Login | Register

A new approach for testing buffer overflow vulnerabilities in C and C++


A new approach for testing buffer overflow vulnerabilities in C and C++

Alouneh, Sahel A (2004) A new approach for testing buffer overflow vulnerabilities in C and C++. Masters thesis, Concordia University.

Text (application/pdf)
MR04361.pdf - Accepted Version


With the high growth of computer technology, and especially the fast growth of computer networks and internet, buffer overflows are the most notorious and widely publicized attacks. This problem has a predominant threat to the secure operation of network and in particular, internet based applications. In this thesis, a combined static and dynamic testing approach for detecting the buffer overflow vulnerabilities is implemented. Compared to other approaches, the tool presents more features and aims to increase the accuracy and efficiency while scanning the C and C++ source code. The main idea behind our approach is to rewrite the vulnerable source code so that the modified code uses the new safe call version of old vulnerable C and C++ function. If rewriting is impossible, the tool gives different types of warnings, depending on the complexity of the function syntax, format, and other factors detailed in this thesis. Moreover, the tool provides a description of the problem. If a warning is issued, then it helps the programmer solve this security problem. The new approach brings down the false positive and false negative factors as low as possible. (Abstract shortened by UMI.)

Divisions:Concordia University > Gina Cody School of Engineering and Computer Science > Electrical and Computer Engineering
Item Type:Thesis (Masters)
Authors:Alouneh, Sahel A
Pagination:xi, 112 leaves : ill. ; 29 cm.
Institution:Concordia University
Degree Name:M.A. Sc.
Program:Electrical and Computer Engineering
Thesis Supervisor(s):En-Nouaary, Abdeslam
ID Code:8387
Deposited By: Concordia University Library
Deposited On:18 Aug 2011 18:24
Last Modified:18 Jan 2018 17:33
Related URLs:
All items in Spectrum are protected by copyright, with all rights reserved. The use of items is governed by Spectrum's terms of access.

Repository Staff Only: item control page

Downloads per month over past year

Back to top Back to top