Range Analysis of Binaries with Minimal Effort

Barrett, Edd and King, Andy (1992) Range Analysis of Binaries with Minimal Effort. In: Formal Methods for Industrial Critical Systems. Lecture Notes in Computer Science, 7437 . Springer, pp. 93-107. ISBN 978-3-642-32468-0. (doi:https://doi.org/10.1007/978-3-642-32469-7_7) (Full text available)

PDF (Range Analysis of Binaries with Minimal E�ffort) - Author's Accepted Manuscript
Download (261kB) Preview
[img]
Preview
Official URL
http://dx.doi.org/10.1007/978-3-642-32469-7_7

Abstract

COTS components are ubiquitous in military, industrial and governmental systems. However, the bene�fits of reduced development and maintainance costs are compromised by security concerns. Since source code is unavailable, security audits necessarily occur at the binary level. Push-button formal method techniques, such as model checking and abstract interpretation, can support this process by, among other things, inferring ranges of values for registers. Ranges aid the security engineer in checking for vulnerabilities that relate, for example, to integer wrapping, uninitialised variables and bu�er over ows. Yet the lack of structure in binaries limits the e�ffectiveness of classical range analyses based on widening. This paper thus contributes a simple but novel range analysis, formulated in terms of linear programming, which calculates ranges without manual intervention.

Item Type: Book section
Subjects: A General Works
Divisions: Faculties > Sciences > School of Computing > Programming Languages and Systems Group
Depositing User: Andy King
Date Deposited: 22 May 2014 10:24 UTC
Last Modified: 18 Jan 2017 11:36 UTC
Resource URI: https://kar.kent.ac.uk/id/eprint/41116 (The current URI for this page, for reference purposes)
  • Depositors only (login required):

Downloads

Downloads per month over past year