• Documents
  • Authors
  • Tables
  • Log in
  • Sign up
  • MetaCart
  • Donate

CiteSeerX logo

Advanced Search Include Citations
Advanced Search Include Citations | Disambiguate

A First Step towards Automated Detection of Buffer Overrun Vulnerabilities (2000)

Cached

Download Links

  • [www.cs.umd.edu]
  • [www.cs.umd.edu]
  • [www.isoc.org]
  • [www.eecs.umich.edu]
  • [www.bennetyee.org]
  • [www.bennetyee.org]
  • [www.bennetyee.org]
  • [www.bennetyee.org]
  • [www.simovits.com]
  • [www.cs.cornell.edu]
  • [www.cs.berkeley.edu]
  • [HTTP.CS.Berkeley.EDU]
  • [www.cs.umd.edu]
  • [www.scs.stanford.edu]
  • [now.cs.berkeley.edu]
  • [www.cs.berkeley.edu]
  • [http.cs.berkeley.edu]
  • [www.eecs.berkeley.edu]
  • [www.gnucash.org]
  • [www.cs.stonybrook.edu]
  • [alum.cs.sunysb.edu]
  • [www.cs.sunysb.edu]
  • [www.dmi.unipg.it]
  • [www.cs.berkeley.edu]
  • [http.cs.berkeley.edu]
  • [www.eecs.berkeley.edu]
  • [www.gnucash.org]
  • [theory.stanford.edu]
  • [theory.stanford.edu]

  • Other Repositories/Bibliography

  • DBLP
  • Save to List
  • Add to Collection
  • Correct Errors
  • Monitor Changes
by David Wagner , Jeffrey S. Foster , Eric A. Brewer , Alexander Aiken
Venue:IN NETWORK AND DISTRIBUTED SYSTEM SECURITY SYMPOSIUM
Citations:385 - 9 self
  • Summary
  • Citations
  • Active Bibliography
  • Co-citation
  • Clustered Documents
  • Version History

BibTeX

@INPROCEEDINGS{Wagner00afirst,
    author = {David Wagner and Jeffrey S. Foster and Eric A. Brewer and Alexander Aiken},
    title = {A First Step towards Automated Detection of Buffer Overrun Vulnerabilities},
    booktitle = {IN NETWORK AND DISTRIBUTED SYSTEM SECURITY SYMPOSIUM},
    year = {2000},
    pages = {3--17},
    publisher = {}
}

Share

Facebook Twitter Reddit Bibsonomy

OpenURL

 

Abstract

We describe a new technique for finding potential buffer overrun vulnerabilities in security-critical C code. The key to success is to use static analysis: we formulate detection of buffer overruns as an integer range analysis problem. One major advantage of static analysis is that security bugs can be eliminated before code is deployed. We have implemented our design and used our prototype to find new remotely-exploitable vulnerabilities in a large, widely deployed software package. An earlier hand audit missed these bugs.

Keyphrases

first step towards automated detection    buffer overrun vulnerability    static analysis    new technique    integer range analysis problem    new remotely-exploitable vulnerability    hand audit    buffer overrun    software package    major advantage    potential buffer overrun vulnerability    security bug    security-critical code   

Powered by: Apache Solr
  • About CiteSeerX
  • Submit and Index Documents
  • Privacy Policy
  • Help
  • Data
  • Source
  • Contact Us

Developed at and hosted by The College of Information Sciences and Technology

© 2007-2016 The Pennsylvania State University