English
Related papers

Related papers: BASICS: Binary Analysis and Stack Integrity Checke…

200 papers

In this paper, we present a hybrid approach for buffer overflow detection in C code. The approach makes use of static and dynamic analysis of the application under investigation. The static part consists in calculating taint dependency…

Cryptography and Security · Computer Science 2013-05-17 Sanjay Rawat , Dumitru Ceara , Laurent Mounier , Marie-Laure Potet

2LS ("tools") is a verification tool for C programs, built upon the CPROVER framework. It allows one to verify user-specified assertions, memory safety properties (e.g. buffer overflows), numerical overflows, division by zero, memory leaks,…

Software Engineering · Computer Science 2023-02-07 Daniel Kroening , Viktor Malík , Peter Schrammel , Tomáš Vojnar

Context: In C, low-level errors, such as buffer overflow and use-after-free, are a major problem, as they cause security vulnerabilities and hard-to-find bugs. C lacks automatic checks, and programmers cannot apply defensive programming…

Programming Languages · Computer Science 2017-12-05 Manuel Rigger , Rene Mayrhofer , Roland Schatz , Matthias Grimmer , Hanspeter Mössenböck

Cyber-Physical Systems (CPS) are being widely adopted in critical infrastructures, such as smart grids, nuclear plants, water systems, transportation systems, manufacturing and healthcare services, among others. However, the increasing…

Cryptography and Security · Computer Science 2021-11-23 Eyasu Getahun Chekole , Martin Ochoa , Sudipta Chattopadhyay

The main stretch in the paper is buffer overflow anomaly occurring in major source codes, designed in various programming language. It describes the various as to how to improve your code and increase its strength to withstand security…

Cryptography and Security · Computer Science 2012-08-17 Manas Gaur

In languages like C, buffer overflows are widespread. A common mitigation technique is to use tools that detect them during execution and abort the program to prevent the leakage of data or the diversion of control flow. However, for server…

Cryptography and Security · Computer Science 2018-11-26 Manuel Rigger , Daniel Pekarek , Hanspeter Mössenböck

Buffer overflow detection and mitigation for C programs has been an important concern for a long time. This paper defines a string buffer overflow analysis for C programs. The key ideas of our formulation are (a) separating buffers from the…

Programming Languages · Computer Science 2014-12-30 Uday P. Khedker

Owing to the continued use of C (and C++), spatial safety violations (e.g., buffer overflows) still constitute one of today's most dangerous and prevalent security vulnerabilities. To combat these violations, Checked C extends C with…

Programming Languages · Computer Science 2022-03-28 Aravind Machiry , John Kastner , Matt McCutchen , Aaron Eline , Kyle Headley , Michael Hicks

One of the most significant challenges in the field of software code auditing is the presence of vulnerabilities in software source code. Every year, more and more software flaws are discovered, either internally in proprietary code or…

Cryptography and Security · Computer Science 2023-06-16 Mst Shapna Akter , Hossain Shahriar , Juan Rodriguez Cardenas , Sheikh Iqbal Ahamed , Alfredo Cuzzocrea

Computer-based systems have solved several domain problems, including industrial, military, education, and wearable. Nevertheless, such arrangements need high-quality software to guarantee security and safety as both are mandatory for…

Annex K of C11, bounds-checking interfaces, recently introduced a set of alternative functions to mitigate buffer overflows, primarily those caused by string/memory functions. However, poor compatibility limits their adoption. Failure…

Cryptography and Security · Computer Science 2020-04-21 Kang Sun , Daliang Xu , Dongwei Chen , Xu Cheng , Dong Tong

Integer overflows have threatened software applications for decades. Thus, in this paper, we propose a novel technique to provide automatic repairs of integer overflows in C source code. Our technique, based on static symbolic execution,…

Software Engineering · Computer Science 2019-10-15 Paul Muntean , Martin Monperrus , Hao Sun , Jens Grossklags , Claudia Eckert

In the last three decades, memory safety issues in system programming languages such as C or C++ have been one of the significant sources of security vulnerabilities. However, there exist only a few attempts with limited success to cope…

Software Engineering · Computer Science 2021-07-05 Felipe R. Monteiro , Mikhail R. Gadelha , Lucas C. Cordeiro

This paper presents a novel tool, named Rampo, that can perform binary code analysis to identify cyber kinetic vulnerabilities in CPS. The tool takes as input a Signal Temporal Logic (STL) formula that describes the kinetic effect, i.e.,…

Cryptography and Security · Computer Science 2025-11-24 Kohei Tsujio , Mohammad Abdullah Al Faruque , Yasser Shoukry

Binary program analysis represents a fundamental pillar of modern system security. Fine-grained methodologies like dynamic taint analysis still suffer from deployment complexity and performance overhead despite significant progress.…

Software Engineering · Computer Science 2026-02-04 Zhangbo Long , Letian Sha , Jiaye Pan , Haiping Huang , Dongpeng Xu , Yifei Huang , Fu Xiao

Component-based software development (CBSD) is an alternative approach to constructing software systems that offers numerous benefits, particularly in decreasing the complexity of system design. However, deploying components into a system…

Software Engineering · Computer Science 2021-05-28 Faranak Nejati , Abdul Azim Abd. Ghani , Ng Keng Yap , Azmi Jaafar

This paper tackles the problem of designing efficient binary-level verification for a subset of information flow properties encompassing constant-time and secret-erasure. These properties are crucial for cryptographic implementations, but…

Cryptography and Security · Computer Science 2022-09-05 Lesly-Ann Daniel , Sébastien Bardin , Tamara Rezk

Soft errors are a type of transient digital signal corruption that occurs in digital hardware components such as the internal flip-flops of CPU pipelines, the register file, memory cells, and even internal communication buses. Soft errors…

Software Engineering · Computer Science 2026-05-05 Yousun Ko , Bernd Burgstaller

Despite the recent advances in pre-production bug detection, heap-use-after-free and heap-buffer-overflow bugs remain the primary problem for security, reliability, and developer productivity for applications written in C or C++, across all…

Memory corruption is an important class of vulnerability that can be leveraged to craft control flow hijacking attacks. Control Flow Integrity (CFI) provides protection against such attacks. Application of type-based CFI policies requires…

Cryptography and Security · Computer Science 2024-01-17 Ruturaj K. Vaidya , Prasad A. Kulkarni
‹ Prev 1 2 3 10 Next ›