A Static Comprehensive Analytical Method for Buffer Overflow Vulnerability Detection
Bilin Shao, Jiafen Yan, Genqing Bian, Yu Zhao, Dan Song
Available Online August 2016.
- https://doi.org/10.2991/cset-16.2016.37How to use a DOI?
- Buffer overflow, vulnerability detection, comprehensive analysis, reliability weights
- Buffer overflow vulnerability is a widespread and dangerous security problem. Detecting buffer overflow vulnerability has great research value in information security area. This paper proposesa static comprehensive analyticalmethod for buffer overflow vulnerability detection. Firstly, this methodadoptsmany kinds of static detection tools fordetectingthe source codes and producingtheir own detectingreports. Secondly, comprehensive analysis is implemented toevaluatethe reliability weights of detecting tools by training process withdetection results, and further optimize the detection results. This training process can improve the efficiency of discovering buffer overflow vulnerabilities withlower rate of omissions and misstatements.The experimental results show that compared with singlestatic detection methods, the rates of both false alert and missed alert decrease significantly.
- Open Access
- This is an open access article distributed under the CC BY-NC license.
Cite this article
TY - CONF AU - Bilin Shao AU - Jiafen Yan AU - Genqing Bian AU - Yu Zhao AU - Dan Song PY - 2016/08 DA - 2016/08 TI - A Static Comprehensive Analytical Method for Buffer Overflow Vulnerability Detection BT - 2016 International Conference on Computer Science and Electronic Technology PB - Atlantis Press SP - 151 EP - 155 SN - 2352-538X UR - https://doi.org/10.2991/cset-16.2016.37 DO - https://doi.org/10.2991/cset-16.2016.37 ID - Shao2016/08 ER -