{"title":"An Analysis Model of Buffer Overflow Vulnerability Based on FSM","authors":"Jie Liu, Da He, Zhihong Rao","doi":"10.1145/3318236.3318261","DOIUrl":null,"url":null,"abstract":"Buffer overflow vulnerabilities have been the most common form of software vulnerabilities. It is very difficult and time consuming to detect possible types of vulnerabilities from a program. This paper proposes an analysis model of buffer overflow vulnerability based on finite state machine (FSM). The model conducts static analysis on source code. And then it analyzes the formation of buffer overflow vulnerabilities and process of data overflow. For the two types of buffer overflow vulnerabilities caused by function call errors and loop copy errors, the corresponding vulnerability analysis model is designed. The vulnerability analysis model proposed in this paper is verified by two scenarios. The experimental results show that the model can detect buffer overflow vulnerability automatically and effectively.","PeriodicalId":130185,"journal":{"name":"International Conference on Geoinformatics and Data Analysis","volume":"50 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Conference on Geoinformatics and Data Analysis","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3318236.3318261","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 2
Abstract
Buffer overflow vulnerabilities have been the most common form of software vulnerabilities. It is very difficult and time consuming to detect possible types of vulnerabilities from a program. This paper proposes an analysis model of buffer overflow vulnerability based on finite state machine (FSM). The model conducts static analysis on source code. And then it analyzes the formation of buffer overflow vulnerabilities and process of data overflow. For the two types of buffer overflow vulnerabilities caused by function call errors and loop copy errors, the corresponding vulnerability analysis model is designed. The vulnerability analysis model proposed in this paper is verified by two scenarios. The experimental results show that the model can detect buffer overflow vulnerability automatically and effectively.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
