Paper Info
Title
Nlp-Eye: Detecting Memory Corruptions Via Semantic-Aware Memory Operation Function Identification
Abstract
Memory corruption vulnerabilities are serious threats to software security, which is often triggered by improper use of memory operation functions. The detection of memory corruptions relies on identifying memory operation functions and examining how it manipulates the memory. Distinguishing memory operation functions is challenging because they usually come in various forms in real-world software. In this paper, we propose NLP-EYE, an NLP-based memory corruption detection system. NLP-EYE is able to identify memory operation functions through a semantic-aware source code analysis automatically. It first creates a programming language friendly corpus in order to parse function prototypes. Based on the similarity comparison by utilizing both semantic and syntax information, NLP-EYE identifies and labels both standard and customized memory operation functions. It uses symbolic execution at last to check whether a memory operation causes incorrect memory usage.Instead of analyzing data dependencies of the entire source code, NLP-EYE only focuses on memory operation parts. We evaluated the performance of NLP-EYE by using seven real-world libraries and programs, including Vim, Git, CPython, etc. NLP-EYE successfully identifies 27 null pointer dereference, two double-free and three use-after-free that are not discovered before in the latest versions of analysis targets.
Year
Venue
Field
2019
PROCEEDINGS OF THE 22ND INTERNATIONAL SYMPOSIUM ON RESEARCH IN ATTACKS, INTRUSIONS AND DEFENSES
Computer science,Artificial intelligence,Natural language processing
DocType
Citations 
PageRank 
Conference
0
0.34
References 
Authors
0
8
Name
Order
Citations
PageRank
Jianqiang Wang100.68
Siqi Ma2113.31
Yuanyuan Zhang3335.18
Juanru Li417924.07
Zheyu Ma500.34
Long Mai600.68
Tiancheng Chen700.34
Dawu Gu8644103.50