Method and system for detecting race condition vulnerabilities in source code

Patent 7398516 Issued on July 8, 2008. Estimated Expiration Date:

April 15, 2024. Estimated Expiration Date is calculated based on simple USPTO term provisions. It does not account for terminal disclaimers, term adjustments, failure to pay maintenance fees, or other factors which might affect the term of a patent.

Abstract Claims Description Full Text

Patent References

Automatic immune system for computers and computer networks
Patent #: 5440723
Issued on: 08/08/1995
Inventor: Arnold, et al.

System and method for statically detecting potential race conditions in multi-threaded computer programs
Patent #: 6343371
Issued on: 01/29/2002
Inventor: Flanagan, et al.

Method for secure function execution by calling address validation
Patent #: 6412071
Issued on: 06/25/2002
Inventor: Hollander, et al.

Method and apparatus for verifying data local to a single thread
Patent #: 6817009
Issued on: 11/09/2004
Inventor: Flanagan, et al.

Methods and apparatus for detecting heap smashing
Patent #: 6832302
Issued on: 12/14/2004
Inventor: Fetzer, et al.

Method and system for simulating execution of a target program in a simulated target system
Patent #: 6973417
Issued on: 12/06/2005
Inventor: Maxwell, III, et al.

Software analysis framework Patent #: 7051322
Issued on: 05/23/2006
Inventor: Rioux

Inventors

Assignee

Ounce Labs, Inc.

Application

No. 10824685 filed on 04/15/2004

US Classes:

717/126, Program verification717/125, Having interactive or visual726/25Vulnerability assessment

Examiners

Primary: Kiss, Eric B.

Attorney, Agent or Firm

Wilmer Cutler Pickering Hale & Dorr LLP

International Classes

G06F 9/44
G06F 12/14
G06F 21/00

Abstract

A method and system of detecting vulnerabilities in source code. Source code is parsed into an intermediate representation. Models are derived for the code and the models are then analyzed in conjunction with pre-specified rules about the routines to determine if the routines posses one or more of pre-selected vulnerabilities.

Other References

Zovi, D.D., “Security Applications of Dynamic Binary Translation, Thesis,” The University of New Mexico (2002).
“The Java Language Environment,” White Paper, Sun Microsystems, Inc. (1997).
Suzuki, et al., “Implementation of An Array Bound Checker,” Defense Advanced Research Projects Agency (Contract FF44620-73-C-0034), Air Force Office of Scientific Research (Contract DAHC-15-72-C-0308), University of Tokyo Computation Center, pp. 132-143, 1997.
Sirer, et al., “An Access Control Language for Web Services,” SACMAT '02, Jun. 3-4, 2002, Monterey CA, ACM 1-58113-496-07/02/0006, pp. 23-30 (2002).
Schneider, F.B., “Enforceable Security Policies,” ACM Transactions on Information and System Security, vol. 3, No. 1, pp. 30-50 (Feb. 2000).
Pincus, J., “Steering the Pyramids—Tools, Technology, and Process in Engineering at Microsoft,” Microsoft Research (Oct. 5, 2002).
Macrakis, S., “From UNCOL to ANDF: Progress in Standard Intermediate Languages,” Open Software Foundation, macrakis@osf.org, pp. 1-18 (1993).
Leino, et al., “Checking Java Program via Guarded Commands,” Technical Report Feb. 1999, Compaq Systems Research Center (May 1999).
Kiriansky, et al., “Secure Execution Via Program Shepherding,” 11th Usenix Security Symposium (Security '02), San Francisco, CA (Aug. 2002).
Gordon, et al., “Typing a Multi-Language Intermediate Code,” Technical Report MSR-TR-2000-106, Microsoft Research, Microsoft Corporation (Dec. 2000).
Frailey, D.J., “An Intermediate Language for Source and Target Independent Code Optimization,” ACM, 0-89791-002-8/79/0800/0188, pp. 188-200 (1979).
Dijkstra, E.W., “Guarded Commands, Nondeterminacy and Formal Derivation of Programs,” Communications of the ACM, vol. 18, No. 8, pp. 453-457 (Aug. 1975).
Detlefs, et al., “Extended Static Checking,” Technical Report 159, Compaq Systems Research Center (1998).
Chess, et al., “Static Analysis for Security,” IEEE Computer Society, IEEE Security and Privacy, 1540-7993 (2004).
Bush, et al., “A Static Analyzer for Finding Dynamic Programming Errors”, Software—Practice and Experience, vol. 30, No. 7, 2000.
Banatre, et al., “Mechanical Proofs of Security Properties,” Institut de Recherche en Informatique et Systemes Aleatoires, Centre National de la Recherche Scientifique (URA 227) Universite de Rennes 1, Insa de Rennes, France, ISSN 1166-8687, Publication Interne No. 825, May 1994.
Ashcraft, et al., “Using Programmer-Written Compiler Extensions to Catch Security Holes”, IEEE Symposium on Security and Privacy, Oakland, CA, May 2002.
Aho, et al., “Principles of Compiler Design,” Addison-Wesley Publishing Co., Mar. 1978.
Wagner et al., A First Step Towards Automated Detection of Buffer Overrun Vulnerabilities, Proceedings of the Network and Distributed System Security Symposium, Feb. 2000.
Viega et al., A Static Vulnerability Scanner for C and C++ Code, 16th Annual Computer Security Applications Conference, 2000.
Shankar et al., Detecting Format String Vulnerabilities with Type Qualifiers, Proceedings of the 10th Usenix Security Symposium, Aug. 2001.
Larochelle and Evans, Statically Detecting Likely Buffer Overflow Vulnerabilities, Proceedings of the 2001 Usenix Security Symposium, Aug. 2001.
Haugh and Bishop, Testing C Programs for Buffer Overflow Vulnerabilities, Proceedings of the 2003 Symposium on Networked and Distributed System Security (SNDSS 2003), Feb. 2003.
Chess, Improving Computer Security Using Extended Static Checking, Proceedings of the IEEE Symposium on Security and Privacy, May 2002.
Jong-Deok Choi, et al., “Static Datarace Analysis for Multithreaded Object-Oriented Programs,” Aug. 9, 2001, IBM, RC22146 (W0108-016), pp. 1-18.
Matt Bishop and Micharil Dilger, “Checking for Race Conditions in File Accesses,” 1996, Computing Systems 9(2), pp. 131-152 (manuscript version; 20 pages).