State-taint analysis for detecting resource bugs

Xu, Zhiwu; Cheng, Wen; Qin, Shengchao

doi:10.1016/j.scico.2017.06.010

Cited by 14 publications

(7 citation statements)

References 11 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…State-taint analysis [25] proposes a kind of static analysis called state-taint analysis to detect resource bugs. It deals with the open-but-not-used problem of resources.…”

Section: Resource Usage Bugsmentioning

confidence: 99%

See 1 more Smart Citation

MEBS: Uncovering Memory Life-Cycle Bugs in Operating System Kernels

Zhang

Wang

Yue

et al. 2021

J. Comput. Sci. Technol.

View full text Add to dashboard Cite

Allocation, dereferencing, and freeing of memory data in kernels are coherently linked. There widely exist real cases where the correctness of memory is compromised. This incorrectness in kernel memory brings about significant security issues, e.g., information leaking. Though memory allocation, dereferencing, and freeing are closely related, previous work failed to realize they are closely related. In this paper, we study the life-cycle of kernel memory, which consists of allocation, dereferencing, and freeing. Errors in them are called memory life-cycle (MLC) bugs. We propose an in-depth study of MLC bugs and implement a memory life-cycle bug sanitizer (MEBS) for MLC bug detection. Utilizing an interprocedural global call graph and novel identification approaches, MEBS can reveal memory allocation, dereferencing, and freeing sites in kernels. By constructing a modified define-use chain and examining the errors in the life-cycle, MLC bugs can be identified. Moreover, the experimental results on the latest kernels demonstrate that MEBS can effectively detect MLC bugs, and MEBS can be scaled to different kernels. More than 100 new bugs are exposed in Linux and FreeBSD, and 12 common vulnerabilities and exposures (CVE) are assigned.

show abstract

“…State-taint analysis [25] proposes a kind of static analysis called state-taint analysis to detect resource bugs. It deals with the open-but-not-used problem of resources.…”

Section: Resource Usage Bugsmentioning

confidence: 99%

“…MEBS contains allocation, dereferencing, and freeing of a pointer. Second, the states of [25] are also manually defined artifacts. On the one hand, the states are not related to the root cause of the bugs and vulnerabilities.…”

Section: Resource Usage Bugsmentioning

confidence: 99%

MEBS: Uncovering Memory Life-Cycle Bugs in Operating System Kernels

Zhang

Wang

Yue

et al. 2021

J. Comput. Sci. Technol.

View full text Add to dashboard Cite

show abstract

“…Relda [30] and Relda-2 [31] are lightweight tools for locating resource leaks, including wake locks, and are based on the FCG to handle callbacks. Xu et al [18] used state-taint analysis to detect "open-but-not-used" problems when a mobile device uses resources. In this study, the CFG is used as the input to track resource behaviors and identify the open resources in the different programs, which must be closed if unused.…”

Section: Static Analysismentioning

confidence: 99%

“…To uncover unwanted power consumption, different tools are available for detecting power leaks, such as static [14], dynamic [15] or hybrid analysis [16]. Static analysis tools use function call graph (FCG) [17], control flow graph (CFG) [18] and, data flow graph (DFG) [19] to extract the information regarding the app. Li et al [20] provided details of state-of-the-art tools that use static analysis in the Android app.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Wake Lock Leak Detection in Android Apps Using Multi-Layer Perceptron

Khan

Lee

et al. 2021

Electronics

View full text Add to dashboard Cite

With the proliferation of mobile devices, the popularity of Android applications (apps) has increased exponentially. Efficient power consumption in a device is essential from the perspective of the user because users want their devices to work all day. Developers must properly utilize the application programming interfaces (APIs) provided by Android software development kit to optimize the power consumption of their app. Occasionally, developers fail to relinquish the resources required by their app, resulting in a resource leak. Wake lock APIs are used in apps to manage the power state of the Android smartphone, and they frequently consume more power than necessary if not used appropriately (also called energy leak). In this study, we use a multi-layer perceptron (MLP) to detect wake lock leaks in Android apps because the MLP can solve complex problems and determine similarities in graphs. To detect wake lock leaks, we extract the call graph as features from the APK and embed the instruction and neighbor information in the node’s label of the call graph. Then, the encoded data are input to an MLP model for training and testing. We demonstrate that our model can identify wake lock leaks in apps with 99% accuracy.

show abstract