Title :
Towards a Flaw Function Heuristic Vulnerability Static Analysis Framework for Executable File
Author :
Liu, Qiang ; Chen, Hua ; Wen, Yan ; Li, Xiang
Author_Institution :
Beijing Inst. of Syst. Eng., Beijing, China
Abstract :
The misuse of flaw functions is one of the key reasons causing software vulnerabilites. In our study, this type of vulnerability is termed as MFFV (Vulnerability of Flaw Function Misusing). In this paper, we propose a novel framework for analyzing the flaw function heuristic vulnerabilities. In this framework, the procedure to analyze MFFV is composed of three stages: firstly, MFFV pre-analysis engine builds the intermediate representation via reverse engineering technique, and meanwhile the flaw functions are identified according to the function signature technology. Secondly, MFFV analysis engine picks up the suspicious hot points, and attaches a label to each of them. The label records the code slice, flaw function information and context. In the third stage, MFFV scheduler invokes a series of related checkers to perform precise checks on all the hot points. Besides, we implement a prototype to verify the feasibility of our proposed framework.
Keywords :
program diagnostics; reverse engineering; security of data; software reliability; MFFV analysis engine; executable file; flaw function heuristic vulnerability; function signature technology; reverse engineering technique; software vulnerabilites; static analysis framework; Binary codes; Fault diagnosis; Libraries; Prototypes; Schedules; Security; Software; Vulnerability; flaw function; framework; static analysis;
Conference_Titel :
Mobile Ad-hoc and Sensor Networks (MSN), 2011 Seventh International Conference on
Conference_Location :
Beijing
Print_ISBN :
978-1-4577-2178-6
DOI :
10.1109/MSN.2011.81
