Proceedings of the 2016 International Conference on Computer Science and Electronic Technology

A Static Comprehensive Analytical Method for Buffer Overflow Vulnerability Detection

Authors
Bilin Shao, Jiafen Yan, Genqing Bian, Yu Zhao, Dan Song
Corresponding Author
Bilin Shao
Available Online August 2016.
DOI
https://doi.org/10.2991/cset-16.2016.37How to use a DOI?
Keywords
Buffer overflow, vulnerability detection, comprehensive analysis, reliability weights
Abstract
Buffer overflow vulnerability is a widespread and dangerous security problem. Detecting buffer overflow vulnerability has great research value in information security area. This paper proposesa static comprehensive analyticalmethod for buffer overflow vulnerability detection. Firstly, this methodadoptsmany kinds of static detection tools fordetectingthe source codes and producingtheir own detectingreports. Secondly, comprehensive analysis is implemented toevaluatethe reliability weights of detecting tools by training process withdetection results, and further optimize the detection results. This training process can improve the efficiency of discovering buffer overflow vulnerabilities withlower rate of omissions and misstatements.The experimental results show that compared with singlestatic detection methods, the rates of both false alert and missed alert decrease significantly.
Open Access
This is an open access article distributed under the CC BY-NC license.

Download article (PDF)

Proceedings
Part of series
Advances in Computer Science Research
Publication Date
August 2016
ISBN
978-94-6252-213-8
ISSN
2352-538X
DOI
https://doi.org/10.2991/cset-16.2016.37How to use a DOI?
Open Access
This is an open access article distributed under the CC BY-NC license.

Cite this article

TY  - CONF
AU  - Bilin Shao
AU  - Jiafen Yan
AU  - Genqing Bian
AU  - Yu Zhao
AU  - Dan Song
PY  - 2016/08
DA  - 2016/08
TI  - A Static Comprehensive Analytical Method for Buffer Overflow Vulnerability Detection
PB  - Atlantis Press
SP  - 151
EP  - 155
SN  - 2352-538X
UR  - https://doi.org/10.2991/cset-16.2016.37
DO  - https://doi.org/10.2991/cset-16.2016.37
ID  - Shao2016/08
ER  -