loading
Papers Papers/2022 Papers Papers/2022

Research.Publish.Connect.

Paper

Authors: Luís Ferreirinha and Ibéria Medeiros

Affiliation: LASIGE, Departamento de Informática, Faculdade de Ciências, Universidade de Lisboa, Portugal

Keyword(s): Stack Buffer Overflow, Assembly, Model Checking, Linear Temporal Logic, Static Analysis, Software Security.

Abstract: The C programming language, prevalent in Cyber-Physical Systems, is crucial for system control where reliability is critical. However, it is notably susceptible to vulnerabilities, particularly buffer overflows that are ranked among the most dangerous due to their potential for catastrophic consequences. Traditional techniques, such as static analysis, often struggle with scalability and precision when detecting these vulnerabilities in the binary code of compiled C programs. This paper introduces a novel approach designed to overcome these limitations by leveraging model checking techniques to verify security properties within a program’s stack memory. To verify these properties, we propose the construction of a state space of the stack memory from a binary program’s control flow graph. Security properties, modelled for stack buffer overflow vulnerabilities and defined in Linear Temporal Logic, are verified against this state space. When violations are detected, counter-example trac es are generated to undergo a reverse-flow analysis process to identify specific instances of stack buffer overflow vulnerabilities. This research aims to provide a scalable and precise approach to vulnerability detection in C binaries. (More)

CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 18.222.22.49

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Ferreirinha, L. and Medeiros, I. (2024). On the Path to Buffer Overflow Detection by Model Checking the Stack of Binary Programs. In Proceedings of the 19th International Conference on Evaluation of Novel Approaches to Software Engineering - ENASE; ISBN 978-989-758-696-5; ISSN 2184-4895, SciTePress, pages 719-726. DOI: 10.5220/0012732700003687

@conference{enase24,
author={Luís Ferreirinha. and Ibéria Medeiros.},
title={On the Path to Buffer Overflow Detection by Model Checking the Stack of Binary Programs},
booktitle={Proceedings of the 19th International Conference on Evaluation of Novel Approaches to Software Engineering - ENASE},
year={2024},
pages={719-726},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0012732700003687},
isbn={978-989-758-696-5},
issn={2184-4895},
}

TY - CONF

JO - Proceedings of the 19th International Conference on Evaluation of Novel Approaches to Software Engineering - ENASE
TI - On the Path to Buffer Overflow Detection by Model Checking the Stack of Binary Programs
SN - 978-989-758-696-5
IS - 2184-4895
AU - Ferreirinha, L.
AU - Medeiros, I.
PY - 2024
SP - 719
EP - 726
DO - 10.5220/0012732700003687
PB - SciTePress

- Science and Technology Publications, Lda.
RESOURCES

Proceedings

Papers

Authors

Ontology

CONTACTS

Science and Technology Publications, Lda
Avenida de S. Francisco Xavier, Lote 7 Cv. C,
2900-616 Setúbal, Portugal.

Phone: +351 265 520 185 (National fixed network call)
Fax: +351 265 520 186
Email: info@scitepress.org

EXTERNAL LINKS

PRIMORIS

INSTICC

SCITEVENTS

CROSSREF

PROCEEDINGS SUBMITTED FOR INDEXATION BY:

dblp

Ei Compendex

SCOPUS

Semantic Scholar

Google Scholar

Microsoft Academic