Detecting Buffer Overflows Using Testcase Synthesis and Code Instrumentation

@inproceedings{Lippmann2005DetectingBO,
  title={Detecting Buffer Overflows Using Testcase Synthesis and Code Instrumentation},
  author={Richard Lippmann},
  year={2005}
}
The research presented in this thesis aims to improve existing approaches to dynamic buffer overflow detection by developing a system that utilizes code instrumentation and adaptive test case synthesis to find buffer overflows and corresponding failure-inducing inputs automatically. An evaluation of seven modern dynamic buffer overflow detection tools determined that C Range Error Detector (CRED) is capable of providing fine-grained buffer access information necessary for the creation of this… CONTINUE READING
6 Citations
42 References
Similar Papers

References

Publications referenced by this paper.
Showing 1-10 of 42 references

Geyik: A random-sentence generator, taking BNF as input

  • Berke Durak
  • http://abaababa.ouvaton.org/caml/,
  • 2004
Highly Influential
11 Excerpts

Valgrind: A GPL’d system for debugging and profiling x86-linux programs

  • Nick Nethercote Julian Seward, Jeremy Fitzhardinge
  • http://valgrind.kde.org,
  • 2004
Highly Influential
10 Excerpts

GCC extension for protecting applications from stack smashing attacks. http://www.trl.ibm.com/projects/security/ssp

  • Hiroaki Etoh
  • 2003
Highly Influential
20 Excerpts

Securing software: An evaluation of static source code analyzers

  • Misha Zitser
  • Master’s thesis, Massachusetts Institute of…
  • 2003
Highly Influential
4 Excerpts

Similar Papers

Loading similar papers…