DepthStAr: Deep Strange Arguments Detection

Michael Berlin; Oded Margalit; Gera Weiss

doi:10.1007/978-3-030-78086-9_5

DepthStAr: Deep Strange Arguments Detection

Michael Berlin
, Oded Margalit
, Gera Weiss

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

We present a tool for detecting a new type of bad smell in software code and describe how it was used to find critical security bugs, some of which exist in Linux code for many years and are still present in current distributions. Our tool applies state-of-the-art formal methods and static analysis techniques to scan the execution paths of programs. In this scan, the tool detects conditions that may lead to calling certain functions with strange combinations of arguments, called Abnormal Argument Case (AAC) in this paper. These conditions are presented to the developers as they often point at potential bugs and security vulnerabilities. The paper explains how the tool works and describes an empirical evaluation of its performance.

Original language	English
Title of host publication	Cyber Security Cryptography and Machine Learning - 5th International Symposium, CSCML 2021, Proceedings
Editors	Shlomi Dolev, Oded Margalit, Benny Pinkas, Alexander Schwarzmann
Publisher	Springer Science and Business Media Deutschland GmbH
Pages	71-85
Number of pages	15
ISBN (Print)	9783030780852
DOIs	https://doi.org/10.1007/978-3-030-78086-9_5
State	Published - 1 Jan 2021
Event	5th International Symposium on Cyber Security Cryptography and Machine Learning, CSCML 2021 - Be'er Sheva, Israel Duration: 8 Jul 2021 → 9 Jul 2021

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	12716 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	5th International Symposium on Cyber Security Cryptography and Machine Learning, CSCML 2021
Country/Territory	Israel
City	Be'er Sheva
Period	8/07/21 → 9/07/21

ASJC Scopus subject areas

Theoretical Computer Science
General Computer Science

Access to Document

10.1007/978-3-030-78086-9_5

Cite this

Berlin, M., Margalit, O., & Weiss, G. (2021). DepthStAr: Deep Strange Arguments Detection. In S. Dolev, O. Margalit, B. Pinkas, & A. Schwarzmann (Eds.), Cyber Security Cryptography and Machine Learning - 5th International Symposium, CSCML 2021, Proceedings (pp. 71-85). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 12716 LNCS). Springer Science and Business Media Deutschland GmbH. https://doi.org/10.1007/978-3-030-78086-9_5

Berlin, Michael ; Margalit, Oded ; Weiss, Gera. / DepthStAr : Deep Strange Arguments Detection. Cyber Security Cryptography and Machine Learning - 5th International Symposium, CSCML 2021, Proceedings. editor / Shlomi Dolev ; Oded Margalit ; Benny Pinkas ; Alexander Schwarzmann. Springer Science and Business Media Deutschland GmbH, 2021. pp. 71-85 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{792c9a9167f4497fa5d0d020241c8eac,

title = "DepthStAr: Deep Strange Arguments Detection",

abstract = "We present a tool for detecting a new type of bad smell in software code and describe how it was used to find critical security bugs, some of which exist in Linux code for many years and are still present in current distributions. Our tool applies state-of-the-art formal methods and static analysis techniques to scan the execution paths of programs. In this scan, the tool detects conditions that may lead to calling certain functions with strange combinations of arguments, called Abnormal Argument Case (AAC) in this paper. These conditions are presented to the developers as they often point at potential bugs and security vulnerabilities. The paper explains how the tool works and describes an empirical evaluation of its performance.",

author = "Michael Berlin and Oded Margalit and Gera Weiss",

note = "Publisher Copyright: {\textcopyright} 2021, Springer Nature Switzerland AG.; 5th International Symposium on Cyber Security Cryptography and Machine Learning, CSCML 2021 ; Conference date: 08-07-2021 Through 09-07-2021",

year = "2021",

month = jan,

day = "1",

doi = "10.1007/978-3-030-78086-9\_5",

language = "English",

isbn = "9783030780852",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer Science and Business Media Deutschland GmbH",

pages = "71--85",

editor = "Shlomi Dolev and Oded Margalit and Benny Pinkas and Alexander Schwarzmann",

booktitle = "Cyber Security Cryptography and Machine Learning - 5th International Symposium, CSCML 2021, Proceedings",

address = "Germany",

}

Berlin, M, Margalit, O & Weiss, G 2021, DepthStAr: Deep Strange Arguments Detection. in S Dolev, O Margalit, B Pinkas & A Schwarzmann (eds), Cyber Security Cryptography and Machine Learning - 5th International Symposium, CSCML 2021, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 12716 LNCS, Springer Science and Business Media Deutschland GmbH, pp. 71-85, 5th International Symposium on Cyber Security Cryptography and Machine Learning, CSCML 2021, Be'er Sheva, Israel, 8/07/21. https://doi.org/10.1007/978-3-030-78086-9_5

DepthStAr: Deep Strange Arguments Detection. / Berlin, Michael; Margalit, Oded ; Weiss, Gera.
Cyber Security Cryptography and Machine Learning - 5th International Symposium, CSCML 2021, Proceedings. ed. / Shlomi Dolev; Oded Margalit; Benny Pinkas; Alexander Schwarzmann. Springer Science and Business Media Deutschland GmbH, 2021. p. 71-85 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 12716 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - DepthStAr

T2 - 5th International Symposium on Cyber Security Cryptography and Machine Learning, CSCML 2021

AU - Berlin, Michael

AU - Margalit, Oded

AU - Weiss, Gera

PY - 2021/1/1

Y1 - 2021/1/1

N2 - We present a tool for detecting a new type of bad smell in software code and describe how it was used to find critical security bugs, some of which exist in Linux code for many years and are still present in current distributions. Our tool applies state-of-the-art formal methods and static analysis techniques to scan the execution paths of programs. In this scan, the tool detects conditions that may lead to calling certain functions with strange combinations of arguments, called Abnormal Argument Case (AAC) in this paper. These conditions are presented to the developers as they often point at potential bugs and security vulnerabilities. The paper explains how the tool works and describes an empirical evaluation of its performance.

AB - We present a tool for detecting a new type of bad smell in software code and describe how it was used to find critical security bugs, some of which exist in Linux code for many years and are still present in current distributions. Our tool applies state-of-the-art formal methods and static analysis techniques to scan the execution paths of programs. In this scan, the tool detects conditions that may lead to calling certain functions with strange combinations of arguments, called Abnormal Argument Case (AAC) in this paper. These conditions are presented to the developers as they often point at potential bugs and security vulnerabilities. The paper explains how the tool works and describes an empirical evaluation of its performance.

UR - https://www.scopus.com/pages/publications/85111999110

U2 - 10.1007/978-3-030-78086-9_5

DO - 10.1007/978-3-030-78086-9_5

M3 - Conference contribution

AN - SCOPUS:85111999110

SN - 9783030780852

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 71

EP - 85

BT - Cyber Security Cryptography and Machine Learning - 5th International Symposium, CSCML 2021, Proceedings

A2 - Dolev, Shlomi

A2 - Margalit, Oded

A2 - Pinkas, Benny

A2 - Schwarzmann, Alexander

PB - Springer Science and Business Media Deutschland GmbH

Y2 - 8 July 2021 through 9 July 2021

ER -

Berlin M, Margalit O , Weiss G. DepthStAr: Deep Strange Arguments Detection. In Dolev S, Margalit O, Pinkas B, Schwarzmann A, editors, Cyber Security Cryptography and Machine Learning - 5th International Symposium, CSCML 2021, Proceedings. Springer Science and Business Media Deutschland GmbH. 2021. p. 71-85. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-030-78086-9_5

DepthStAr: Deep Strange Arguments Detection

Abstract

Publication series

Conference

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this