1 / 9

Presented by: José Troche

Testing Static Analysis Tools using Exploitable Buffer Overflows from Open Source Code Zitser, Lippmann & Leek. Presented by: José Troche. Motivation. Real attacks in server software Malicious code and DoS Why Static Analysis tools? Dynamic approach is expensive & incomplete

elisha
Download Presentation

Presented by: José Troche

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Testing Static Analysis Tools using Exploitable Buffer Overflows from Open Source CodeZitser, Lippmann & Leek Presented by: José Troche

  2. Motivation • Real attacks in server software • Malicious code and DoS • Why Static Analysis tools? • Dynamic approach is expensive & incomplete • Safe languages make runtime checks • Perform an unbiased evaluation

  3. Tools Evaluated

  4. Test Cases • BIND (4) • Most popular DNS server • WU-FTPD (3) • Popular FTP daemon • Sendmail (7) • Dominant mail transfer agent Total vulnerabilities: 14

  5. Initial experience (145K lines) • Splint issued parse errors • ARCHER quit with a Div/0 error • PolySpace run 4 days and quit

  6. New Testing Approach • Create lower scale models • BAD vs. OK version • Retrospective analysis

  7. Results

  8. Discussion • Detection Rate: 3 of 5 < 5% • High rate of false alarms (1 in 12 & 46) • Results only on marked lines • Insensitive to corrections (<40%) • None was able to analyze sendmail

  9. Conclusion • Results are promising: • Errors were detected • Need of improvement because of: • False positives • Poor discrimination

More Related