TY - GEN
T1 - DepthStAr
T2 - 5th International Symposium on Cyber Security Cryptography and Machine Learning, CSCML 2021
AU - Berlin, Michael
AU - Margalit, Oded
AU - Weiss, Gera
N1 - Publisher Copyright:
© 2021, Springer Nature Switzerland AG.
PY - 2021/7/1
Y1 - 2021/7/1
N2 - We present a tool for detecting a new type of bad smell in software code and describe how it was used to find critical security bugs, some of which exist in Linux code for many years and are still present in current distributions. Our tool applies state-of-the-art formal methods and static analysis techniques to scan the execution paths of programs. In this scan, the tool detects conditions that may lead to calling certain functions with strange combinations of arguments, called Abnormal Argument Case (AAC) in this paper. These conditions are presented to the developers as they often point at potential bugs and security vulnerabilities. The paper explains how the tool works and describes an empirical evaluation of its performance.
AB - We present a tool for detecting a new type of bad smell in software code and describe how it was used to find critical security bugs, some of which exist in Linux code for many years and are still present in current distributions. Our tool applies state-of-the-art formal methods and static analysis techniques to scan the execution paths of programs. In this scan, the tool detects conditions that may lead to calling certain functions with strange combinations of arguments, called Abnormal Argument Case (AAC) in this paper. These conditions are presented to the developers as they often point at potential bugs and security vulnerabilities. The paper explains how the tool works and describes an empirical evaluation of its performance.
UR - http://www.scopus.com/inward/record.url?scp=85111999110&partnerID=8YFLogxK
U2 - 10.1007/978-3-030-78086-9_5
DO - 10.1007/978-3-030-78086-9_5
M3 - Conference contribution
AN - SCOPUS:85111999110
SN - 9783030780852
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 71
EP - 85
BT - Cyber Security Cryptography and Machine Learning - 5th International Symposium, CSCML 2021, Proceedings
A2 - Dolev, Shlomi
A2 - Margalit, Oded
A2 - Pinkas, Benny
A2 - Schwarzmann, Alexander
PB - Springer Science and Business Media Deutschland GmbH
Y2 - 8 July 2021 through 9 July 2021
ER -