用动态二进制工具识别堆栈溢出漏洞

2015 International Conference on Industrial Informatics - Computing Technology, Intelligent Technology, Industrial Information Integration Pub Date : 2015-12-03 DOI:10.1109/ICIICII.2015.147

Quanchen Zou, Wei Huang, Jing An, Wenqing Fan

{"title":"用动态二进制工具识别堆栈溢出漏洞","authors":"Quanchen Zou, Wei Huang, Jing An, Wenqing Fan","doi":"10.1109/ICIICII.2015.147","DOIUrl":null,"url":null,"abstract":"This paper describes DStack, a dynamic binary instrumentation tool for identifying overflows in stack frames in C and C++ programs. This technique is designed for detecting if a particular stack value, namely a return address, was corrupted because of a stack overflow. Thus, DStack is useful for identifying intrusion attempts but also for checking the run-time robustness of applications. We implemented a proof-of-concept tool based on Pin, a popular dynamic binary instrumentation framework. We have evaluated the tool on two real-world CVE vulnerability and the results shown that it can help identify the root causes of stack overflow effectively.","PeriodicalId":349920,"journal":{"name":"2015 International Conference on Industrial Informatics - Computing Technology, Intelligent Technology, Industrial Information Integration","volume":"31 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2015-12-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Identify Stack Overflow Exploits with Dynamic Binary Instrumentation\",\"authors\":\"Quanchen Zou, Wei Huang, Jing An, Wenqing Fan\",\"doi\":\"10.1109/ICIICII.2015.147\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"This paper describes DStack, a dynamic binary instrumentation tool for identifying overflows in stack frames in C and C++ programs. This technique is designed for detecting if a particular stack value, namely a return address, was corrupted because of a stack overflow. Thus, DStack is useful for identifying intrusion attempts but also for checking the run-time robustness of applications. We implemented a proof-of-concept tool based on Pin, a popular dynamic binary instrumentation framework. We have evaluated the tool on two real-world CVE vulnerability and the results shown that it can help identify the root causes of stack overflow effectively.\",\"PeriodicalId\":349920,\"journal\":{\"name\":\"2015 International Conference on Industrial Informatics - Computing Technology, Intelligent Technology, Industrial Information Integration\",\"volume\":\"31 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2015-12-03\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2015 International Conference on Industrial Informatics - Computing Technology, Intelligent Technology, Industrial Information Integration\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICIICII.2015.147\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2015 International Conference on Industrial Informatics - Computing Technology, Intelligent Technology, Industrial Information Integration","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICIICII.2015.147","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 2

摘要

DStack是一种动态二进制检测工具，用于识别C和c++程序中堆栈帧中的溢出。该技术用于检测是否由于堆栈溢出而损坏了特定的堆栈值(即返回地址)。因此，DStack对于识别入侵尝试很有用，但对于检查应用程序的运行时健壮性也很有用。我们实现了一个基于Pin的概念验证工具，Pin是一个流行的动态二进制仪器框架。我们在两个真实的CVE漏洞上对该工具进行了评估，结果表明它可以有效地帮助识别堆栈溢出的根本原因。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Identify Stack Overflow Exploits with Dynamic Binary Instrumentation

This paper describes DStack, a dynamic binary instrumentation tool for identifying overflows in stack frames in C and C++ programs. This technique is designed for detecting if a particular stack value, namely a return address, was corrupted because of a stack overflow. Thus, DStack is useful for identifying intrusion attempts but also for checking the run-time robustness of applications. We implemented a proof-of-concept tool based on Pin, a popular dynamic binary instrumentation framework. We have evaluated the tool on two real-world CVE vulnerability and the results shown that it can help identify the root causes of stack overflow effectively.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2015 International Conference on Industrial Informatics - Computing Technology, Intelligent Technology, Industrial Information Integration

自引率

0.00%

发文量