Diagnosis and Emergency Patch Generation for Integer Overflow Exploits

  • Tielei Wang
  • Chengyu Song
  • Wenke Lee
Conference paper

DOI: 10.1007/978-3-319-08509-8_14

Volume 8550 of the book series Lecture Notes in Computer Science (LNCS)
Cite this paper as:
Wang T., Song C., Lee W. (2014) Diagnosis and Emergency Patch Generation for Integer Overflow Exploits. In: Dietrich S. (eds) Detection of Intrusions and Malware, and Vulnerability Assessment. DIMVA 2014. Lecture Notes in Computer Science, vol 8550. Springer, Cham

Abstract

Integer overflow has become a common cause of software vulnerabilities, and significantly threatens system availability and security. Yet protecting commodity software from attacks against unknown or unpatched integer overflow vulnerabilities remains unaddressed. This paper presents SoupInt, a system that can diagnose exploited integer overflow vulnerabilities from captured attack instances and then automatically generate patches to fix the vulnerabilities. Specifically, given an attack instance, SoupInt first diagnoses whether it exploits integer overflow vulnerabilities through a dynamic data flow analysis based mechanism. To fix the exploited integer overflows, SoupInt generates patches and deploys them at existing, relevant validation check points inside the program. By leveraging existing error-handlers for programmer-anticipated errors to deal with the unanticipated integer overflows, these patches enable the program to survive future attacks that exploit the same integer overflows. We have implemented a SoupInt prototype that directly works on x86 binaries.We evaluated SoupInt with various input formats and a number of real world integer overflow vulnerabilities in commodity software, including Adobe Reader, Adobe Flash Player, etc. The results show that SoupInt can accurately locate the exploited integer overflow vulnerabilities and generate patches in minutes.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  • Tielei Wang
    • 1
  • Chengyu Song
    • 1
  • Wenke Lee
    • 1
  1. 1.School of Computer ScienceGeorgia Institute of TechnologyAtlantaUSA