{"id":2840,"date":"2017-09-08T05:44:57","date_gmt":"2017-09-08T05:44:57","guid":{"rendered":"https:\/\/www.ndss-symposium.org\/?page_id=2840"},"modified":"2024-03-07T09:54:54","modified_gmt":"2024-03-07T09:54:54","slug":"first-step-towards-automated-detection-buffer-overrun-vulnerabilities-paper","status":"publish","type":"page","link":"https:\/\/www.ndss-symposium.org\/ndss2000\/first-step-towards-automated-detection-buffer-overrun-vulnerabilities-paper\/","title":{"rendered":"A First Step Towards Automated Detection of Buffer Overrun Vulnerabilities"},"content":{"rendered":"\n

David Wagner, Jeffrey S. Foster, Eric A. Brewer, and Alexander Aiken (UC Berkley)<\/strong><\/p>\n\n\n\n

We describe a new technique for finding potential buffer overrun vulnerabilities in security-critical C code. The key to success is to use static analysis: we formulate detection of buffer overruns as an integer range analysis problem. One major advantage of static analysis is that security bugs can be eliminated before code is deployed. We have implemented our design and used our prototype to find new remotely-exploitable vulnerabilities in a large, widely deployed software package. An earlier hand audit missed these bugs.<\/p>\n\n\n\n

\n
Paper<\/a><\/div>\n\n\n\n
Slides<\/a><\/div>\n<\/div>\n\n\n\n
<\/div>\n\n\n\n

Date: <\/strong>3 Feb 2000<\/p>\n\n\n\n

Associated Event: <\/strong>NDSS Symposium 2000<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

David Wagner, Jeffrey S. Foster, Eric A. Brewer, and Alexander Aiken (UC Berkley) We describe a new technique for finding potential buffer overrun vulnerabilities in security-critical C code. The key to success is to use static analysis: we formulate detection of buffer overruns as an integer range analysis problem. One major advantage of static analysis … Continued<\/a><\/p>\n","protected":false},"author":237,"featured_media":0,"parent":1258,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_acf_changed":false,"advgb_blocks_editor_width":"","advgb_blocks_columns_visual_guide":"","footnotes":""},"categories":[],"tags":[100],"class_list":["post-2840","page","type-page","status-publish","hentry","tag-ndss-2000-papers"],"acf":[],"yoast_head":"\nA First Step Towards Automated Detection of Buffer Overrun Vulnerabilities - NDSS Symposium<\/title>\n<meta name=\"description\" content=\"This paper introduces the use of static analysis for finding potential buffer overrun vulnerabilities in security-critical C code before it is deployed.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.ndss-symposium.org\/ndss2000\/first-step-towards-automated-detection-buffer-overrun-vulnerabilities-paper\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"A First Step Towards Automated Detection of Buffer Overrun Vulnerabilities - NDSS Symposium\" \/>\n<meta property=\"og:description\" content=\"This paper introduces the use of static analysis for finding potential buffer overrun vulnerabilities in security-critical C code before it is deployed.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.ndss-symposium.org\/ndss2000\/first-step-towards-automated-detection-buffer-overrun-vulnerabilities-paper\/\" \/>\n<meta property=\"og:site_name\" content=\"NDSS Symposium\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/NDSSSymposium\/\" \/>\n<meta property=\"article:modified_time\" content=\"2024-03-07T09:54:54+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.ndss-symposium.org\/wp-content\/uploads\/NDSS_Logo_RGB.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"815\" \/>\n\t<meta property=\"og:image:height\" content=\"345\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:site\" content=\"@NDSSSymposium\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.ndss-symposium.org\/ndss2000\/first-step-towards-automated-detection-buffer-overrun-vulnerabilities-paper\/\",\"url\":\"https:\/\/www.ndss-symposium.org\/ndss2000\/first-step-towards-automated-detection-buffer-overrun-vulnerabilities-paper\/\",\"name\":\"A First Step Towards Automated Detection of Buffer Overrun Vulnerabilities - NDSS Symposium\",\"isPartOf\":{\"@id\":\"https:\/\/www.ndss-symposium.org\/#website\"},\"datePublished\":\"2017-09-08T05:44:57+00:00\",\"dateModified\":\"2024-03-07T09:54:54+00:00\",\"description\":\"This paper introduces the use of static analysis for finding potential buffer overrun vulnerabilities in security-critical C code before it is deployed.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.ndss-symposium.org\/ndss2000\/first-step-towards-automated-detection-buffer-overrun-vulnerabilities-paper\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.ndss-symposium.org\/ndss2000\/first-step-towards-automated-detection-buffer-overrun-vulnerabilities-paper\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.ndss-symposium.org\/ndss2000\/first-step-towards-automated-detection-buffer-overrun-vulnerabilities-paper\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.ndss-symposium.org\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"NDSS Symposium 2000\",\"item\":\"https:\/\/www.ndss-symposium.org\/ndss2000\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"A First Step Towards Automated Detection of Buffer Overrun Vulnerabilities\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.ndss-symposium.org\/#website\",\"url\":\"https:\/\/www.ndss-symposium.org\/\",\"name\":\"NDSS Symposium\",\"description\":\"The Network and Distributed System Security (NDSS) Symposium\",\"publisher\":{\"@id\":\"https:\/\/www.ndss-symposium.org\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.ndss-symposium.org\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.ndss-symposium.org\/#organization\",\"name\":\"NDSS Symposium\",\"url\":\"https:\/\/www.ndss-symposium.org\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.ndss-symposium.org\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.ndss-symposium.org\/wp-content\/uploads\/NDSS_Logo_RGB.jpg\",\"contentUrl\":\"https:\/\/www.ndss-symposium.org\/wp-content\/uploads\/NDSS_Logo_RGB.jpg\",\"width\":815,\"height\":345,\"caption\":\"NDSS Symposium\"},\"image\":{\"@id\":\"https:\/\/www.ndss-symposium.org\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/NDSSSymposium\/\",\"https:\/\/x.com\/NDSSSymposium\",\"https:\/\/www.linkedin.com\/company\/network-and-distributed-system-symposium-ndss-\/\",\"https:\/\/www.youtube.com\/ndsssymposium\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"A First Step Towards Automated Detection of Buffer Overrun Vulnerabilities - NDSS Symposium","description":"This paper introduces the use of static analysis for finding potential buffer overrun vulnerabilities in security-critical C code before it is deployed.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.ndss-symposium.org\/ndss2000\/first-step-towards-automated-detection-buffer-overrun-vulnerabilities-paper\/","og_locale":"en_US","og_type":"article","og_title":"A First Step Towards Automated Detection of Buffer Overrun Vulnerabilities - NDSS Symposium","og_description":"This paper introduces the use of static analysis for finding potential buffer overrun vulnerabilities in security-critical C code before it is deployed.","og_url":"https:\/\/www.ndss-symposium.org\/ndss2000\/first-step-towards-automated-detection-buffer-overrun-vulnerabilities-paper\/","og_site_name":"NDSS Symposium","article_publisher":"https:\/\/www.facebook.com\/NDSSSymposium\/","article_modified_time":"2024-03-07T09:54:54+00:00","og_image":[{"width":815,"height":345,"url":"https:\/\/www.ndss-symposium.org\/wp-content\/uploads\/NDSS_Logo_RGB.jpg","type":"image\/jpeg"}],"twitter_card":"summary_large_image","twitter_site":"@NDSSSymposium","twitter_misc":{"Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.ndss-symposium.org\/ndss2000\/first-step-towards-automated-detection-buffer-overrun-vulnerabilities-paper\/","url":"https:\/\/www.ndss-symposium.org\/ndss2000\/first-step-towards-automated-detection-buffer-overrun-vulnerabilities-paper\/","name":"A First Step Towards Automated Detection of Buffer Overrun Vulnerabilities - NDSS Symposium","isPartOf":{"@id":"https:\/\/www.ndss-symposium.org\/#website"},"datePublished":"2017-09-08T05:44:57+00:00","dateModified":"2024-03-07T09:54:54+00:00","description":"This paper introduces the use of static analysis for finding potential buffer overrun vulnerabilities in security-critical C code before it is deployed.","breadcrumb":{"@id":"https:\/\/www.ndss-symposium.org\/ndss2000\/first-step-towards-automated-detection-buffer-overrun-vulnerabilities-paper\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.ndss-symposium.org\/ndss2000\/first-step-towards-automated-detection-buffer-overrun-vulnerabilities-paper\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.ndss-symposium.org\/ndss2000\/first-step-towards-automated-detection-buffer-overrun-vulnerabilities-paper\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.ndss-symposium.org\/"},{"@type":"ListItem","position":2,"name":"NDSS Symposium 2000","item":"https:\/\/www.ndss-symposium.org\/ndss2000\/"},{"@type":"ListItem","position":3,"name":"A First Step Towards Automated Detection of Buffer Overrun Vulnerabilities"}]},{"@type":"WebSite","@id":"https:\/\/www.ndss-symposium.org\/#website","url":"https:\/\/www.ndss-symposium.org\/","name":"NDSS Symposium","description":"The Network and Distributed System Security (NDSS) Symposium","publisher":{"@id":"https:\/\/www.ndss-symposium.org\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.ndss-symposium.org\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.ndss-symposium.org\/#organization","name":"NDSS Symposium","url":"https:\/\/www.ndss-symposium.org\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.ndss-symposium.org\/#\/schema\/logo\/image\/","url":"https:\/\/www.ndss-symposium.org\/wp-content\/uploads\/NDSS_Logo_RGB.jpg","contentUrl":"https:\/\/www.ndss-symposium.org\/wp-content\/uploads\/NDSS_Logo_RGB.jpg","width":815,"height":345,"caption":"NDSS Symposium"},"image":{"@id":"https:\/\/www.ndss-symposium.org\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/NDSSSymposium\/","https:\/\/x.com\/NDSSSymposium","https:\/\/www.linkedin.com\/company\/network-and-distributed-system-symposium-ndss-\/","https:\/\/www.youtube.com\/ndsssymposium"]}]}},"coauthors":[],"author_meta":{"author_link":"https:\/\/www.ndss-symposium.org\/author\/strinekatrbovic\/","display_name":"Ivana Trbovic"},"relative_dates":{"created":"Posted 8 years ago","modified":"Updated 2 years ago"},"absolute_dates":{"created":"Posted on 8 September 2017","modified":"Updated on 7 March 2024"},"absolute_dates_time":{"created":"Posted on 8 September 2017 5:44 am","modified":"Updated on 7 March 2024 9:54 am"},"featured_img_caption":"","featured_img":false,"series_order":"","_links":{"self":[{"href":"https:\/\/www.ndss-symposium.org\/wp-json\/wp\/v2\/pages\/2840","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ndss-symposium.org\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.ndss-symposium.org\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.ndss-symposium.org\/wp-json\/wp\/v2\/users\/237"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ndss-symposium.org\/wp-json\/wp\/v2\/comments?post=2840"}],"version-history":[{"count":0,"href":"https:\/\/www.ndss-symposium.org\/wp-json\/wp\/v2\/pages\/2840\/revisions"}],"up":[{"embeddable":true,"href":"https:\/\/www.ndss-symposium.org\/wp-json\/wp\/v2\/pages\/1258"}],"wp:attachment":[{"href":"https:\/\/www.ndss-symposium.org\/wp-json\/wp\/v2\/media?parent=2840"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ndss-symposium.org\/wp-json\/wp\/v2\/categories?post=2840"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ndss-symposium.org\/wp-json\/wp\/v2\/tags?post=2840"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}