مرکز منطقه ای اطلاع رساني علوم و فناوري - Generating Vulnerability Signatures for String Manipulating Programs Using Automata-Based Forward and Backward Symbolic Analyses

DocumentCode :

1850773

Title :

Generating Vulnerability Signatures for String Manipulating Programs Using Automata-Based Forward and Backward Symbolic Analyses

Author :

Yu, Fang ; Alkhalaf, Muath ; Bultan, Tevfik

Author_Institution :

Comput. Sci. Dept., Univ. of California at Santa Barbara, Santa Barbara, CA, USA

fYear :

2009

fDate :

16-20 Nov. 2009

Firstpage :

605

Lastpage :

609

Abstract :

Given a program and an attack pattern (specified as a regular expression), we automatically generate string-based vulnerability signatures, i.e., a characterization that includes all malicious inputs that can be used to generate attacks. We use an automata-based string analysis framework. Using forward reachability analysis we compute an over-approximation of all possible values that string variables can take at each program point. Intersecting these with the attack pattern yields the potential attack strings if the program is vulnerable. Using backward analysis we compute an over-approximation of all possible inputs that can generate those attack strings. In addition to identifying existing vulnerabilities and their causes, these vulnerability signatures can be used to filter out malicious inputs. Our approach extends the prior work on automata-based string analysis by providing a backward symbolic analysis that includes a symbolic pre-image computation for deterministic finite automata on common string manipulating functions such as concatenation and replacement.

Keywords :

data analysis; deterministic automata; digital signatures; finite automata; reachability analysis; attack pattern; automata-based forward and backward symbolic analyses; automata-based string analysis; backward symbolic analysis; deterministic finite automata; forward reachability analysis; malicious inputs; over-approximation; string manipulating functions; string manipulating programs; string-based vulnerability signatures; symbolic pre-image computation; vulnerability signature generation; Automata; Character generation; Computer science; Doped fiber amplifiers; Filters; Image analysis; Pattern analysis; Reachability analysis; Software engineering; World Wide Web; finite automata; string analysis; vulnerability signature; web security;

fLanguage :

English

Publisher :

ieee

Conference_Titel :

Automated Software Engineering, 2009. ASE '09. 24th IEEE/ACM International Conference on

Conference_Location :

Auckland

ISSN :

1938-4300

Print_ISBN :

978-1-4244-5259-0

Electronic_ISBN :

1938-4300

Type :

conf

DOI :

10.1109/ASE.2009.20

Filename :

5431724

Link To Document :

https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=1850773