Automata-Based Symbolic String Analysis for Vulnerability Detection | NCCU Academic Hub

學術產出-Periodical Articles

Article View/Open

pdf(1248)

Publication Export

Google Scholar^TM

政大圖書館

學術資源探索系統

Citation Infomation

Simple Record
Full Record

題名	Automata-Based Symbolic String Analysis for Vulnerability Detection
作者	郁方 Yu, Fang ; Alkhalaf, Muath ; Bultan, Tevfik ; Ibarra, Oscar H.
貢獻者	資管系
關鍵詞	String analysis;Automated verification ;Web application security ;Vulnerability analysis
日期	2013.06
上傳時間	6-Dec-2013 12:27:50 (UTC+8)
摘要	Verifying string manipulating programs is a crucial problem in computer security. String operations are used extensively within web applications to manipulate user input, and their erroneous use is the most common cause of security vulnerabilities in web applications. We present an automata-based approach for symbolic analysis of string manipulating programs. We use deterministic finite automata (DFAs) to represent possible values of string variables. Using forward reachability analysis we compute an over-approximation of all possible values that string variables can take at each program point. Intersecting these with a given attack pattern yields the potential attack strings if the program is vulnerable. Based on the presented techniques, we have implemented Stranger, an automata-based string analysis tool for detecting string-related security vulnerabilities in PHP applications. We evaluated Stranger on several open-source Web applications including one with 350,000+ lines of code. Stranger is able to detect known/unknown vulnerabilities, and, after inserting proper sanitization routines, prove the absence of vulnerabilities with respect to given attack patterns.
關聯	Formal Methods in System Design, 44(1), 44-70
資料類型	article
DOI	http://dx.doi.org/10.1007/s10703-013-0189-1

dc.contributor	資管系	en_US
dc.creator (作者)	郁方	zh_TW
dc.creator (作者)	Yu, Fang ; Alkhalaf, Muath ; Bultan, Tevfik ; Ibarra, Oscar H.	en_US
dc.date (日期)	2013.06	en_US
dc.date.accessioned	6-Dec-2013 12:27:50 (UTC+8)	-
dc.date.available	6-Dec-2013 12:27:50 (UTC+8)	-
dc.date.issued (上傳時間)	6-Dec-2013 12:27:50 (UTC+8)	-
dc.identifier.uri (URI)	http://nccur.lib.nccu.edu.tw/handle/140.119/62193	-
dc.description.abstract (摘要)	Verifying string manipulating programs is a crucial problem in computer security. String operations are used extensively within web applications to manipulate user input, and their erroneous use is the most common cause of security vulnerabilities in web applications. We present an automata-based approach for symbolic analysis of string manipulating programs. We use deterministic finite automata (DFAs) to represent possible values of string variables. Using forward reachability analysis we compute an over-approximation of all possible values that string variables can take at each program point. Intersecting these with a given attack pattern yields the potential attack strings if the program is vulnerable. Based on the presented techniques, we have implemented Stranger, an automata-based string analysis tool for detecting string-related security vulnerabilities in PHP applications. We evaluated Stranger on several open-source Web applications including one with 350,000+ lines of code. Stranger is able to detect known/unknown vulnerabilities, and, after inserting proper sanitization routines, prove the absence of vulnerabilities with respect to given attack patterns.	-
dc.format.extent	1017620 bytes	-
dc.format.mimetype	application/pdf	-
dc.language.iso	en_US	-
dc.relation (關聯)	Formal Methods in System Design, 44(1), 44-70	en_US
dc.subject (關鍵詞)	String analysis;Automated verification ;Web application security ;Vulnerability analysis	en_US
dc.title (題名)	Automata-Based Symbolic String Analysis for Vulnerability Detection	en_US
dc.type (資料類型)	article	en
dc.identifier.doi (DOI)	10.1007/s10703-013-0189-1	en_US
dc.doi.uri (DOI)	http://dx.doi.org/10.1007/s10703-013-0189-1	en_US