Title :
An efficient control flow security analysis approach for binary executables
Author :
Chunlei, Wang ; Gang, Zhao ; Yiqi, Dai
Author_Institution :
Dept. of Comput. Sci. & Technol., Tsinghua Univ., Beijing, China
Abstract :
This paper proposes a control flow based security analysis approach for binary executables. Through deeply investigating the theory of control flow security, we develop the Control Flow Security Model (CFSM) which includes the formal definitions for program semantics and security properties for control flow. CFSM specifies that program execution dynamically follows only certain paths, in accordance with a statically declared security properties specified as Control Flow Constraint Specification (CFCS). We have proposed an efficient control flow security analysis algorithm for verifying that a particular control flow model satisfies the associated security properties. Our work contributes to bridging the gap between abstract specifications of control flow security properties and actual control flow security analysis for binary executables. The effectiveness and the practical usefulness of the approach are exemplified by an illustrative analysis of heap overflow vulnerability.
Keywords :
data flow analysis; data flow graphs; formal specification; program verification; programming language semantics; security of data; binary executable; control flow constraint specification; control flow security analysis approach; dynamic program execution; formal definition; program semantics; Buffer overflow; Computer science; Computer security; Data analysis; Data security; Data structures; Flow graphs; Optimizing compilers; Safety; Software performance; control flow security; formal method; security property; software analysis; software vulnerability;
Conference_Titel :
Computer Science and Information Technology, 2009. ICCSIT 2009. 2nd IEEE International Conference on
Conference_Location :
Beijing
Print_ISBN :
978-1-4244-4519-6
Electronic_ISBN :
978-1-4244-4520-2
DOI :
10.1109/ICCSIT.2009.5234950
