Most Read Research Articles


Warning: Creating default object from empty value in /var/www/html/sandbox.ijcaonline.org/public_html/modules/mod_mostread/helper.php on line 79

Warning: Creating default object from empty value in /var/www/html/sandbox.ijcaonline.org/public_html/modules/mod_mostread/helper.php on line 79

Warning: Creating default object from empty value in /var/www/html/sandbox.ijcaonline.org/public_html/modules/mod_mostread/helper.php on line 79

Warning: Creating default object from empty value in /var/www/html/sandbox.ijcaonline.org/public_html/modules/mod_mostread/helper.php on line 79

Warning: Creating default object from empty value in /var/www/html/sandbox.ijcaonline.org/public_html/modules/mod_mostread/helper.php on line 79
Call for Paper - May 2015 Edition
IJCA solicits original research papers for the May 2015 Edition. Last date of manuscript submission is April 20, 2015. Read More

Compiler for Detection of Program Vulnerabilities

Print
PDF
 
Download Full Text
International Journal of Computer Applications
© 2014 by IJCA Journal
Volume 104 - Number 6
Year of Publication: 2014
Authors:
Abhishek Nayyar
Umang Saxena
Arun Kumar
10.5120/18206-9343

Abhishek Nayyar, Umang Saxena and Arun Kumar. Article: Compiler for Detection of Program Vulnerabilities. International Journal of Computer Applications 104(6):25-31, October 2014. Full text available. BibTeX

@article{key:article,
	author = {Abhishek Nayyar and Umang Saxena and Arun Kumar},
	title = {Article: Compiler for Detection of Program Vulnerabilities},
	journal = {International Journal of Computer Applications},
	year = {2014},
	volume = {104},
	number = {6},
	pages = {25-31},
	month = {October},
	note = {Full text available}
}

Abstract

Program Vulnerabilities may be unwarranted for any organization and may lead to severe system failure. Due to the advancement of technology there has been increase in the area of vulnerability attacks which are exploited by hackers for getting access to the system or insertion of their malicious code. In this paper we present a proposal for compiler design which prevents some common vulnerability. The output result for our compiler would be compile time warning stating the possible vulnerability in the code. We will also look into the details about the different type of vulnerability and how the attacker can exploit those vulnerabilities in order to corrupt the system. The knowledge of various vulnerability creation areas have been used to design a compiler for vulnerability prevention. Compiler in this publication uses the symbol table generation mechanism for syntactically, semantically segregation of executable code and canary guard mechanism for the protection of cases of buffer overflow. Major work in this area deals with the simple scenarios for vulnerability detection but our aim is to check for various complicated scenarios and non common possibilities for program attack and designing a framework preventing such kinds of attacks.

References

  • Alexander Ivanov Sotirov, automatic vulnerability detection using static source code analysis.
  • Kirill Kononenko, A Unified Approach to Identifying and Healing Vulnerabilities in x86 Machine Code.
  • David Brumley, Tzi-cker Chiueh, Robert Johnson, RICH: Automatically Protecting Against Integer-Based Vulnerabilities.
  • Steven Muchnick, Advance compiler design and implementation.
  • James C Foster, Vitlay Osipov, Nish Bhalla, Niels Heinen, Book on Buffer overflow attack.
  • R. Bodik, R. Gupta and V. Sarkar. "ABCD: Eliminating array bound checks on demand". Programming language design and Implementation, 2000.
  • K. V. N Sunitha, Book on Compiler Construction
  • Alfred V. Aho, Monica S. Lam, Ravi Sethi and D. Jeffrey Ullman, Book on Compilers Principles Techniques And Tools
  • D. M. Gallagher, W. Y. Chen, S. A. Mahlke, J. C. Gyllenhaal, and W. -m. W. Hwu. Dynamic memory disambiguation using the memory con?ict buffer.
  • M. Gschwind and E. R. Altman. Precise exception semantics in dynamic compilation.