CFP last date
20 December 2024
Call for Paper
January Edition
IJCA solicits high quality original research papers for the upcoming January edition of the journal. The last date of research paper submission is 20 December 2024

Submit your paper
Know more
The week's pick
Responsive image
Improved Shuffled Frog Leaping Algorithm with Self-Adaptive Shuffling for Fuzzy Logic PD+G Controller Optimization in Robotic Manipulators

Duc Hoang Nguyen
Random Articles
Reseach Article

Compiler for Detection of Program Vulnerabilities

by Abhishek Nayyar, Umang Saxena, Arun Kumar
journal cover thumbnail

International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 104 - Number 6
Year of Publication: 2014
Authors: Abhishek Nayyar, Umang Saxena, Arun Kumar
10.5120/18206-9343

Abhishek Nayyar, Umang Saxena, Arun Kumar . Compiler for Detection of Program Vulnerabilities. International Journal of Computer Applications. 104, 6 ( October 2014), 25-31. DOI=10.5120/18206-9343

@article{ 10.5120/18206-9343,
author = { Abhishek Nayyar, Umang Saxena, Arun Kumar },
title = { Compiler for Detection of Program Vulnerabilities },
journal = { International Journal of Computer Applications },
issue_date = { October 2014 },
volume = { 104 },
number = { 6 },
month = { October },
year = { 2014 },
issn = { 0975-8887 },
pages = { 25-31 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume104/number6/18206-9343/ },
doi = { 10.5120/18206-9343 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T22:35:58.903933+05:30
%A Abhishek Nayyar
%A Umang Saxena
%A Arun Kumar
%T Compiler for Detection of Program Vulnerabilities
%J International Journal of Computer Applications
%@ 0975-8887
%V 104
%N 6
%P 25-31
%D 2014
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Program Vulnerabilities may be unwarranted for any organization and may lead to severe system failure. Due to the advancement of technology there has been increase in the area of vulnerability attacks which are exploited by hackers for getting access to the system or insertion of their malicious code. In this paper we present a proposal for compiler design which prevents some common vulnerability. The output result for our compiler would be compile time warning stating the possible vulnerability in the code. We will also look into the details about the different type of vulnerability and how the attacker can exploit those vulnerabilities in order to corrupt the system. The knowledge of various vulnerability creation areas have been used to design a compiler for vulnerability prevention. Compiler in this publication uses the symbol table generation mechanism for syntactically, semantically segregation of executable code and canary guard mechanism for the protection of cases of buffer overflow. Major work in this area deals with the simple scenarios for vulnerability detection but our aim is to check for various complicated scenarios and non common possibilities for program attack and designing a framework preventing such kinds of attacks.

References
  1. Alexander Ivanov Sotirov, automatic vulnerability detection using static source code analysis.
  2. Kirill Kononenko, A Unified Approach to Identifying and Healing Vulnerabilities in x86 Machine Code.
  3. David Brumley, Tzi-cker Chiueh, Robert Johnson, RICH: Automatically Protecting Against Integer-Based Vulnerabilities.
  4. Steven Muchnick, Advance compiler design and implementation.
  5. James C Foster, Vitlay Osipov, Nish Bhalla, Niels Heinen, Book on Buffer overflow attack.
  6. R. Bodik, R. Gupta and V. Sarkar. "ABCD: Eliminating array bound checks on demand". Programming language design and Implementation, 2000.
  7. K. V. N Sunitha, Book on Compiler Construction
  8. Alfred V. Aho, Monica S. Lam, Ravi Sethi and D. Jeffrey Ullman, Book on Compilers Principles Techniques And Tools
  9. D. M. Gallagher, W. Y. Chen, S. A. Mahlke, J. C. Gyllenhaal, and W. -m. W. Hwu. Dynamic memory disambiguation using the memory con?ict buffer.
  10. M. Gschwind and E. R. Altman. Precise exception semantics in dynamic compilation.
Index Terms

Computer Science
Information Sciences

Keywords

Program vulnerabilities Stack smashing Buffer overflow Canary guard Compiler Canaries Terminator.

Powered by PhDFocusTM