A Research On Precise Detection Approach Of Buffer Overflow Vulnerability

Nowadays,software is an important part of computer system.However,software often contains vulnerabilities that attackers can use to attack,which propose a new challenge to software security.Among these vulnerabilities,buffer overflow is one of the most common types.Buffer overflow happens during runtime when a buffer is given data which is longer than the buffer can hold.As a result,the stack of the program can be changed to execute attacker’s command.Lacking of necessary bound checking for buffer overflow access is the root cause.Currently,there are two kinds of solutions:static program analysis and dynamic testing.Dynamic testing relies heavily on test cases,and usually has an excessive amount of performance overhead.On the other hand,static program analysis can find vulnerabilities before software deployment and can be applied automatically.These reasons make static program analysis popular in industry.However,static analysis has no information on the runtime buffer status,which leads to lots of false-positives.Some of these false-positives come from omitting the prevention in the code which can prevent buffer overflow from happening.This paper targets at these false-positives to research precise detection of buffer overflow vulnerabilities.This paper has following contributions:1.This dissertation proposes buffer overflow vulnerability model.By studying buf-fer overflow APIs in C/C++ and real-world cases,this paper establishes a buffer overflow model which contains the distribution model of buffer overflow APIs,the root cause for buffer overflow and the fix patterns of buffer overflow.2.This dissertation proposes a static analysis technique for buffer overflow de-tection which can identify prevention code.It is based on buffer overflow model and can identify the prevention code during the static analysis.As a result,the number of false-positives which are caused by omitting buffer overflow preven-tion code can be reduced.Based on this technique,this paper develops a buffer overflow detection tool called BoChecker.An experiment is conducted on 100 real-world cases using BoChecker.The result shows that the false-negative rate is 45.0%and the false-positive rate is 29.1%,which are better than other tools in the experiment.3.This dissertation proposes a warning processing technique for buffer overflow warnings,which is based on machine learning.It uses the buffer overflow mo-del and static analysis warnings to reanalyze the program.During the process,features are extracted and a random forest model will be built.This model then can predict the false-positives in static analysis warnings.Based on this techni-que,this paper develops a static warning processing tool called BoWFilter for buffer overflow.This paper also shows an experiment conducted on 545 war-nings from Checkmar x using BoWFilter.The result shows that the precision of predicting false-positive is 92.9%and the precision of predicting non-false-positive is 88.5%.