Spectrum-based Security Bug Localization by Analyzing Error Propagation

doi:10.23940/ijpe.20.08.p16.12891298

Abstract

Abstract: Software security bug is one of the key threats to the security of software systems. Isolating security bugs that may be potential security bugs is important. We formalize a program error propagation based model (PEP), which used to be applied to locate integer bug and our contribution are as follows: We formulate a theory model based on the mechanism of how the security bug triggers the program error propagation and propose a security bug localization approach by applying spectrum-based fault-localization (SFL) technique, a novel method to locate software fault to alleviate false negative and false positive problem. Our experimental results show that：1)Our model is more effective than present ones to locate nearly 97% integer bug and buffer overflow which are the main security bugs by examining 50% codes on average; 2) Compared with the traditional techniques, SFL can find 100% of integer bugs and buffer overflow so it is a promising, technology roadmap to reduce false negative and false positive for locating security bugs.

Key words: accuracy, security bug, fault localization, error state propagation

Mengyu Ji, Song Huang, and Zhanwei Hui. Spectrum-based Security Bug Localization by Analyzing Error Propagation [J]. Int J Performability Eng, 2020, 16(8): 1289-1298.

Add to citation manager EndNote|Reference Manager|ProCite|BibTeX|RefWorks

References

1. B. Potter and G. McGraw, “Software Security Testing, Security and Privacy Magazine,” IEEE, Vol. 2, No. 5, pp. 81-85, 2004
2. C. Wysopal, L. Nelson, D. D. Zovi,E. Dustin, “The Art of Software Security Testing,” Symatec Press
3. N. Davis, W. Humphrey, S. T. Redwine, G. Zibulski,G. McGrew, “Processes for Producing Security Software,” IEEE Security and Privacy, Vol. 2, No. 3, pp. 18-25, 2004
4. R. C. Sercord, “Secure Coding in Cand C++,” Addison Wesley and Person Education Asia, 2006
5. W. E. Wong, X. Li,P. A. Laplante, “Be More Familiar with Our Enemies and Pave the Way Forward: A Review of the Roles Bugs Played in Software Failures,”Journal of Systems and Software, Vol. 133, pp. 68-94, 2017
6. Y. M. Xia, J. Luo,M. X. Zhang, “Security Security bug Detection Study based on Static Analysis,” Computer Science, Vol. 33, No. 10, pp. 279-283, 2006
7. T. L. Wang, T. Wei,Z. Q. Lin, “IntScope: Automatically Detecting Integer Overflow Security Bug in x86 Binary using Symbolic Execution,” in Proceedings of 2009 Network and Distributed System Security Symposium, San Diego: ISOC, 2009
8. M. Y. Ji, S. Huang,Z. W. Hui, “Research on Spectra-based Integer Bug Localization,” Chinese Journal of Computers, Vol. 35, No. 10, October 2012
9. L. Page, S. Brin, R. Motwani,T. Winograd, “The PageRank Citation Ranking: Bringing Order to the Web,” Stanford InfoLab Publication, Stanford University, Palo Alto, CA, (Available at http://dbpubs.stanford.edu/pub/1999-66, 1999
10. F. Zeng, L. Mao, Z. Chen, et al., “Mutation-based Testing of Integer Overflow Vulnerabilities,” inProceedings of the 8th International Conference on Wireless Communications, Networking and Mobile Computing, pp. 24-26, Beijing, China, 2009
11. A. Avizienis, J. C. Laprie, B. Randell, et al., “Basic Concepts and Taxonomy of Dependable and Secure Computing,” IEEE Transactions on Dependable and Secure Computing, Vol. 1, No. 1, March 2004
12. F. Anwer, M. Nazir,K. Mustafa, “Security Testing,” Trends in Software Testing, Springer Science+Business Media Singapore, 2017
13. D. A. Wheeler, “Flawfinder,” (http://www.dwheeler.com/flawfinder/(2001)
14. Splint, a static analysis tool, (http://splint.org/
15. X. C. Lu, G. Li, K. Lu,Y. Zhang, “High-Trusted-Software-Oriented Automatic Testing for Integer Overflow Bugs,” Journal of Software, Vol. 21, No. 2, pp. 179-193, February 2010
16. E. N. Ceesay, J. N. Zhou, M. Gertz, et al., “Using Type Qualifiers to Analyze Untrusted Integers and Detecting Security Flaws in C Programs,” in Proceedings of DIMVA 2006, LNCS4064, pp. 1-16, 2006
17. R. McNally, K. Yiu, D. Grove,D. Gerhardy, “Fuzzing: The State of the Art,” 2012
18. C. S. Păsăreanu, N. Rungta,W. Visser, “Symbolic Execution with Mixed Concrete-Symbolic Solving,” inProceedings of the 2011 International Symposium on Software Testing and Analysis, pp. 34-44, ACM, 2011
19. A. Avancini and M. Ceccato, “Comparison and Integration of Genetic Algorithms and Dynamic Symbolic Execution for Security Testing of Cross-Site Scripting Vulnerabilities,” Information of Software Technology, Vol. 55, No. 12, pp. 2209-2222, 2013
20. C. S. Psreanu, P. C. Mehlitz, D. H. Bushnell, K. Gundy-Burlet, M. Lowry, S. Person, et al., “Combining Unit-Level Symbolic Execution and System-Level Concrete Execution for Testing Nasa Software,” inProceedings of the 2008 International Symposium on Software Testing and Analysis, pp. 15-26, ACM, 2008
21. R. Abreu, A. Gonz_Alez, P. Zoeteweij, and A. J. van Gemund, “Automatic Software Fault Localization using Generic Program Invariants,” inProceedings of ACM Symposium on Applied Computing, pp. 712-717, Ceara, Brazil, March 2008
22. H. Agrawal, J. R. Horgan, S. London,W. E. Wong, “Fault Localization using Execution Slices and Dataflow Tests,” inProceedings of the 6th International Symposium on Software Reliability Engineering, pp. 143-151, Toulouse, France, October 1995
23. Z. A.Al-Khanjari, M. R. Woodward, H. A. Ramadhan, and N. S. Kutti, “The Efficiency of Critical Slicing in Fault Localization,” Software Quality Journal, Vol. 13, No. 2, pp. 129-153, June 2005
24. W. E. Wong, V. Debroy, R. Gao,Y. Li, “The DStar Method for Effective Software Fault Localization,” IEEE Transactions on Reliability, Vol. 63, No. 1, pp. 290-308, 2014
25. W. E. Wong, V. Debroy,B. Choi, “A Family of Code Coverage-based Heuristics for Effective Fault Localization,” Journal of Systems and Software, Vol. 83, No. 2, pp. 188-208, 2010
26. R. Abreu, P. Zoeteweij,A. J. van Gemund, “Spectrum-based Multiple Fault Localization,” inProceedings of the 24th IEEE/ACM International Conference on Automated Software Engineering, pp. 88-99, Auckland, CA, USA, November 2009
27. R. Abreu, B. Hofer, A. Perez,F. Wotawa, “Using Constraints to Diagnose Faulty Spreadsheets,” Software Quality Journal, Vol. 23, pp. 297-322, May 2014
28. H. Agrawal, J. R. Horgan, S. London,W. E. Wong, “Fault Localization using Execution Slices and Dataflow Tests,” inProceedings of the 6th International Symposium on Software Reliability Engineering, pp. 143-151, Toulouse, France, October 1995
29. H. Agrawal, R. A.DeMillo, and E. H. Spafford, “Debugging with Dynamic Slicing and Backtracking,” Software-Practice Experience, Vol. 23, No. 6, pp. 589-616, June 1993
30. J. A. Jones, M. J. Harrold,J. Stasko, “Visualization for Fault Localization,” inProceedings of the 23rd International Conference on Software Engineering, pp. 71-75, Ontario, BC, Canada, May 2001
31. R. Abreu, P. Zoeteweij,A. J. van Gemund, “An Evaluation of Similarity Coefficients for Software Fault Localization,” inProceedings of Pacific RIM International Symposium on Dependable Computing, pp. 39-46, Riverside, CA, USA, December 2006
32. H. He, J. Ren, R. Zhao,H. He, “Enhancing Spectrum-based Fault Localization using Fault Influence Propagation,”IEEE Access, Vol. 8, 2020
33. K. Yu, X. Meng, L. Q. Gao, et al., “Locating Faults using Multiple Spectra-Specific Models,” in Proceedings of SAC’11, TaiChung, Taiwan, March 21-25, 2011
34. Z. Zhang, W. K. Chan, T. H. Tse, et al., “Capturing Propagation of Infected Program States,” in Proceedings of the 7th Joint Meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Software Engineering (ESEC 7/FSE-17), pp. 43-52, ACM Press, New York, NY, 2009
35. T. T. Wang, K. C. Wang, X. H. Su,L. Zhang, “Invariant based Fault Localization by Analyzing Error Propagation,” Future Generation Computer Systems, Vol. 94, pp. 549-563, May 2019
36. W. E. Wong, R. Gao, Y. Li, R. Abreu,F. Wotawa, “A Survey on Software Fault Localization,” IEEE Transactions on Software Engineering, Vol. 42, No. 8, August 2016
37. L. Hong, “Law of Total Probability and Bayes' Theorem in Riesz Spaces,” Mathematics Subject Classiﬁcation 2010
38. mid.c, a program, (http://www.static.cc.gatech.edu/aristotle/Tools/Aristotle/samples/mid.c
39. R. Abreu, P. Zoeteweij,A. J.C. van Gemund, “On the Accuracy of Spectrum-based Fault Localization,” in Proceedings of Testing: Academic and Industrial Conference Practice and Research Techniqu, pp. 89-98, IEEE Computer Society Press, Los Alamitos, CA, 2007
40. Siemens test suite, a test data set, (http://sir.unl.edu/portal/index.html
41. WET, an advanced infrastructure, (http://wet.cs.ucr.edu/index.html
42. Valgrind-memcheck, a dynamic analysis tool, (http://www.valgrind.org/
43. Y. Lei, X. G. Mao, M. Zhang, J. Ren,Y. Jiang, “Toward Understanding Information Models of Fault Localization: Elaborate is Not Always Better,” inProceedings of IEEE 41st Annual Computer Software and Applications Conference, 2017
44. S. Artzi, J. Dolby, F. Tip,M. Pistoia, “Directed Test Generation for Effective Fault Localization,” in Proceedings of IEEEInternational Symposium Software Testing Analysis, pp. 49-60, Trento, Italy, July 2010
45. S. Segura, G. Fraser, A. B. Sanchez,A. Ruiz-Cortes, “A Survey on Metamorphic Testing,” IEEE Transactions on Software Engineering, Vol. 42, No. 9, September2016

[1]	Amanpreet Kaur and Archana Mantri. Evaluating the Impact of Hybridization of Vision and Sensor-Based Tracking on the Accuracy and Robustness of Virtual Reality-Based Shooting Tutor for Defense Training [J]. Int J Performability Eng, 2023, 19(9): 559-567.
[2]	Janarthanan Sekar and Ganesh Kumar T. Hyperparameter Tuning in Deep Learning-Based Image Classification to Improve Accuracy using Adam Optimization [J]. Int J Performability Eng, 2023, 19(9): 579-586.
[3]	Shobhanam Krishna and Sumati Sidharth. AI-Powered Workforce Analytics: Maximizing Business and Employee Success through Predictive Attrition Modelling [J]. Int J Performability Eng, 2023, 19(3): 203-215.
[4]	Yihao Li, Pan Liu, W. Eric Wong, Nicholas Chau, and Chih-Wei Hsu. Alternative Ranking Distance Metrics for Fault-Focused Clustering in Parallel Fault Localization [J]. Int J Performability Eng, 2023, 19(10): 633-643.
[5]	Uma Maheshwar Janniekode, Rajendra Prasad Somineni, and C.D. Naidu. Design and Performance Analysis of 6T SRAM Cell in Different Technologies and Nodes [J]. Int J Performability Eng, 2021, 17(2): 167-177.
[6]	Yong Wang, SanMing Liu, Jun Li, Xiangyu Cheng, and Wan Zhou. Lightweight Fault Localization using Weighted Dynamic Control Flow Subgraph [J]. Int J Performability Eng, 2020, 16(2): 214-222.
[7]	Chenyang Zhao, and Junling Wang. Service Recommendation Model based on Rating Matrix and Context-Embedded LSTM [J]. Int J Performability Eng, 2019, 15(9): 2432-2441.
[8]	Sixin Tang. Combining Stochastic Grammar and Semi-Supervised Learning Techniques to Extract RNA Structures with Pseudoknots [J]. Int J Performability Eng, 2019, 15(7): 1939-1946.
[9]	Zhao Li, Yi Song, Siwei Zhou, Dongcheng Li, and Peng Chen. Normalization of Notation NCF for Improving Fault Localization [J]. Int J Performability Eng, 2019, 15(7): 1988-1997.
[10]	Chunxiu Li, Jianli Zhao, Qiuxia Sun, Xiang Gao, Guoqiang Sun, and Chendi Zhu. NRSSD: Normalizing Received Signal Strength to Address Device Diversity Problem in Fingerprinting Positioning [J]. Int J Performability Eng, 2019, 15(3): 1033-1044.
[11]	Bingwu Fang, Yong Li, Yong Wang, Xiangyu Cheng, and Zhaohui Xu. Search-based Software Debugging using Weighted Fault Propagation Graphs [J]. Int J Performability Eng, 2019, 15(12): 3179-3186.
[12]	Sa Meng, Peng Sun, Jie Luo, and Han Xu. An Energy Prediction Model for Cloud Data Centers Through Performance Counter [J]. Int J Performability Eng, 2019, 15(11): 2962-2971.
[13]	Ziyuan Wang, Xueyao Li, Yang Li, and Yuqing Dai. Comparing Minimal Failure-Causing Schema and Probabilistic Failure-Causing Schema on Boolean Specifications [J]. Int J Performability Eng, 2019, 15(10): 2709-2717.
[14]	Ying Wang, Yue Ma, Fuzhong Bai, and Pengcheng Liu. Network Delay-Weighted Least Squares Localization Algorithm with Taylor Expansion based on Acoustic Emission [J]. Int J Performability Eng, 2019, 15(1): 209-219.
[15]	Chia-Hao Lee, Chin-Yu Huang, and Tzu-Yang Lin. A Study of Applying Fault-based Genetic-Like Programming Approaches to Automatic Software Fault Corrections [J]. Int J Performability Eng, 2018, 14(9): 2090-2104.