Detecting Buffer Boundary Violations Based on SVM

Abstract

In this paper a new vulnerability detecting method is proposed to detect buffer boundary violations. The main idea is to use the metric of array index manipulation rather than using any heuristic method. We employ a SVM-based classifier to classify the vulnerable functions and innocent functions. Then the vulnerable functions are fed to function call graph guided symbolic execution to precisely determine whether they are true vulnerability or not. By the above measures, buffer boundary violations can be detected precisely and efficiently.