The Design and Implementation of a Dynamic Instrument Tool for Program Crash Analysis
碩士 === 國立交通大學 === 資訊工程系所 === 92 === In order to meet time to market, software often releases with unintended flaws. Some cause software crashes that are highly related to security vulnerabilities. Commercial Off-The-Shelf (COTS) software normally comes without source code. If there happened any prog...
Main Authors: | , |
---|---|
Other Authors: | |
Format: | Others |
Language: | en_US |
Published: |
2004
|
Online Access: | http://ndltd.ncl.edu.tw/handle/66571440931134637515 |
id |
ndltd-TW-092NCTU5392026 |
---|---|
record_format |
oai_dc |
spelling |
ndltd-TW-092NCTU53920262015-10-13T13:04:22Z http://ndltd.ncl.edu.tw/handle/66571440931134637515 The Design and Implementation of a Dynamic Instrument Tool for Program Crash Analysis 程式失控動態分析系統設計與實作 Shih-Hung Liu 劉世弘 碩士 國立交通大學 資訊工程系所 92 In order to meet time to market, software often releases with unintended flaws. Some cause software crashes that are highly related to security vulnerabilities. Commercial Off-The-Shelf (COTS) software normally comes without source code. If there happened any program crash, all we can do is to report it to the vendor and wait for the patch. Some software companies, however, develop their patch not in timely manner, or even no longer support the older version. Normally, intended users can use debuggers to observe the running behavior of the software and determine if there exists any vulnerability to exploit. Our objective is to design a tool that helps systematically detect security-related errors from the crash. We want to automate the process to a certain extent for crash analysis. Much research work focused on detecting program errors and identifying their root causes either by static analysis or observing their running behavior through dynamic program instrument. Much of the work analyzes or instruments the source code of the software. However, with the assumption of lack of the source code, we develop an execution instrument and interception system and add detection mechanism of anomaly control flow inside to automatically judge if a certain crash can be exploited. We develop stack corrupt site identification and call target validation to detect if the control flow of the program is changed abnormally. Case studies of several commercial Windows applications from known exploits have proved the applicability of our system and better understanding of the exploiting path of these vulnerabilities. It manifests that our corrupt site identification mechanism points out the vulnerable function where the stack is polluted. At last, we compare this work with several related work to manifest the evaluation in the recent research. Shih-Kun Huang 黃世昆 2004 學位論文 ; thesis 59 en_US |
collection |
NDLTD |
language |
en_US |
format |
Others
|
sources |
NDLTD |
description |
碩士 === 國立交通大學 === 資訊工程系所 === 92 === In order to meet time to market, software often releases with unintended flaws. Some cause software crashes that are highly related to security vulnerabilities. Commercial Off-The-Shelf (COTS) software normally comes without source code. If there happened any program crash, all we can do is to report it to the vendor and wait for the patch. Some software companies, however, develop their patch not in timely manner, or even no longer support the older version. Normally, intended users can use debuggers to observe the running behavior of the software and determine if there exists any vulnerability to exploit. Our objective is to design a tool that helps systematically detect security-related errors from the crash. We want to automate the process to a certain extent for crash analysis.
Much research work focused on detecting program errors and identifying their root causes either by static analysis or observing their running behavior through dynamic program instrument. Much of the work analyzes or instruments the source code of the software. However, with the assumption of lack of the source code, we develop an execution instrument and interception system and add detection mechanism of anomaly control flow inside to automatically judge if a certain crash can be exploited. We develop stack corrupt site identification and call target validation to detect if the control flow of the program is changed abnormally. Case studies of several commercial Windows applications from known exploits have proved the applicability of our system and better understanding of the exploiting path of these vulnerabilities. It manifests that our corrupt site identification mechanism points out the vulnerable function where the stack is polluted. At last, we compare this work with several related work to manifest the evaluation in the recent research.
|
author2 |
Shih-Kun Huang |
author_facet |
Shih-Kun Huang Shih-Hung Liu 劉世弘 |
author |
Shih-Hung Liu 劉世弘 |
spellingShingle |
Shih-Hung Liu 劉世弘 The Design and Implementation of a Dynamic Instrument Tool for Program Crash Analysis |
author_sort |
Shih-Hung Liu |
title |
The Design and Implementation of a Dynamic Instrument Tool for Program Crash Analysis |
title_short |
The Design and Implementation of a Dynamic Instrument Tool for Program Crash Analysis |
title_full |
The Design and Implementation of a Dynamic Instrument Tool for Program Crash Analysis |
title_fullStr |
The Design and Implementation of a Dynamic Instrument Tool for Program Crash Analysis |
title_full_unstemmed |
The Design and Implementation of a Dynamic Instrument Tool for Program Crash Analysis |
title_sort |
design and implementation of a dynamic instrument tool for program crash analysis |
publishDate |
2004 |
url |
http://ndltd.ncl.edu.tw/handle/66571440931134637515 |
work_keys_str_mv |
AT shihhungliu thedesignandimplementationofadynamicinstrumenttoolforprogramcrashanalysis AT liúshìhóng thedesignandimplementationofadynamicinstrumenttoolforprogramcrashanalysis AT shihhungliu chéngshìshīkòngdòngtàifēnxīxìtǒngshèjìyǔshízuò AT liúshìhóng chéngshìshīkòngdòngtàifēnxīxìtǒngshèjìyǔshízuò AT shihhungliu designandimplementationofadynamicinstrumenttoolforprogramcrashanalysis AT liúshìhóng designandimplementationofadynamicinstrumenttoolforprogramcrashanalysis |
_version_ |
1717729719288332288 |