Abstract
An important component of software reliability is the assurance of certain security guarantees, such as absence of low-level bugs that may result in code exploitation, for example. A program crash is an early indicator of possible errors in the program like memory corruption, access violation or division by zero. In particular, a crash may indicate the presence of safety or security critical errors. A safety-error crash does not result in any exploitable condition, whereas a security-error crash allows an attacker to exploit a vulnerability. However, distinguishing one from the other is a non-trivial task. This exacerbates the problem in cases where we get hundreds of crashes and programmers have to make choices which crash to patch first! In this work, we present a technique to identify security critical crashes by applying machine learning on a set of features derived from core-dump files and runtime information obtained from hardware assisted monitoring such as the last branch record (LBR) register. We implement the proposed technique in a prototype called Exniffer. Our empirical results, obtained by experimenting Exniffer on several crashes on real-world applications show that proposed technique is able to classify a given crash as exploitable or not-exploitable with high accuracy.
Original language | English |
---|---|
Title of host publication | Proceedings - 24th Asia-Pacific Software Engineering Conference, APSEC 2017 |
Publisher | ACM, IEEE Computer Society |
Pages | 239-248 |
Number of pages | 10 |
Volume | 2017-December |
ISBN (Electronic) | 9781538636817 |
DOIs | |
Publication status | Published - 5 Mar 2018 |
Event | 24th Asia-Pacific Software Engineering Conference, APSEC 2017 - Nanjing, Jiangsu, China Duration: 4 Dec 2017 → 8 Dec 2017 |
Conference
Conference | 24th Asia-Pacific Software Engineering Conference, APSEC 2017 |
---|---|
Country/Territory | China |
City | Nanjing, Jiangsu |
Period | 4/12/17 → 8/12/17 |
Keywords
- core-dump
- crash analysis
- hardware branch tracing
- information security
- machine learning
- operating systems security
- software security engineering
- vulnerability management