DepthStAr: Deep Strange Arguments Detection: Deep Strange Arguments Detection

Michael Berlin, Oded Margalit, Gera Weiss

Research output: Contribution to conferencePaperpeer-review

Abstract

We present a tool for detecting a new type of bad smell in software code and describe how it was used to find critical security bugs, some of which exist in Linux code for many years and are still present in current distributions. Our tool applies state-of-the-art formal methods and static analysis techniques to scan the execution paths of programs. In this scan, the tool detects conditions that may lead to calling certain functions with strange combinations of arguments, called Abnormal Argument Case (AAC) in this paper. These conditions are presented to the developers as they often point at potential bugs and security vulnerabilities. The paper explains how the tool works and describes an empirical evaluation of its performance.

Original languageEnglish
Pages71-85
Number of pages15
DOIs
StatePublished - 2021
Event5th International Symposium on Cyber Security Cryptography and Machine Learning, CSCML 2021 - Be'er Sheva, Israel
Duration: 8 Jul 20219 Jul 2021

Conference

Conference5th International Symposium on Cyber Security Cryptography and Machine Learning, CSCML 2021
Country/TerritoryIsrael
CityBe'er Sheva
Period8/07/219/07/21

Fingerprint

Dive into the research topics of 'DepthStAr: Deep Strange Arguments Detection: Deep Strange Arguments Detection'. Together they form a unique fingerprint.

Cite this