Breadcrumb

 
 

A new approach for testing buffer overflow vulnerabilities in C and C++

Title:

A new approach for testing buffer overflow vulnerabilities in C and C++

Alouneh, Sahel A (2004) A new approach for testing buffer overflow vulnerabilities in C and C++. Masters thesis, Concordia University.

[img]
Preview
PDF - Accepted Version
3692Kb

Abstract

With the high growth of computer technology, and especially the fast growth of computer networks and internet, buffer overflows are the most notorious and widely publicized attacks. This problem has a predominant threat to the secure operation of network and in particular, internet based applications. In this thesis, a combined static and dynamic testing approach for detecting the buffer overflow vulnerabilities is implemented. Compared to other approaches, the tool presents more features and aims to increase the accuracy and efficiency while scanning the C and C++ source code. The main idea behind our approach is to rewrite the vulnerable source code so that the modified code uses the new safe call version of old vulnerable C and C++ function. If rewriting is impossible, the tool gives different types of warnings, depending on the complexity of the function syntax, format, and other factors detailed in this thesis. Moreover, the tool provides a description of the problem. If a warning is issued, then it helps the programmer solve this security problem. The new approach brings down the false positive and false negative factors as low as possible. (Abstract shortened by UMI.)

Divisions:Concordia University > Faculty of Engineering and Computer Science > Electrical and Computer Engineering
Item Type:Thesis (Masters)
Authors:Alouneh, Sahel A
Pagination:xi, 112 leaves : ill. ; 29 cm.
Institution:Concordia University
Degree Name:M.A. Sc.
Program:Electrical and Computer Engineering
Date:2004
Thesis Supervisor(s):En-Nouaary, Abdeslam
ID Code:8387
Deposited By:Concordia University Libraries
Deposited On:18 Aug 2011 14:24
Last Modified:18 Aug 2011 14:24
Related URLs:
All items in Spectrum are protected by copyright, with all rights reserved. The use of items is governed by Spectrum's terms of access.

Repository Staff Only: item control page

Document Downloads

More statistics for this item...

Concordia University - Footer