Program Crash Analysis Based on Taint Analysis

Author

Zhang Puhan ; Wu Jianxiong ; Wang Xin ; Zehui Wu

Author_Institution

China Inf. Technol. Security Evaluation Center, Beijing, China

fYear

2014

fDate

8-10 Nov. 2014

Firstpage

492

Lastpage

498

Abstract

Software exception analysis can not only improve software stability before putting into commercial, but also could optimize the priority of patch updates subsequently. We propose a more practical software exception analysis approach based on taint analysis, from the view that whether an exception of the software can be exploited by an attacker. It first identifies the type of exceptions, then do taint analysis on the trace that between the program entry point to exception point, and recording taint information of memory set and registers. It finally gives the result by integrating the above recording and the subsequent instructions analysis. We implement this approach to our exception analysis framework ExpTracer, and do the evaluation with some exploitable/un-exploitable exceptions which shows that our approach is more accurate in identifying exceptions compared with current tools.

Keywords

exception handling; program diagnostics; ExpTracer; exception point; exploitable exceptions; memory set; patch update priority optimization; program crash analysis; program entry point; registers; software exception analysis; software stability; subsequent instruction analysis; taint analysis; unexploitable exceptions; Algorithm design and analysis; Computer crashes; Instruments; Optimization; Personnel; Registers; Software; Software engineering; crash analysis; exception classification; taint analysis;

fLanguage

English

Publisher

ieee

Conference_Titel

P2P, Parallel, Grid, Cloud and Internet Computing (3PGCIC), 2014 Ninth International Conference on

Conference_Location

Guangdong

Type

conf

DOI

10.1109/3PGCIC.2014.100

Filename

7024634