Statische und dynami... Studien- und Diploma... Statische und dynami...


Intelligent Testing Strategies for Buffer Overflow Detection

(Original Titel:Intelligent Testing Strategies for Buffer Overflow Detection)



The ongoing project SMARTEST aims at the detection of IT security vulnerabilities in networked control systems by means of intelligent test procedures. The main goal of this Master Thesis is a study on the applicability of heuristics-based search and optimization techniques for the purpose of the early detection of exploitable buffer overflowing. The analysis should include both static considerations on control and data flow as well as behavioural observations based on random-based test data selection. Heuristics-based search may proceed stepwise by evaluating the fitness of individual test cases or test case sequences by the buffer fill level reached after their execution, ending as soon as an overflow was provoked or when a predefined number of runs do not succeed in increasing the fitness value of the best individuals so far encountered. The heuristics should be trained to identify such temporary dead ends, to identify their cause by retroactive data analysis, to roll back to an appropriate antecedent state and to restart the search process by adapting its current search strategy algorithm to the findings. The results are to be demonstrated by means of suitable examples.

Bearbeiter: Tong Tang

Betreuer: M. Eng. Loui Al Sardy