Skip to main content
Springer Nature Link
Log in

RICB: Integer Overflow Vulnerability Dynamic Analysis via Buffer Overflow

  • Conference paper
Forensics in Telecommunications, Information, and Multimedia (e-Forensics 2010)

  • 921 Accesses

Abstract

Integer overflow vulnerability will cause buffer overflow. The research on the relationship between them will help us to detect integer overflow vulnerability. We present a dynamic analysis methods RICB (Run-time Integer Checking via Buffer overflow). Our approach includes decompile execute file to assembly language; debug the execute file step into and step out; locate the overflow points and checking buffer overflow caused by integer overflow. We have implemented our approach in three buffer overflow types: format string overflow, stack overflow and heap overflow. Experiments results show that our approach is effective and efficient. We have detected more than 5 known integer overflow vulnerabilities via buffer overflow.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Wang, T.L., Wei, T., Lin, Z.Q., Zou, W.: Automatically Detecting Integer Overflow Vulnerability in X86 Binary Using Symbolic Execution. In: Proceedings of the 16th Network and Distributed System Security Symposium, San Diego, CA, pp. 1–14 (2009)

    Google Scholar 

  2. Zhang, S.R., Xu, L., Xu, B.W.: Method of Integer Overflow Detection to Avoid Buffer Overflow. Journal of Southeast University (English Edition) 25, 219–223 (2009)

    Google Scholar 

  3. Cadar, C., Dunbar, D., Engler, D.: KLEE: Unassisted and Automatic Generation of High-Coverage Tests for Complex Systems Programs. In: Proceedings of the USENIX Symposium on Operating Systems Design and Implementation (OSDI 2008), San Diego, CA (2008)

    Google Scholar 

  4. Brumley, D., Chiueh, T.C., Johnson, R., Lin, H., Song, D.: Rich: Automatically Protecting Against Integer-based Vulnerabilities. In: Proceedings of the 14th Annual Network and Distributed System Security Symposium, NDSS (2007)

    Google Scholar 

  5. Cadar, C., Ganesh, V., Pawlowski, P.M., Dill, D.L., Engler, D.R.: Exe: Automatically Generating Inputs of Death. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, CCS 2006, pp. 322–335 (2006)

    Google Scholar 

  6. Dor, N., Rodeh, M., Sagiv, M.: CSSV: Towards a Realistic Tool for Statically Detecting all Buffer Overflows. In: Proceedings of the ACM SIGPLAN 2003 Conference on Programming Language Design and Implementation, San Diego, pp. 155–167 (2003)

    Google Scholar 

  7. Haugh, E., Bishop, M.: Testing C Programs for Buffer overflow Vulnerabilities. In: Proceedings of the10th Network and Distributed System Security Symposium, NDSS SanDiego, pp. 123–130 (2003)

    Google Scholar 

  8. Wilander, J., Kamkar, M.: A Comparison of Publicly Available Tools for Dynamic Buffer Overflow Prevention. In: Proceedings of the 10th Network and Distributed System Security Symposium, NDSS 2003, SanDiego, pp. 149–162 (2003)

    Google Scholar 

  9. Lhee, K.S., Chapin, S.J.: Buffer Overflow and Format String Overflow Vulnerabilities, Sofware-Practice and Experience, pp. 1–38. John Wiley & Sons, Chichester (2002)

    Google Scholar 

  10. Gok, M.: Integer squarers with overflow detection, Computers and Electrical Engineering, pp. 378–391. Elsevier, Amsterdam (2008)

    MATH  Google Scholar 

  11. Gok, M.: Integer Multipliers with Overflow Detection. IEEE Transactions on Computers 55, 1062–1066 (2006)

    Article  Google Scholar 

  12. Godefroid, P., Levin, M., Molnar, D.: Automated whitebox fuzz testing. In: Proceedings of the 15th Annual Network and Distributed System Security Symposium (NDSS), San Diego, CA (2008)

    Google Scholar 

  13. Cowan, C., Barringer, M., Beattie, S., Kroah-Hartman, G.: FormatGuard: Automatic Protection From printf Format String Vulnerabilities. In: Proceedings of the 10th USENIX Security Symposium. USENIX Association, Sydney (2001)

    Google Scholar 

  14. Wang, Y., Gu, D.W., Wen, M., Xu, J.P., Li, H.M.: Denial of Service Detection with Hybrid Fuzzy Set Based Feed Forward Neural Network. In: Zhang, L., Lu, B.-L., Kwok, J. (eds.) ISNN 2010. LNCS, vol. 6064, pp. 576–585. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  15. Wang, Y., Gu, D.W., Wen, M., Li, H.M., Xu, J.P.: Classification of Malicious Software Behaviour Detection with Hybrid Set Based Feed Forward Neural Network. In: Zhang, L., Lu, B.-L., Kwok, J. (eds.) ISNN 2010. LNCS, vol. 6064, pp. 556–565. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Compute Science and Technology, Shanghai University of Electric Power, 20090, Shanghai, China

    Yong Wang, Jianping Xu & Mi Wen

  2. Department of Computer Science and Engineering, Shanghai Jiao Tong University, 200240, Shanghai, China

    Yong Wang & Dawu Gu

  3. Shanghai Changjiang Computer Group Corporation, 200001, China

    Liwen Deng

Authors
  1. Yong Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Dawu Gu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jianping Xu
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Mi Wen
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Liwen Deng
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computer Science and Engineering, Shanghai Jiao Tong University, 800 Dong Chuan Road, 200240, Shanghai, P.R. China

    Xuejia Lai  & Dawu Gu  & 

  2. The 3rd Research Institute of Ministry of Public Security, 339 bi Shen Road, A 303, Zhang Jiang, Pu Dong, 210031, Shangahi, P.R. China

    Bo Jin

  3. East China University of Political Science and Law, No. 555, Longyuan Road, Songjiang District, 201620, Shanghai, China

    Yongquan Wang

  4. Xidian University, P.O. Box 101, 710071, Xian, Shaanxi, P.R. China

    Hui Li

Rights and permissions

Reprints and permissions

Copyright information

© 2011 ICST Institute for Computer Science, Social Informatics and Telecommunications Engineering

About this paper

Cite this paper

Wang, Y., Gu, D., Xu, J., Wen, M., Deng, L. (2011). RICB: Integer Overflow Vulnerability Dynamic Analysis via Buffer Overflow. In: Lai, X., Gu, D., Jin, B., Wang, Y., Li, H. (eds) Forensics in Telecommunications, Information, and Multimedia. e-Forensics 2010. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 56. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-23602-0_9

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-23602-0_9

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-23601-3

  • Online ISBN: 978-3-642-23602-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics