Title | ||
---|---|---|
An Approach to Vulnerability Searching of Integer Overflows in the Executable Program Code. |
Abstract | ||
---|---|---|
This article proposes an approach to identifying integer overflow vulnerabilities in software represented by the executable code of x86 architecture. The approach is based on symbolic code execution and initially twofold representation of memory cells. A truncated control transfer graph is constructed from the machine code of the program, the paths in which are layer-by-layer checked for the feasibility of the vulnerability conditions. The proposed methods were implemented in practice and experimentally tested on the various code samples. |
Year | DOI | Venue |
---|---|---|
2018 | 10.3103/S0146411618080102 | Automatic Control and Computer Sciences |
Keywords | Field | DocType |
vulnerability search, symbolic execution, symbolic memory, vulnerability classification, control flow graph, integer overflow | Integer,Integer overflow,Control flow graph,Computer science,Theoretical computer science,Symbolic execution,Vulnerability,Executable | Journal |
Volume | Issue | ISSN |
52 | 8 | 1558-108X |
Citations | PageRank | References |
0 | 0.34 | 6 |
Authors | ||
3 |
Name | Order | Citations | PageRank |
---|---|---|---|
Roman Demidov | 1 | 0 | 1.35 |
Alexander I. Pechenkin | 2 | 1 | 2.10 |
Peter D. Zegzhda | 3 | 22 | 11.92 |