Volume 14 Number 9 (Sep. 2019)
Home > Archive > 2019 > Volume 14 Number 9 (Sep. 2019) >
JSW 2019 Vol.14(9): 423-436 ISSN: 1796-217X
doi: 10.17706/jsw.14.9.423-436

Towards Denial-of-Service Memory Vulnerabilities

Tianhan Lu1, Yu-Ju Lee1, Wen-Wei Liao2, 3∗

1Department of Computer Science, University of Colorado Boulder, CO 80309-0430, USA
2University of Colorado Boulder Cooperative Institute for Research in Environmental Sciences, USA.
3International College ofSemiconductor Technology, National Chiao Tung University, Taiwan.

Abstract—We address the problem of verifying a program to be free of Denial-of-Service memory vulnerabilities. More specifically, we define a program to be safe from DoS attacks if its memory usage at any time during execution is linear to sizes of its inputs. We design an analysis algorithm that verifies if a program satisfies this definition, and reports code snippets in the program that may cause a nonlinear amount of memory usage in case the verification fails. We also formally prove the correctness of our algorithm w.r.t. the above definition. Our experimental results indicate that the analysis algorithm is both effective and efficient.

Index Terms—Program verification, software security, static analysis.


Cite: Tianhan Lu, Yu-Ju Lee, Wen-Wei Liao, "Towards Denial-of-Service Memory Vulnerabilities," Journal of Software vol. 14, no. 9, pp. 423-436, 2019.

General Information

  • ISSN: 1796-217X (Online)
  • Frequency:  Quarterly
  • Editor-in-Chief: Prof. Antanas Verikas
  • Executive Editor: Ms. Yoyo Y. Zhou
  • Abstracting/ Indexing: DBLP, EBSCO, CNKIGoogle Scholar, ProQuest, INSPEC(IET), ULRICH's Periodicals Directory, WorldCat, etc
  • E-mail: jsweditorialoffice@gmail.com
  • APC: 500USD
  • Jun 12, 2024 News!

    Vol 19, No 2 has been published with online version   [Click]

  • Jan 04, 2024 News!

    JSW will adopt Article-by-Article Work Flow

  • Apr 01, 2024 News!

    Vol 14, No 4- Vol 14, No 12 has been indexed by IET-(Inspec)     [Click]

  • Apr 01, 2024 News!

    Papers published in JSW Vol 18, No 1- Vol 18, No 6 have been indexed by DBLP   [Click]

  • Mar 01, 2024 News!

    Vol 19, No 1 has been published with online version    [Click]