TY - JOUR
T1 - ARMORY
T2 - An automatic security testing tool for buffer overflow defect detection
AU - Chen, Li Han
AU - Hsu, Fu Hau
AU - Hwang, Yanling
AU - Su, Mu Chun
AU - Ku, Wei Shinn
AU - Chang, Chi Hsuan
PY - 2013/10
Y1 - 2013/10
N2 - Program Buffer Overflow Defects (PBODs) are the stepping stones of Buffer Overflow Attacks (BOAs), which are one of the most dangerous security threats to the Internet. In: this paper, we propose a kernel-based security testing tool, named ARMORY, for software engineers to detect PBODs automatically when they apply all kinds of testing, especially functional testing and unit testing, without increasing the testing workload. Besides, ARMORY does not need any attack instance, any training phase, or source code to finish its security testing. ARMORY can detect unknown PBODs. ARMORY not only can improve software quality, but also can reduce the amount of system resources used to protect a system. We implemented ARMORY in Linux kernel by modifying sys-read() system call and entry. S which deals all system call. Experimental results show that ARMORY can automatically detect PBODs when programmers test the functionality of their programs.
AB - Program Buffer Overflow Defects (PBODs) are the stepping stones of Buffer Overflow Attacks (BOAs), which are one of the most dangerous security threats to the Internet. In: this paper, we propose a kernel-based security testing tool, named ARMORY, for software engineers to detect PBODs automatically when they apply all kinds of testing, especially functional testing and unit testing, without increasing the testing workload. Besides, ARMORY does not need any attack instance, any training phase, or source code to finish its security testing. ARMORY can detect unknown PBODs. ARMORY not only can improve software quality, but also can reduce the amount of system resources used to protect a system. We implemented ARMORY in Linux kernel by modifying sys-read() system call and entry. S which deals all system call. Experimental results show that ARMORY can automatically detect PBODs when programmers test the functionality of their programs.
UR - http://www.scopus.com/inward/record.url?scp=84885601968&partnerID=8YFLogxK
U2 - 10.1016/j.compeleceng.2012.07.005
DO - 10.1016/j.compeleceng.2012.07.005
M3 - 期刊論文
AN - SCOPUS:84885601968
SN - 0045-7906
VL - 39
SP - 2233
EP - 2242
JO - Computers and Electrical Engineering
JF - Computers and Electrical Engineering
IS - 7
ER -