NDLI: RUNTIME MONITORING OF C PROGRAMS FOR SECURITY AND CORRECTNESS (2004)

Please wait, while we are loading the content...

RUNTIME MONITORING OF C PROGRAMS FOR SECURITY AND CORRECTNESS (2004)

Content Provider	CiteSeerX
Author	Yong, Suan Hsi
Abstract	Finding errors in software is a difficult problem: millions of dollars are spent in testing and debugging, yet latent bugs continue to be discovered even in thoroughly tested programs. Apart from the undesirable effects of producing incorrect results, crashing systems, and corrupting data, bugs also raise security concerns: memory-safety errors like buffer overruns and stale pointer dereferences can be exploited by malicious agents to acquire confidential data or seriously compromise the target system, sometimes in undetectable ways. A key feature of the C programming language is that it allows low-level control over memory usage and runtime behavior; this flexibility is crucial for many programming set-tings, such as at the system level, and is one reason why C programs continue to be widely used today. However, this flexibility is achieved at the price of safety: the language syntax is too weak to prevent type errors and memory-safety errors from occurring at runtime. This work explores three related approaches to detect errors in C programs via runtime monitoring. The Memory-Safety Enforcer is a tool that detects memory-safety errors at runtime, and can be used for both security and debugging. The Sensitive Location Checker
File Format	PDF
Publisher Date	2004-01-01
Access Restriction	Open
Subject Keyword	Runtime Monitoring Program Security Correctness Memory-safety Error Undetectable Way Latent Bug Undesirable Effect Incorrect Result Sensitive Location Checker Memory-safety Enforcer Key Feature Malicious Agent Low-level Control System Level Target System Difficult Problem Confidential Data Stale Pointer Dereferences Security Concern Runtime Behavior Related Approach Buffer Overrun Memory Usage Type Error Runtime Monitoring Programming Language Language Syntax
Content Type	Text

Central Library (ISO-9001:2015 Certified)
Indian Institute of Technology Kharagpur
Kharagpur, West Bengal, India | PIN - 721302

See location in the Map
03222 282435
Mail: support@ndl.gov.in

Sl.	Authority	Responsibilities	Communication Details
1	Ministry of Education (GoI), Department of Higher Education	Sanctioning Authority	https://www.education.gov.in/ict-initiatives
2	Indian Institute of Technology Kharagpur	Host Institute of the Project: The host institute of the project is responsible for providing infrastructure support and hosting the project	https://www.iitkgp.ac.in
3	National Digital Library of India Office, Indian Institute of Technology Kharagpur	The administrative and infrastructural headquarters of the project	Dr. B. Sutradhar bsutra@ndl.gov.in
4	Project PI / Joint PI	Principal Investigator and Joint Principal Investigators of the project	Dr. B. Sutradhar bsutra@ndl.gov.in Prof. Saswat Chakrabarti will be added soon
5	Website/Portal (Helpdesk)	Queries regarding NDLI and its services	support@ndl.gov.in
6	Contents and Copyright Issues	Queries related to content curation and copyright issues	content@ndl.gov.in
7	National Digital Library of India Club (NDLI Club)	Queries related to NDLI Club formation, support, user awareness program, seminar/symposium, collaboration, social media, promotion, and outreach	clubsupport@ndl.gov.in
8	Digital Preservation Centre (DPC)	Assistance with digitizing and archiving copyright-free printed books	dpc@ndl.gov.in
9	IDR Setup or Support	Queries related to establishment and support of Institutional Digital Repository (IDR) and IDR workshops	idr@ndl.gov.in