iBet uBet web content aggregator. Adding the entire web to your favor.
iBet uBet web content aggregator. Adding the entire web to your favor.



Link to original content: https://unpaywall.org/10.1007/978-3-030-78086-9_5
DepthStAr: Deep Strange Arguments Detection | SpringerLink
Skip to main content
Springer Nature Link
Log in

DepthStAr: Deep Strange Arguments Detection

  • Conference paper
  • First Online:
Cyber Security Cryptography and Machine Learning (CSCML 2021)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 12716))

  • 1261 Accesses

Abstract

We present a tool for detecting a new type of bad smell in software code and describe how it was used to find critical security bugs, some of which exist in Linux code for many years and are still present in current distributions. Our tool applies state-of-the-art formal methods and static analysis techniques to scan the execution paths of programs. In this scan, the tool detects conditions that may lead to calling certain functions with strange combinations of arguments, called Abnormal Argument Case (AAC) in this paper. These conditions are presented to the developers as they often point at potential bugs and security vulnerabilities. The paper explains how the tool works and describes an empirical evaluation of its performance.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    To make it harder to find the program.

References

  1. Abadi, A., Ettinger, R., Feldman, Y.A., Shomrat, M.: Automatically fixing security vulnerabilities in java code. In: Proceedings of the ACM International Conference Companion on Object Oriented Programming Systems Languages and Applications Companion, pp. 3–4 (2011)

    Google Scholar 

  2. Beck, K.: Code smell (1999). https://wiki.c2.com/?CodeSmell. Accessed 20 Feb 2021

  3. Boudjema, E.H., Verlan, S., Mokdad, L., Faure, C.: VYPER: vulnerability detection in binary code. Secur. Priv. 3(2), e100 (2020)

    Google Scholar 

  4. Cadar, C., Dunbar, D., Engler, D.R., et al.: Klee: unassisted and automatic generation of high-coverage tests for complex systems programs. In: OSDI, vol. 8, pp. 209–224 (2008)

    Google Scholar 

  5. Chen, B., Yang, Z., Lei, L., Cong, K., Xie, F.: Automated bug detection and replay for cots Linux kernel modules with concolic execution. In: 2020 IEEE 27th International Conference on Software Analysis, Evolution and Reengineering (SANER), pp. 172–183 (2020). https://doi.org/10.1109/SANER48275.2020.9054797

  6. Chipounov, V., Kuznetsov, V., Candea, G.: S2E: a platform for in-vivo multi-path analysis of software systems. ACM SIGPLAN Not. 46(3), 265–278 (2011)

    Article  Google Scholar 

  7. Cure53: double-free in curl\(\_\)maprintf (2016). https://curl.se/docs/CVE-2016-8618.html. Accessed 19 Feb 2021

  8. Li, H., Kim, T., Bat-Erdene, M., Lee, H.: Software vulnerability detection using backward trace analysis and symbolic execution. In: 2013 International Conference on Availability, Reliability and Security, pp. 446–454. IEEE (2013). https://doi.org/10.1109/ARES.2013.59

  9. Lu, K., Walter, M.T., Pfaff, D., Nümberger, S., Lee, W., Backes, M.: Unleashing use-before-initialization vulnerabilities in the Linux kernel using targeted stack spraying. In: NDSS (2017)

    Google Scholar 

  10. de Moura, L., Bjørner, N.: Z3: an efficient SMT solver. In: Ramakrishnan, C.R., Rehof, J. (eds.) TACAS 2008. LNCS, vol. 4963, pp. 337–340. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-78800-3_24

    Chapter  Google Scholar 

  11. Novet, J.: Solar winds hack has shaved 23 percent from software company’s stock this week (2020). https://www.cnbc.com/2020/12/16/solarwinds-hack-triggers-23percent-stock-haircut-this-week-so-far.html

  12. Penrose, R.: Chess problem computers can’t solve? (2017). https://www.consciousentities.com/2017/03/chess-problem-computers-cant-solve/

  13. Shoshitaishvili, Y., et al.: Sok:(state of) the art of war: Offensive techniques in binary analysis. In: 2016 IEEE Symposium on Security and Privacy (SP), pp. 138–157. IEEE (2016)

    Google Scholar 

  14. taviso@google.com: gpg: heap buffer overflow in libgcrypt (2021). https://bugs.chromium.org/p/project-zero/issues/detail?id=2145. Accessed 19 Feb 2021

Download references

Acknowledgement

We wish to thank the anonymous reviewers for their valuable comments and suggestions. Specifically, we wish to thank the reviewer that pointed us to the acute need to avoid false positive alarms when a human is involved in the loop.

Author information

Authors and Affiliations

  1. Ben-Gurion University of the Negev, Beersheba, Israel

    Michael Berlin, Oded Margalit & Gera Weiss

  2. Computer Science, Citi, Tel Aviv, Israel

    Oded Margalit

Authors
  1. Michael Berlin
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Oded Margalit
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Gera Weiss
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Michael Berlin .

Editor information

Editors and Affiliations

  1. Ben-Gurion University of the Negev, Be'er Sheva, Israel

    Shlomi Dolev

  2. Ben-Gurion University of the Negev, Be'er Sheva, Israel

    Oded Margalit

  3. Bar-Ilan University, Tel Aviv, Israel

    Benny Pinkas

  4. Augusta University, Augusta, GA, USA

    Alexander Schwarzmann

Rights and permissions

Reprints and permissions

Copyright information

© 2021 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Berlin, M., Margalit, O., Weiss, G. (2021). DepthStAr: Deep Strange Arguments Detection. In: Dolev, S., Margalit, O., Pinkas, B., Schwarzmann, A. (eds) Cyber Security Cryptography and Machine Learning. CSCML 2021. Lecture Notes in Computer Science(), vol 12716. Springer, Cham. https://doi.org/10.1007/978-3-030-78086-9_5

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-78086-9_5

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-78085-2

  • Online ISBN: 978-3-030-78086-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation