doi: 10.17706/jsw.14.9.423-436
Towards Denial-of-Service Memory Vulnerabilities
2University of Colorado Boulder Cooperative Institute for Research in Environmental Sciences, USA.
3International College ofSemiconductor Technology, National Chiao Tung University, Taiwan.
Abstract—We address the problem of verifying a program to be free of Denial-of-Service memory vulnerabilities. More specifically, we define a program to be safe from DoS attacks if its memory usage at any time during execution is linear to sizes of its inputs. We design an analysis algorithm that verifies if a program satisfies this definition, and reports code snippets in the program that may cause a nonlinear amount of memory usage in case the verification fails. We also formally prove the correctness of our algorithm w.r.t. the above definition. Our experimental results indicate that the analysis algorithm is both effective and efficient.
Index Terms—Program verification, software security, static analysis.
Cite: Tianhan Lu, Yu-Ju Lee, Wen-Wei Liao, "Towards Denial-of-Service Memory Vulnerabilities," Journal of Software vol. 14, no. 9, pp. 423-436, 2019.
General Information
ISSN: 1796-217X (Online)
Abbreviated Title: J. Softw.
Frequency: Quarterly
APC: 500USD
DOI: 10.17706/JSW
Editor-in-Chief: Prof. Antanas Verikas
Executive Editor: Ms. Cecilia Xie
Abstracting/ Indexing: DBLP, EBSCO,
CNKI, Google Scholar, ProQuest,
INSPEC(IET), ULRICH's Periodicals
Directory, WorldCat, etcE-mail: jsweditorialoffice@gmail.com
-
Oct 22, 2024 News!
Vol 19, No 3 has been published with online version [Click]
-
Jan 04, 2024 News!
JSW will adopt Article-by-Article Work Flow
-
Apr 01, 2024 News!
Vol 14, No 4- Vol 14, No 12 has been indexed by IET-(Inspec) [Click]
-
Apr 01, 2024 News!
Papers published in JSW Vol 18, No 1- Vol 18, No 6 have been indexed by DBLP [Click]
-
Jun 12, 2024 News!
Vol 19, No 2 has been published with online version [Click]