A Static Comprehensive Analytical Method for Buffer Overflow Vulnerability Detection

DOI

10.2991/cset-16.2016.37How to use a DOI?

Keywords

Buffer overflow, vulnerability detection, comprehensive analysis, reliability weights

Abstract

Buffer overflow vulnerability is a widespread and dangerous security problem. Detecting buffer overflow vulnerability has great research value in information security area. This paper proposesa static comprehensive analyticalmethod for buffer overflow vulnerability detection. Firstly, this methodadoptsmany kinds of static detection tools fordetectingthe source codes and producingtheir own detectingreports. Secondly, comprehensive analysis is implemented toevaluatethe reliability weights of detecting tools by training process withdetection results, and further optimize the detection results. This training process can improve the efficiency of discovering buffer overflow vulnerabilities withlower rate of omissions and misstatements.The experimental results show that compared with singlestatic detection methods, the rates of both false alert and missed alert decrease significantly.

Copyright

© 2016, the Authors. Published by Atlantis Press.

Open Access

This is an open access article distributed under the CC BY-NC license (http://creativecommons.org/licenses/by-nc/4.0/).

Download article (PDF)

TY  - CONF
AU  - Bilin Shao
AU  - Jiafen Yan
AU  - Genqing Bian
AU  - Yu Zhao
AU  - Dan Song
PY  - 2016/08
DA  - 2016/08
TI  - A Static Comprehensive Analytical Method for Buffer Overflow Vulnerability Detection
BT  - Proceedings of the 2016 International Conference on Computer Science and Electronic Technology
PB  - Atlantis Press
SP  - 151
EP  - 155
SN  - 2352-538X
UR  - https://doi.org/10.2991/cset-16.2016.37
DO  - 10.2991/cset-16.2016.37
ID  - Shao2016/08
ER  -