking system failures for reproducing security faults'. Together they form a unique fingerprint.

Cite this