|
| This Article | ||
| ||
| Share | ||
| Bibliographic References | ||
| Add to: | ||
 Digg  Furl  Spurl  Blink  Simpy  Google  Del.icio.us  Y!MyWeb | ||
| Search | ||
| ||
2009 22nd IEEE Computer Security Foundations Symposium
Inputs of Coma: Static Detection of Denial-of-Service Vulnerabilities
Port Jefferson, New York
July 08-July 10
ISBN: 978-0-7695-3712-2
| ASCII Text | x | ||
| Richard Chang, Guofei Jiang, Franjo Ivancic, Sriram Sankaranarayanan, Vitaly Shmatikov, "Inputs of Coma: Static Detection of Denial-of-Service Vulnerabilities," 2012 IEEE 25th Computer Security Foundations Symposium, pp. 186-199, 2009 22nd IEEE Computer Security Foundations Symposium, 2009. | |||
| BibTex | x | ||
| @article{ 10.1109/CSF.2009.13, author = {Richard Chang and Guofei Jiang and Franjo Ivancic and Sriram Sankaranarayanan and Vitaly Shmatikov}, title = {Inputs of Coma: Static Detection of Denial-of-Service Vulnerabilities}, journal ={2012 IEEE 25th Computer Security Foundations Symposium}, volume = {0}, year = {2009}, issn = {1063-6900}, pages = {186-199}, doi = {http://doi.ieeecomputersociety.org/10.1109/CSF.2009.13}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, } | |||
| RefWorks Procite/RefMan/Endnote | x | ||
| TY - CONF JO - 2012 IEEE 25th Computer Security Foundations Symposium TI - Inputs of Coma: Static Detection of Denial-of-Service Vulnerabilities SN - 1063-6900 SP186 EP199 A1 - Richard Chang, A1 - Guofei Jiang, A1 - Franjo Ivancic, A1 - Sriram Sankaranarayanan, A1 - Vitaly Shmatikov, PY - 2009 KW - Denial-of-service KW - static analysis KW - network security VL - 0 JA - 2012 IEEE 25th Computer Security Foundations Symposium ER - | |||
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/CSF.2009.13
As networked systems grow in complexity, they are increasingly vulnerable to denial-of-service (DoS) attacks involving resource exhaustion. A single malicious "input of coma" can trigger high-complexity behavior such as deep recursion in a carelessly implemented server, exhausting CPU time or stack space and making the server unavailable to legitimate clients. These DoS attacks exploit the semantics of the target application, are rarely associated with network traffic anomalies, and are thus extremely difficult to detect using conventional methods.We present SAFER, a static analysis tool for identifying potential DoS vulnerabilities and the root causes of resource-exhaustion attacks before the software is deployed. Our tool combines taint analysis with control dependency analysis to detect high-complexity control structures whose execution can be triggered by untrusted network inputs.When evaluated on real-world networked applications, SAFER discovered previously unknown DoS vulnerabilities in the Expat XML parser and the SQLite library, as well as a new attack on a previously patched version of the wu-ftpd server. This demonstrates the importance of understanding and repairing the root causes of DoS vulnerabilities rather than simply blocking known malicious inputs.
Index Terms:
Denial-of-service, static analysis, network security
Citation:
Richard Chang, Guofei Jiang, Franjo Ivancic, Sriram Sankaranarayanan, Vitaly Shmatikov, "Inputs of Coma: Static Detection of Denial-of-Service Vulnerabilities," csf, pp.186-199, 2009 22nd IEEE Computer Security Foundations Symposium, 2009
Usage of this product signifies your acceptance of the Terms of Use.