Detection of Security Vulnerabilities Induced by Integer Errors - Equipe System on Chip Accéder directement au contenu
Communication Dans Un Congrès Année : 2021

Detection of Security Vulnerabilities Induced by Integer Errors

Résumé

Sometimes computing platforms, e.g. storage device, compilers, operating systems used to execute software programs make them misbehave, this type of issues could be exploited by attackers to access sensitive data and compromise the system. This paper presents an automatable approach for detecting such security vulnerabilities due to improper execution environment. Specifically, the advocated approach targets the detection of security vulnerabilities in the software caused by memory overflows such as integer overflow. Based on analysis of the source code and by using a knowledge base gathering common execution platform issues and known restrictions, the paper proposes a framework able to infer the required assertions, without manual code annotations and rewriting, for generating logical formulas that can be used to reveal potential code weaknesses.

Dates et versions

hal-03318675 , version 1 (10-08-2021)

Identifiants

Citer

Salim Kissi, Yassamine Seladji, Rabéa Ameur-Boulifa. Detection of Security Vulnerabilities Induced by Integer Errors. 16th International Conference on Software Technologies ICSOFT, Jul 2021, Online Streaming, Portugal. pp.177-184, ⟨10.5220/0010551301770184⟩. ⟨hal-03318675⟩
51 Consultations
0 Téléchargements

Altmetric

Partager

Gmail Facebook X LinkedIn More