论文信息 - Combining Static and Dynamic Analyses for Vulnerability Detection: Illustration on Heartbleed

Combining Static and Dynamic Analyses for Vulnerability Detection: Illustration on Heartbleed

Security of modern information and communication systems has become a major concern. This tool paper presents Flinder-SCA, an original combined tool for vulnerability detection, implemented on top of Frama-C, a platform for collaborative verification of C programs, and Search Lab’s Flinder testing tool. Flinder-SCA includes three steps. First, abstract interpretation and taint analysis are used to detect potential vulnerabilities (alarms), then program slicing is applied to reduce the initial program, and finally a testing step tries to confirm detected alarms by fuzzing on the reduced program. We describe the proposed approach and the tool, illustrate its application for the recent OpenSSL/HeartBeat Heartbleed vulnerability, and discuss the benefits and industrial application perspectives of the proposed verification approach.

[1] M. Eliantonio,et al. Private Parties and the Annulment Procedure: Can the Gap in the European System of Judicial Protection Be Closed? , 2010 .

[2] Dorothy E. Denning,et al. A lattice model of secure information flow , 1976, CACM.

[3] Nicholas Nethercote,et al. Valgrind: a framework for heavyweight dynamic binary instrumentation , 2007, PLDI '07.

[4] Nikolai Kosmatov,et al. Behind the scenes in SANTE: a combination of static and dynamic analyses , 2013, Automated Software Engineering.

[5] Nikolai Kosmatov,et al. Frama-C - A Software Analysis Perspective , 2012, SEFM.

[6] E. G. Woods,et al. IXTOC I OIL SPILL—THE DAMAGE ASSESSMENT PROGRAM AND ECOLOGICAL IMPACT , 1981 .

[7] Frank Tip,et al. A survey of program slicing techniques , 1994, J. Program. Lang..

[8] Richard Ford,et al. Heartbleed 101 , 2014, IEEE Security & Privacy.

[9] David W. Binkley,et al. Program slicing , 2008, 2008 Frontiers of Software Maintenance.