A Hierarchical Static Detection Method Research In View Of The C Program Buffer Overflow Vulnerabilities

As the program of buffer overflow vulnerabilities has attracted moreand more attention in the field of information security, People graduallycarried out a series of methods for the proving the precision of staticdetection problem of buffer overflow vulnerabilities.This paper proposes a hierarchical static detection method researchin view of the buffer overflow vulnerability of C programs. We designand implement the three modules. They are respective detection module(the first level), filter module (the second level) and output module.Among them, detection module belongs to the first level of the detectingvulnerability. Based on a few classical lexical analysis tools, the first leveldetection module uses reliable tool model to construct the credible andextensible risk function database. The database can embed in static tool todetect buffer overflow vulnerabilities. The first level detection modulecan achieve the purpose of reduce false negative and false positive. Filtermodule belongs to the second level of the detecting vulnerability. Filtermodule uses warning information in the output of detection module anduses the static backward slicing technique to further reduce the falsepositive. Based on the warning information of the output, we extractstatic backward slicing. Warning program slice is formalized abstractioninto Boolean formula to solve it by the SAT solver. It is to determine theslicing true or false. Output module is a summary of the previous twomodules. Output module is used for synthesizing analysis result of thefirst level detection module and the second level filter module as the finaloutput of a detection tool to improve the accuracy.The experimental results show that, hierarchical static detectionmethods of buffer overflow vulnerability in view of the C program cansolve the high false negative and high false positive problem of lightweight static detection tools from a certain extent. Compared withthe original tool detection results, this research can improve the accuracyand credibility of the analytical tools from the layer to a certain andreduce the workload of safety inspectors.