integer overflow is a common vulnerability in Ethereum Smart Contracts(ESCs)and often causes huge economic *** contracts cannot be changed once it is deployed on the blockchain and thus demand further *** testing is a...
详细信息
integer overflow is a common vulnerability in Ethereum Smart Contracts(ESCs)and often causes huge economic *** contracts cannot be changed once it is deployed on the blockchain and thus demand further *** testing is a fault-based testing method that can effectively improve the sufficiency of a test for smart ***,existing methods cannot efficiently perform mutation testing specifically for integer overflow in ***,by analyzing integer overflow in ESCs,we propose five special mutation operators to address such vulnerability in terms of detecting sufficiency in ESC *** empirical study on 40 open-source ESCs is conducted to evaluate the effectiveness of the proposed mutation *** show that(1)our proposed mutation operators can reproduce all 179 integer overflow vulnerabilities in 40 smart contracts,and the generated mutants have high compilation pass rate and integer overflow vulnerability generation rate;moreover,(2)the generated mutants can find the shortcomings of existing testing methods for integer overflow vulnerability,thereby providing effective support to improve the sufficiency of the test.
Detecting integer overflow vulnerabilities is critical for software security. Many techniques have been proposed to dynamically detect integer overflow vulnerabilities by instrumenting integer overflow tests into targ...
详细信息
ISBN:
(纸本)9781450390514
Detecting integer overflow vulnerabilities is critical for software security. Many techniques have been proposed to dynamically detect integer overflow vulnerabilities by instrumenting integer overflow tests into target programs. Their major drawback is that they can produce many false positives. In this paper, we propose an approach to eliminate the false positives stemming from incorrectly or not considering the sanitization code in target programs that is designed by developers to catch integer overflows. Unlike prior work that performs integer overflow test at arithmetic operations, our approach delays the test until the locations where the result of the arithmetic operation is about to be used by sensitive operations. This approach allows the sanitization code to filter out integer overflows before our integer overflow tests take place. As a result, it will not produce false positives for integer overflows that can be caught by the sanitization code. We have implemented a prototype and our evaluation shows that it can effectively detect integer overflow vulnerabilities without producing false positives.
In this work, we present an orthogonal classification of data type bugs, allowing precise structured descriptions of related software vulnerabilities. We utilize the Bugs Framework (BF) approach to define four languag...
详细信息
ISBN:
(数字)9781665488648
ISBN:
(纸本)9781665488648
In this work, we present an orthogonal classification of data type bugs, allowing precise structured descriptions of related software vulnerabilities. We utilize the Bugs Framework (BF) approach to define four language-independent classes that cover all possible kinds of data type bugs. In BF each class is a taxonomic category of a weakness type defined by sets of operations, cause-.consequence relations, and attributes. A BF description of a bug or a weakness is an instance of a taxonomic BF class with one operation, one cause, one consequence, and their attributes. Any vulnerability then can be described as a chain of such instances and their consequence-cause transitions. With our newly developed classes Declaration Bugs, Name Resolution Bugs, Type Conversion Bugs, and Type Computation Bugs, we confirm that BF is a classification system that extends the Common Weakness Enumeration (CWE). The proposed classes allow clear communication about software bugs that relate to misuse of data types, and provide a structured way to precisely describe data type related vulnerabilities.
integer overflow is a common cause of software failure and security vulnerability. Existing approaches to detecting integer overflow errors rely on traditional static code analysis and dynamic testing. This paper pres...
详细信息
ISBN:
(纸本)9781665408981
integer overflow is a common cause of software failure and security vulnerability. Existing approaches to detecting integer overflow errors rely on traditional static code analysis and dynamic testing. This paper presents a novel machine learning-based approach that predicts integer overflow errors by treating source code as text. It exploits text classifiers to determine whether each method in a given Java program contains an integer overflow error. As the training data is essential, we have constructed a comprehensive dataset to accounts for (a) integer overflow errors of all integer types and operations in Java (i.e., positive samples);(b) various programming techniques for preventing integer overflow errors (i.e., negative samples);and (c) malicious scenarios that may mislead text classifiers (i.e., adversarial samples). We have trained three classifiers, BERT, fastText, and NBSVM, that represent different text embedding techniques. BERT, as a representative deep-learning transformer, has achieved the highest performance scores and remained robust even when tested with the adversarial samples.
An integer overflow error occurs when an integer operation in computer software evaluates a value out of the integer range. It can lead to a fatal system failure. The existing approaches to detecting integer overflow ...
详细信息
An integer overflow error occurs when an integer operation in computer software evaluates a value out of the integer range. It can lead to a fatal system failure. The existing approaches to detecting integer overflow errors rely on data/control-flow analysis of the code or execution of the code with test cases. This paper presents a supervised learning approach to predicting whether each method in a given Java program has an integer overflow error by treating the source code as text. Built upon real-world programs, our Java dataset covers all integer data types and operations in Java, the methods for preventing integer overflow errors, and adversarial samples. We have evaluated six classification models, BERT, DistilBERT, codeBERT, Code2Vec, fastText, and NBSVM. They represent different text embedding techniques for dealing with source code. The experiment results show that BERT and its variants have outperformed other models. We have applied the resultant BERT model to eleven real-world projects, including JDK13.0 and ten top-ranked GitHub projects, and revealed 181 integer overflow errors. In addition, we have evaluated the classification models with a C/C++ dataset. The result is similar to that of the Java dataset.
In recent years, vulnerabilities of smart contracts have frequently break out. In particular, integer overflow of smart contracts, a high-risk vulnerability, has caused huge financial losses. However, most tools curre...
详细信息
ISBN:
(纸本)9781450377447
In recent years, vulnerabilities of smart contracts have frequently break out. In particular, integer overflow of smart contracts, a high-risk vulnerability, has caused huge financial losses. However, most tools currently fail to detect integer overflow in smart contracts. In this paper, we summarize 11 types of integer overflow features for Solidity smart contracts in Ethereum and abstractly define 83 corresponding XPath patterns. And we design an extensible static analysis tool to detect common integer overflow vulnerabilities of Solidity smart contracts in Ethereum through the defined XPath patterns. To evaluate our tool, we tested 7,000 verified Solidity smart contracts and found that there were 430 smart contracts with vulnerabilities of integer overflow. Experimental results show that there are still high-risk vulnerabilities of integer overflow in verified smart contracts.
In this papers we propose a new approach to detect integer overflow vulnerabilities in executable x86-architecture code. The approach is based on symbolic execution of the code and the dual representation of memory. W...
详细信息
ISBN:
(纸本)9781450353038
In this papers we propose a new approach to detect integer overflow vulnerabilities in executable x86-architecture code. The approach is based on symbolic execution of the code and the dual representation of memory. We build truncated control flow graph, based on the machine code. Layers in that graph are checked for the feasibility of vulnerability conditions. The proposed methods were implemented and experimentally tested on executable code.
integer overflow vulnerability is very difficult to locate and patch. From experience speaking the more complicate the integer operation the more error-prone the program. So in this paper, we come up with a new method...
详细信息
ISBN:
(纸本)9781509021291
integer overflow vulnerability is very difficult to locate and patch. From experience speaking the more complicate the integer operation the more error-prone the program. So in this paper, we come up with a new method to leverage static integer operation attributes to predict integer overflows based on machine learning technique. The static integer operation attributes consist of sink, integer operation accumulation, sanitization and input attributes. Every function of the testing program will be converted to a 10-dimension vector which is fed to several machine learning algorithms to make prediction. Our experiment shows that the method gets a good performance.
We present a new technique and system, DIODE, for automatically generating inputs that trigger overflows at memory allocation sites. DIODE is designed to identify relevant sanity checks that inputs must satisfy to tri...
详细信息
ISBN:
(纸本)9781450328357
We present a new technique and system, DIODE, for automatically generating inputs that trigger overflows at memory allocation sites. DIODE is designed to identify relevant sanity checks that inputs must satisfy to trigger overflows at target memory allocation sites, then generate inputs that satisfy these sanity checks to successfully trigger the overflow. DIODE works with off-the-shelf, production x86 binaries. Our results show that, for our benchmark set of applications, and for every target memory allocation site exercised by our seed inputs (which the applications process correctly with no overflows), either 1) DIODE is able to generate an input that triggers an overflow at that site or 2) there is no input that would trigger an overflow for the observed target expression at that site.
Despite decades of effort in research and engineering, integer overflows remain a severe threat to software security. Many tools are developed to detect integer overflows at runtime. However, the vast majority of them...
详细信息
ISBN:
(纸本)9781665470926
Despite decades of effort in research and engineering, integer overflows remain a severe threat to software security. Many tools are developed to detect integer overflows at runtime. However, the vast majority of them terminates program execution when an integer overflow is detected. This essentially causes denial-of-service, which is undesirable in many scenarios in practice. We propose a recovery mechanism designed for safe recovery from integer overflows. The recovery mechanism detects integer overflows and rectifies the values involved in arithmetic operations causing integer overflows so that it prevents the occurrence of the integer overflows and enables the program to continue execute safely. We have designed and developed a tool called RIO that can automatically synthesize and instrument our recovery mechanism into target programs. Our evaluation shows that RIO can successfully synthesize and instrument the recovery mechanism into programs containing real world vulnerabilities and the instrumented recovery mechanism allows the programs to recover safely in the face of exploits intending to trigger the vulnerabilities.
暂无评论