DocumentCode
2827295
Title
DsVD: An Effective Low-Overhead Dynamic Software Vulnerability Discoverer
Author
Wang, Zhuo ; Tang, Zhushou ; Zhou, Kan ; Zhang, Ruoyu ; Qi, Zhengwei ; Guan, Haibin
Author_Institution
Sch. of Software, Shanghai Jiao Tong Univ., Shanghai, China
fYear
2011
fDate
23-27 March 2011
Firstpage
372
Lastpage
377
Abstract
Dynamic taint analysis based software vulnerability and malware detection is an effective method to detect a wide range of vulnerabilities. Unfortunately, existing systems suffer from requirement of source code, high overhead or shortage of discovery rules, which limit their usage. This paper proposes a low-overhead vulnerability discovery system called DsVD (Dynamic Software Vulnerabilities Discoverer). DsVD works on X86 executables and does not need any hardware change. A new taint state called controlled-taint is introduced to detect more types of vulnerabilities. Our experiments show that DsVD can effectively detect various software vulnerabilities. DsVD incurs very low overhead, only 3.1 times on average for SPECINT2006 benchmarks. With some optimizations such as Irrelevant API Filter and Basic Block Handling, it can reduce runtime overhead by a factor of 4-11 times.
Keywords
application program interfaces; invasive software; optimisation; software reliability; DsVD; SPECINT2006 benchmarks; X86 executables; basic block handling; controlled-taint; discovery rules; dynamic software vulnerability discoverer; dynamic taint analysis; hardware change; irrelevant API filter; low-overhead vulnerability discovery system; malware detection; optimizations; runtime overhead; source code; Instruments; Optimization; Program processors; Registers; Runtime; Security; Dynamic Taint Analysis; Software Security; Vulnerability Discovery;
fLanguage
English
Publisher
ieee
Conference_Titel
Autonomous Decentralized Systems (ISADS), 2011 10th International Symposium on
Conference_Location
Tokyo & Hiroshima
Print_ISBN
978-1-61284-213-4
Type
conf
DOI
10.1109/ISADS.2011.56
Filename
5741384
Link To Document