Combining Static and Dynamic Analysis for Vulnerability Detection
This work addresses vulnerability detection for software security, presenting an incremental improvement by integrating existing static and dynamic analysis methods.
The paper tackles buffer overflow detection in C code by combining static analysis to identify taint dependency sequences with dynamic analysis using a genetic algorithm to generate inputs, achieving faster and more accurate results on the Verisec benchmark.
In this paper, we present a hybrid approach for buffer overflow detection in C code. The approach makes use of static and dynamic analysis of the application under investigation. The static part consists in calculating taint dependency sequences (TDS) between user controlled inputs and vulnerable statements. This process is akin to program slice of interest to calculate tainted data- and control-flow path which exhibits the dependence between tainted program inputs and vulnerable statements in the code. The dynamic part consists of executing the program along TDSs to trigger the vulnerability by generating suitable inputs. We use genetic algorithm to generate inputs. We propose a fitness function that approximates the program behavior (control flow) based on the frequencies of the statements along TDSs. This runtime aspect makes the approach faster and accurate. We provide experimental results on the Verisec benchmark to validate our approach.