Sciweavers

ACMSE
2006
ACM

Static analysis of anomalies and security vulnerabilities in executable files

14 years 6 months ago
Static analysis of anomalies and security vulnerabilities in executable files
Software researchers have already developed static code security checkers to parse through and scan source code files, looking for security vulnerabilities [8, 9]. What about executable files? Can these files also be statically checked for security weaknesses such as buffer overflows? We have created a methodology that uses information located in the headers, sections, and tables of a Windows NT/XP executable file, along with information derived from the overall contents of the file, as a means to detect specific anomalies and software security vulnerabilities without having to disassemble the code. In addition, we have instantiated this methodology in a software utility program called findssv that automatically performs this static analysis. We tested findssv on six categories of files: executable installation files, software development files, Windows XP operating system files, Microsoft application files, security-centric applications files, and miscellaneous application files. Thr...
Jay-Evan J. Tevis, John A. Hamilton Jr.
Added 13 Jun 2010
Updated 13 Jun 2010
Type Conference
Year 2006
Where ACMSE
Authors Jay-Evan J. Tevis, John A. Hamilton Jr.
Comments (0)