Please use this identifier to cite or link to this item:
|Title:||Auditing buffer overflow vulnerabilities using program analysis and data mining techniques||Authors:||Bindu Madhavi Padmanabhuni||Keywords:||DRNTU::Engineering::Computer science and engineering::Information systems||Issue Date:||2016||Source:||Padmanabhuni, B. M. (2016). Auditing buffer overflow vulnerabilities using program analysis and data mining techniques. Doctoral thesis, Nanyang Technological University, Singapore.||Abstract:||This thesis presents approaches for auditing Buffer Overflow (BO) vulnerabilities, one of the highly prevalent and dangerous vulnerabilities from source code as well as x86 executables. While many approaches exist in literature that help in mitigating them, continuous presence of BO bugs in vulnerability reports suggests possible limitations in existing approaches or difficulty in their adoption. Therefore, alternative solutions which are effective and easy-to-use are needed to comprehensively address them. It is also imperative to devise mechanisms for auditing BO bugs from executables. Based on these observations, in this thesis, we propose three novel approaches for auditing BO vulnerabilities namely: test case generation, hybrid auditing methodology using static-dynamic analysis and machine learning for addressing vulnerabilities in source code and vulnerability prediction using static code attributes for predicting bugs in x86 executables. The thesis also evaluates the proposed approaches and demonstrates that they are useful and effective.||URI:||https://hdl.handle.net/10356/68915||DOI:||10.32657/10356/68915||Fulltext Permission:||open||Fulltext Availability:||With Fulltext|
|Appears in Collections:||EEE Theses|
Items in DR-NTU are protected by copyright, with all rights reserved, unless otherwise indicated.