论文信息 - Vulnerability detector using parse tree annotation

Vulnerability detector using parse tree annotation

Static vulnerability Detection approach usually produces large amount of false positives. To achieve better result, a tool which is able to understand the analyzed source code and join it to high level programming concepts is needed. The proposed tool presents in this paper provides a novel semantic level method for detecting C language source code vulnerabilities. In a programming language each vulnerability is correlated to a valid code in point of compiler view. In other word, a written code in a particular situation may cause a vulnerability. To implement this tool, a collection of vulnerability attribute (VA) that represented a source code pattern for each vulnerability is prepared. Then the relation of these VAs in a pattern is extracted. In continue the parse tree of estimating source code was generated. Vulnerability detection is done in two general steps; first the generated parse tree is traversed by DFS and annotated, then vulnerability detection rules (VR) are performed on annotated tree to find code weaknesses. In this paper proposed tool is compared with other vulnerability detection tools. The comparison shows that the tool is useful for finding buffer overflow flaws with low false positive rate.

Reza Azmi | Mohammad Akbari | Sarah Berenji

[1] Alexander Ivanov Sotirov. AUTOMATIC VULNERABILITY DETECTION USING STATIC SOURCE CODE ANALYSIS , 2005 .

[2] Etienne M. Gagnon,et al. An object-oriented compiler framework , 1998 .

[3] Laurie J. Hendren,et al. SableCC, an object-oriented compiler framework , 1998, Proceedings. Technology of Object-Oriented Languages. TOOLS 26 (Cat. No.98EX176).

[4] Jon A. Rochlis,et al. With microscope and tweezers: an analysis of the Internet virus of November 1988 , 1989, Proceedings. 1989 IEEE Symposium on Security and Privacy.

[5] David A. Wagner,et al. This copyright notice must be included in the reproduced paper. USENIX acknowledges all trademarks herein. Detecting Format String Vulnerabilities with Type Qualifiers , 2001 .

[6] David A. Wagner,et al. A First Step Towards Automated Detection of Buffer Overrun Vulnerabilities , 2000, NDSS.

[7] Jacob West,et al. Secure Programming with Static Analysis , 2007 .

[8] Jeffrey S. Foster,et al. Type qualifiers: lightweight specifications to improve software quality , 2002 .

[9] Dawson R. Engler,et al. A system and language for building system-specific, static analyses , 2002, PLDI '02.

[10] Gary McGraw,et al. ITS4: a static vulnerability scanner for C and C++ code , 2000, Proceedings 16th Annual Computer Security Applications Conference (ACSAC'00).

[11] Dawson R. Engler,et al. Checking system rules using system-specific, programmer-written compiler extensions , 2000, OSDI.