|
Research and development of interprocedural algorithms for defect searching in executable program code
G. S. Ivanovab, P. M. Palchikovc, A. Yu. Tarasovc, G. S. Akimovc, H. K. Aslanyand, V. G. Vardanyand, M. S. Arutuniand, G. S. Keropyand a Moscow Aviation Institute (National Research University)
b Ivannikov Institute for System Programming of the RAS
c Bauman Moscow State Technical University
d Russian-Armenian University, Yerevan
Abstract:
Recently, more and more software companies are interested in tools to improve the stability and security of their product. The closed libraries and third-party applications used by developers may contain defects, the use of which by an attacker or by a user may lead to a violation of the stability and security of the application. In some cases, the source code of the problem areas may be missing. At the moment, static methods for finding defects in code are gaining popularity, which allow finding defects that are unattainable for dynamic methods. Static methods are algorithms for studying a static model of a program, including a call graph, control flow, data flow. Studying binary code involves restoring a static model of a program from a binary file by disassembling, restoring function boundaries, translating it into an intermediate representation, and restoring a call graph. Defects in modern code bases, as a rule, appear only on a certain set of paths in the call graph, which requires interprocedural algorithms for finding defects. The aim of this work is to develop methods of interprocedural algorithms for finding defects in binary code that have good scalability, a set of supported architectures, and acceptable accuracy. Algorithms are developed based on ISP RAS Binside tool.
Keywords:
staic code analysis, defect searching, executable code analysis.
Citation:
G. S. Ivanov, P. M. Palchikov, A. Yu. Tarasov, G. S. Akimov, H. K. Aslanyan, V. G. Vardanyan, M. S. Arutunian, G. S. Keropyan, “Research and development of interprocedural algorithms for defect searching in executable program code”, Proceedings of ISP RAS, 31:6 (2019), 89–98
Linking options:
https://www.mathnet.ru/eng/tisp471 https://www.mathnet.ru/eng/tisp/v31/i6/p89
|
Statistics & downloads: |
Abstract page: | 111 | Full-text PDF : | 77 | References: | 17 |
|