ARMORY: An automatic security testing tool for buffer overflow defect detection

Li Han Chen, Fu Hau Hsu, Yanling Hwang, Mu Chun Su, Wei Shinn Ku, Chi Hsuan Chang

研究成果: 雜誌貢獻期刊論文同行評審

8 引文 斯高帕斯(Scopus)

摘要

Program Buffer Overflow Defects (PBODs) are the stepping stones of Buffer Overflow Attacks (BOAs), which are one of the most dangerous security threats to the Internet. In: this paper, we propose a kernel-based security testing tool, named ARMORY, for software engineers to detect PBODs automatically when they apply all kinds of testing, especially functional testing and unit testing, without increasing the testing workload. Besides, ARMORY does not need any attack instance, any training phase, or source code to finish its security testing. ARMORY can detect unknown PBODs. ARMORY not only can improve software quality, but also can reduce the amount of system resources used to protect a system. We implemented ARMORY in Linux kernel by modifying sys-read() system call and entry. S which deals all system call. Experimental results show that ARMORY can automatically detect PBODs when programmers test the functionality of their programs.

原文???core.languages.en_GB???
頁(從 - 到)2233-2242
頁數10
期刊Computers and Electrical Engineering
39
發行號7
DOIs
出版狀態已出版 - 10月 2013

指紋

深入研究「ARMORY: An automatic security testing tool for buffer overflow defect detection」主題。共同形成了獨特的指紋。

引用此