Sound input filter generation for integer overflow errors

Abstract: We present a system, SIFT, for generating input filters that nullify integer overflow errors associated with critical program sites such as memory allocation or block copy sites. SIFT uses a static program analysis to generate filters that discard inputs that may trigger integer overflow errors in the computations of the sizes of allocated memory blocks or the number of copied bytes in block copy operations. Unlike all previous techniques of which we are aware, SIFT is sound -if an input passes the filter, it … Show more

“…We evaluate Fortuna on three anomaly detectors: the SIFT [38], SOAP [37], and JSAND [18] anomaly detectors:…”

“…If an input satisfies the constraints, SIFT guarantees that the input will not trigger target integer overflow errors [38]. Because the SIFT analysis is conservative, it may reject inputs that would not trigger the error.…”

“…We evaluate Fortuna on three anomaly detectors: SOAP [37], SIFT [38], and JSAND [18] on three input formats: JPEG and PNG (SOAP and SIFT) and JavaScript (JSAND). 1) SOAP [37] is an input rectification system that learns input constraints over a set of benign inputs and then enforces the learned constraints over the incoming inputs.…”

“…2) SIFT [38] statically analyzes an application and generates sound input constraints, so that any input that satisfies these constraints will not trigger integer overflow errors at memory allocation and block copy sites of the application. 3) JSAND [18] is a publicly available anomaly detector for JavaScript.…”

“…Fortuna focuses specifically on anomaly detection systems that handle data from browsing the Internet. This class of systems is very well studied and includes, for example, anomaly detectors that filter potentially anomalous video, images, and JavaScript files [18], [20], [28], [36], [38] or seek to filter entire malicious webpages [44], [47], [48]. Nevertheless, our approach is broad and we provide a general framework for building analysis systems for other classes of anomaly detectors.…”

Principled Sampling for Anomaly Detection

“…We evaluate Fortuna on three anomaly detectors: the SIFT [38], SOAP [37], and JSAND [18] anomaly detectors:…”

“…If an input satisfies the constraints, SIFT guarantees that the input will not trigger target integer overflow errors [38]. Because the SIFT analysis is conservative, it may reject inputs that would not trigger the error.…”

“…We evaluate Fortuna on three anomaly detectors: SOAP [37], SIFT [38], and JSAND [18] on three input formats: JPEG and PNG (SOAP and SIFT) and JavaScript (JSAND). 1) SOAP [37] is an input rectification system that learns input constraints over a set of benign inputs and then enforces the learned constraints over the incoming inputs.…”

“…2) SIFT [38] statically analyzes an application and generates sound input constraints, so that any input that satisfies these constraints will not trigger integer overflow errors at memory allocation and block copy sites of the application. 3) JSAND [18] is a publicly available anomaly detector for JavaScript.…”

“…Fortuna focuses specifically on anomaly detection systems that handle data from browsing the Internet. This class of systems is very well studied and includes, for example, anomaly detectors that filter potentially anomalous video, images, and JavaScript files [18], [20], [28], [36], [38] or seek to filter entire malicious webpages [44], [47], [48]. Nevertheless, our approach is broad and we provide a general framework for building analysis systems for other classes of anomaly detectors.…”

Principled Sampling for Anomaly Detection

State Consistency Checking for Non-reentrant Function Based on Taint Assisted Symbol Execution

Improving Accuracy of Static Integer Overflow Detection in Binary