Title :
A Parallel Vulnerability Detection Framework via MPI
Author :
Wang, Gang ; Wang, Lei
Author_Institution :
Sch. of Comput. Sci. & Eng., Beihang Univ., Beijing, China
Abstract :
Open source applications have flourished recent years. Meanwhile, security vulnerabilities in such applications have grown. Since manual code auditing is error-prone, time-consuming and costly, it is necessary to find automatic solutions. To address this problem we propose an approach that combines constraint-based analysis and model checking together. Model checking technology as a constraint solver can be employed to solve the constraint-based system. CodeAuditor, the prototype implementation of our methods, is targeted at detecting vulnerabilities in C source code. With this tool, 9 previously unknown vulnerabilities in two open source applications were discovered and the observed false positive rate was at around 29%.
Keywords :
constraint handling; data flow analysis; formal verification; message passing; public domain software; security of data; C source code; CodeAuditor; MPI; constraint-based analysis; constraint-based system; manual code auditing; model checking; open source applications; parallel vulnerability detection framework; security vulnerabilities; Computational modeling; Computers; Instruments; Optimization; Security; Software; XML;
Conference_Titel :
Management and Service Science (MASS), 2011 International Conference on
Conference_Location :
Wuhan
Print_ISBN :
978-1-4244-6579-8
DOI :
10.1109/ICMSS.2011.5999219
