首页 | 本学科首页   官方微博 | 高级检索  
     

整数漏洞研究:安全模型、检测方法和实例
引用本文:孙浩,曾庆凯.整数漏洞研究:安全模型、检测方法和实例[J].软件学报,2015,26(2):413-426.
作者姓名:孙浩  曾庆凯
作者单位:计算机软件新技术国家重点实验室南京大学, 江苏 南京 210023;南京大学 计算机科学与技术系, 江苏 南京 210023,计算机软件新技术国家重点实验室南京大学, 江苏 南京 210023;南京大学 计算机科学与技术系, 江苏 南京 210023
基金项目:国家自然科学基金(61170070, 61431008, 61321491); 国家科技支撑计划(2012BAK26B01)
摘    要:C/C++语言中整型的有限表示范围、不同符号或长度间的类型转换导致了整数漏洞的发生,包括整数上溢、整数下溢、符号错误和截断错误.攻击者常常间接利用整数漏洞实施诸如恶意代码执行、拒绝服务等攻击行为.综述了整数漏洞的研究进展,从缺陷发生后行为的角度提出了新的整数漏洞安全模型,总结了判定整数漏洞的充分条件.从漏洞判定规则对充分条件覆盖的角度对现有检测方法进行比较和分析.通过实例分析,讨论了整数漏洞在现实中的特征分布.最后指出了整数漏洞研究中存在的挑战和有待进一步研究的问题.

关 键 词:整数漏洞  缺陷发生后行为  安全模型  故意使用  实例研究
收稿时间:5/4/2014 12:00:00 AM
修稿时间:2014/7/16 0:00:00

Research on Integer-Based Vulnerabilities: Security Model, Detecting Methods and Real-World Cases
SUN Hao and ZENG Qing-Kai.Research on Integer-Based Vulnerabilities: Security Model, Detecting Methods and Real-World Cases[J].Journal of Software,2015,26(2):413-426.
Authors:SUN Hao and ZENG Qing-Kai
Affiliation:State Key Laboratory for Novel Software Technology Nanjing University, Nanjing 210023, China;Department of Computer Science and Technology, Nanjing University, Nanjing 210023, China and State Key Laboratory for Novel Software Technology Nanjing University, Nanjing 210023, China;Department of Computer Science and Technology, Nanjing University, Nanjing 210023, China
Abstract:In C/C+ language, limited rages represented by integer types and castings between different signs or widths cause integer-based weakness, including integer overflow, integer underflow, signedness error and truncation error. Attackers usually exploit them indirectly to commit damaging acts such as arbitrary code execution and denial of service. This paper presents a survey on integer-based vulnerabilities. A novel security model is proposed in view of behaviors resulting from the weakness occurrence, and the sufficient conditions in determining integer-based vulnerabilities are also presented. A thorough comparison among detecting methods is further conducted in consideration of covering sufficient conditions. Through an empirical study on real-world integer bug cases, the characteristics and distributions are discussed. Finally, the challenges and research directions of integer-based vulnerabilities are explored.
Keywords:integer-based vulnerability  behaviors after weakness  security model  intentional uses  empirical study
本文献已被 CNKI 等数据库收录!
点击此处可从《软件学报》浏览原始摘要信息
点击此处可从《软件学报》下载全文
设为首页 | 免责声明 | 关于勤云 | 加入收藏

Copyright©北京勤云科技发展有限公司  京ICP备09084417号