By Topic

A case study in detecting software security vulnerabilities using constraint optimization

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

3 Author(s)
M. Weber ; Cigital, Inc., Dulles, VA, USA ; V. Shah ; C. Ren

In this paper we present a case study in static analysis, with a focus on static methods for detecting buffer overflow vulnerabilities in software. We describe in detail a tool called Mjolnir that we have developed which improves upon existing static analysis techniques for detecting buffer overflow. The architecture and process flow of this tool are presented We discuss some common static analysis obstacles in terms of where they were encountered in developing this tool and the steps that were taken to overcome them. A prototype of the tool has been implemented and used for detecting buffer overflow vulnerabilities in C programs and experimental results are presented that demonstrate the effectiveness of the tool

Published in:

Source Code Analysis and Manipulation, 2001. Proceedings. First IEEE International Workshop on

Date of Conference: